This the implementation of work discussed in the scope of Mark Nevill's
master's thesis (http://www.barrelfish.org/nevill-master-capabilities.pdf).
The system works roughly as follows:
* Each capability has an owner which is responsible to synchronize operations
that need synchronization in order to preserve system-wide consistency.
* The operations that need synchronization are implemented in the monitors with
synchronization being implemented as broadcasts on the intermon bindings and
called whenever a local capability management invocation returns with the
error message SYS_ERR_RETRY_THROUGH_MONITOR.
* These calls are done as blocking calls to the local monitor.
Newly introduced terminology/concepts:
* Ownership: each capability has an owner that is the leader for operations
that need synchronization.
* Move: the move operation changes the owner of a capability: currently
allowed for capabilities of the types PhysAddr, RAM, and Frame
Known Bugs:
* Some operations that should do capability move operations in the monitors
still transfer the bit-representation of the capability manually instead of
doing a move.
Open Issues:
* FCNodes are not implemented yet
* VNode and DevFrame ownership cannot be moved
projects / barrelfish / commitdiff