At Sat, 09 Apr 2005 22:55:02 +0100, Neal H. Walfield wrote: > To destroy a capability, you'll want to do the same as before except > revoke all capability entries and instead of calling > hurd_cap_obj_resume, call hurd_cap_obj_end. As you'll notice > hurd_cap_obj_end is not yet implemented. It should set OBJ->STATE to > _HURD_CAP_STATE_BLACK a la _hurd_cap_client_end and > _hurd_cap_bucket_end. This is necessary because in, > e.g. manager_demuxer, after looking up the capability entry and > verifying that it is not dead, we wait until OBJ->STATE returns to > _GREEN but don't again check that the entry is not dead.
This is incorrect. We do verify that the object entry is not dead after checking OBJ->STATE (cf. line 284 of bucket-manage-mt.c). As such, we don't need to implement hurd_cap_obj_end as I recommend above; just marking the capability entry as dead is sufficient. Thanks, Neal _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
