Commit d8016dd4 authored by Josh Kunz's avatar Josh Kunz

Add info about libcap's assumptions to the README

parent d6dc6cb7
==library==
libcap
# libcap
==Description==
libcap is a capability management library.
==Purpose==
The main purpose is to provide a capability library which can be used across
libcap is a capability management library. The main purpose is to provide a
capability library which can be used across
different systems. This library will provide functionalities including creating
cspace, adding capabilities to cspace, revoking capabilities from cspace etc.
Basic structure can be like this:
signature dummy_func_add_capability(cspace *, capability1 *, capability2 *, ...);
signature dummy_func_revoke_capability(cspace *, capability1 *);
## External API
The full API is described in [libcap.h](include/libcap.h).
## Assumptions
We assume that for any CDT, an object will only be added to the tree
once, and will never derive from its children (i.e. no loops). A `cap_insert` and
a `cap_grant` should always be a safe operation, only
`cap_derive`s can be invalid.
For example, You can do:
```C
cap_insert(<cspace a>, <cptr a>, <obj a>);
cap_insert(<cspace a>, <cptr b>, <obj b>);
cap_derive(<cspace a>, <cptr a>, <cspace a>, <cptr b>).
```
But you cannot do:
```C
cap_insert(<cspace a>, <cptr a>, <obj a>);
cap_insert(<cspace a>, <cptr b>, <obj b>);
cap_derive(<cspace a>, <cptr a>, <cspace a>, <cptr b>).
// Bad! Can't have loops!
cap_derive(<cspace a>, <cptr b>, <cspace a>, <cptr a>);
```
And you cannot do:
==ToDO==
Further information will be added subsequently.
\ No newline at end of file
```C
cap_insert(<cspace a>, <cptr a>, <obj a>);
cap_insert(<cspace a>, <cptr b>, <obj b>);
cap_derive(<cspace a>, <cptr a>, <cspace a>, <cptr b>).
cap_insert(<cspace a>, <cptr c>, <obj b>
// Bad! Double insert in the same CDT!
cap_derive(<cspace a>, <cptr a>, <cspace a>, <cptr c>)
```
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment