Introducing a cmp() operation
Bernhard Kauer
kauer at os.inf.tu-dresden.de
Wed Jun 15 14:35:06 CEST 2005
> The nameserver is not necessarily trusted by C. If C wants to send
> the capability to B (which it must, to get the mapping hierarchy right),
> then it must be as a reply message.
> Thus B must send the request to C, as C is the trusted system server,
> not A (which B doesn't trust that much). The required protocol is pretty much
> enforced from start to end given the border conditions (trust
> parameters).
There are two ways how B could get its capability. Either B asks C to give
them, or A asks C to send one (of the capabilities it has from C) to B.
Both operations work out of the box. A and B do not trust each other and C do
not need a cmp().
Bernhard
More information about the l4-hackers
mailing list