[seL4] Capability unwrapping

Gernot Heiser gernot at nicta.com.au
Fri Feb 13 07:50:36 EST 2015


On 13 Feb 2015, at 5:55 , Raoul Duke <raould at gmail.com> wrote:
>
>> How many would your application need at most, and more generally speaking, what would you think is a good limit?
>
> I woulda thunk the only reasonable software engineering answer to this
> is: "0, 1, max_int" (or whatever), no? Some other arbitrary value
> (like 6) sure seems a poor design to me.

From the software-engineerin PoV you’re right. But those principles don’t apply at such low-level things like a microkernel. Eg teh number of hardware registers is somewhere in the 1-infinity range, we care about worst-case execution time, and a fundamental microkernel-design principle is to provide the minimum needed, and not more.

There are cases when functionally 2 ≠ 1+1, e.g. when there is a need to do things atomically. But there will be some number >1 which is sufficient for a universal mechanism. This is what we’d like to find.

Gernot

________________________________

The information in this e-mail may be confidential and subject to legal professional privilege and/or copyright. National ICT Australia Limited accepts no liability for any damage caused by this email or its attachments.


More information about the Devel mailing list