> On 3 Nov 2015, at 14:46 , Raymond Jennings <[email protected]> wrote: > > So the kernel itself doesn't actually "own" any capabilities, just does the > bookkeeping and enforcement?
Caps are like keys: they authenticate access. The kernel doesn’t need them for its own purposes. However, our integrity and confidentiality proofs show that the kernel will not on its own access user memory, unless on behalf of a thread who demonstrates that it is authorised by presenting an appropriate caps. Gernot ________________________________ The information in this e-mail may be confidential and subject to legal professional privilege and/or copyright. National ICT Australia Limited accepts no liability for any damage caused by this email or its attachments. _______________________________________________ Devel mailing list [email protected] https://sel4.systems/lists/listinfo/devel
