CSpace #
A CSpace (capability space) stores capabilities. Each CSpace stores a configurable number of capabilities, 2n, where n is provided to Memory::ALLOCATE in the optional size parameter, such that allocating a CSpace with N=8 will create a CSpace which can store 256 capabilities. Upon creation, a CSpace is filled with Null capabilities.
A notable use of a CSpace is its assignment to a Task, which allows that task to invoke operations against capabilities, which is necessary for most tasks to perform useful operations.
Operations #
CSpace::DESTROY #
Destroys a set of capabilities stored in the invoked CSpace. If the destroyed capabilities held the last reference to the underlying kernel object, any associated memory allocations are returned to the original Memory slot.
Parameters #
This operation accepts no parameters.
Capabilities #
| CSlot | Usage | Type | Details |
|---|---|---|---|
| … | In | CAddr | Capabilities to destroy |
Results #
A capability can always be destroyed. No errors are possible outside of the typical cases of addressing invalid cslots.
| Error code | Meaning |
|---|---|
| NONE | Success |
CSpace::COPY #
Copies a capability, either to another slot in the invoked CSpace, or optionally to a second CSpace. The caller may also mask the capability rights to create a copy with reduced permissions.
Parameters #
| Register | Details |
|---|---|
| r0 | Capability rights mask (optional) |
Capabilities #
| CSlot | Usage | Type | Details |
|---|---|---|---|
| 0 | Out | CAddr | Capability slot to store copy, relative to target CSpace |
| 1 | In | Any | Capability to be copied |
| 2 | In | CSpace | Destination CSpace (optional) |
Results #
| Error code | Meaning |
|---|---|
| NONE | Success |
| INVALID_CSLOT | Destination capability is not null |
| UNSUPPORTED | Source capability cannot be copied |
CSpace::MOVE #
Moves a capability from one capability slot to another, optionally moving it to a second CSpace. The usage of this operation is identical to CSpace::COPY, with the only difference being that the original capability is destroyed.
NOTE: This may still return UNSUPPORTED for capabilities that cannot be copied; this limitation will eventually be removed.
CSpace::COPY_FROM #
Copies a capability from the invoked CSpace capability into the calling task’s CSpace.
Parameters #
This operation accepts no parameters.
Capabilities #
| CSlot | Usage | Type | Details |
|---|---|---|---|
| 0 | Out | CAddr | Capability slot to store copy, relative to caller’s CSpace |
| 1 | In | Any | Capability to be copied, relative to the invoked CSpace |
Results #
| Error code | Meaning |
|---|---|
| NONE | Success |
| INVALID_CSLOT | Destination capability is not null |
| UNSUPPORTED | Source capability cannot be copied |
CSpace::MOVE_TO #
Moves a capability from the invoked CSpace into the caller’s CSpace. The usage of this operation is identical to CSpace::COPY_FROM, with the only difference being that the original capability is destroyed.
NOTE: This may still return UNSUPPORTED for capabilities that cannot be copied; this limitation will eventually be removed.
CSpace::STORE_REPLY #
If the caller’s Task posesses a reply capability, move it to the provided capability slot for later use. See the description of the call syscall for details.
Parameters #
This operation accepts no parameters.
Capabilities #
| CSlot | Usage | Type | Details |
|---|---|---|---|
| 0 | Out | CAddr | Capability slot to store the reply capability |
Results #
| Error code | Meaning |
|---|---|
| NONE | Success |
| INVALID_CTYPE | The calling task has no reply capability to store |
| INVALID_CSLOT | Destination capability is not null |
Semantics #
Memory::ALLOCATE #
The size parameter is used to describe the number of slots in a new CSpace, such that slots = 2r1.
Destroy #
When the last reference to a CSpace is destroyed, all of the occupied capability slots in that CSpace are also destroyed.