Introducing a cmp() operation

Bernhard Kauer kauer at
Wed Jun 15 14:35:06 CEST 2005

> The nameserver is not necessarily trusted by C.  If C wants to send
> the capability to B (which it must, to get the mapping hierarchy right),
> then it must be as a reply message.
> Thus B must send the request to C, as C is the trusted system server,
> not A (which B doesn't trust that much).  The required protocol is pretty much
> enforced from start to end given the border conditions (trust
> parameters).

There are two ways how B could get its capability. Either B asks C to give
them, or A asks C to send one (of the capabilities it has from C) to B.

Both operations work out of the box. A and B do not trust each other and C do 
not need a cmp().


More information about the l4-hackers mailing list