Skip to main content

Capability

ruvix_types

Struct Capability 

Source 
#[repr(C)]
pub struct Capability {
    pub object_id: u64,
    pub object_type: ObjectType,
    pub rights: CapRights,
    pub badge: u64,
    pub epoch: u64,
}
Expand description

A capability is a kernel-managed, unforgeable access token.

Capabilities follow seL4’s design principles:

  • No syscall succeeds without an appropriate capability handle
  • A task can only grant capabilities it holds, with equal or fewer rights
  • Revoking a capability invalidates all derived capabilities

Fields§

§object_id: u64

Unique identifier for the kernel object.

§object_type: ObjectType

The type of kernel object.

§rights: CapRights

Rights bitmap determining permitted operations.

§badge: u64

Caller-visible identifier for demultiplexing. Allows a task to distinguish between multiple capabilities to the same underlying object.

§epoch: u64

Epoch counter for capability revocation. Invalidated if the object is destroyed or the capability is revoked.

Implementations§

Source§

impl Capability

Source

pub const fn new( object_id: u64, object_type: ObjectType, rights: CapRights, badge: u64, epoch: u64, ) -> Self

Creates a new capability.

Source

pub const fn has_rights(&self, required: CapRights) -> bool

Checks if this capability has the specified rights.

Source

pub fn derive(&self, new_rights: CapRights, new_badge: u64) -> Option<Self>

Creates a derived capability with reduced rights.

Returns None if the requested rights are not a subset of current rights, or if attempting to derive from a GRANT_ONCE capability.

Trait Implementations§

Source§

impl Clone for Capability

Source§

fn clone(&self) -> Capability

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Capability

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl PartialEq for Capability

Source§

fn eq(&self, other: &Capability) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Copy for Capability

Source§

impl Eq for Capability

Source§

impl StructuralPartialEq for Capability

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.