Expand description
Core capability types for the Oxios capability system.
Capabilities are unforgeable tokens that encode authority over specific resources. An agent’s capability space (CSpace) is the complete set of capabilities it holds.
§Design
Inspired by capability-based security (seL4, Capsicum), each capability binds a set of rights to a specific resource. Capabilities cannot be forged — they are issued by the kernel or by agents with DELEGATE rights.
use oxios_kernel::capability::types::*;
use oxios_kernel::capability::template::CapabilityTemplate;
let cspace = CapabilityTemplate::worker().build();
assert!(!cspace.is_empty());Structs§
- CSpace
- An agent’s capability space: the complete set of capabilities it holds.
- Capability
- An unforgeable token encoding authority over a specific resource.
- Capability
Id - Unique identifier for a capability.
- Rights
- Bit-flag rights encoded in a capability.
Enums§
- Issuer
- Who issued a capability.
- Resource
Ref - A reference to a protected resource.