1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
The problem is the following:
- A process which wants to perform I/O is not going to have access to its own
vspace and page capabilities for security reasons
- But the driver which fulfills its I/O request will need to be able to map
those pages to perform the I/O
- How do we look up the pages and pass them to the driver?
- Answer: I/O proxy objects managed by the top-level system process
OPENING FILES
=============
PROC A SYSTEM FILESYSTEM DRIVER
------ ------ -----------------
load proc A
create fs capability instance
w/associated process
start proc A
fs::open(path) => open file
looks up process <= create proxy
creates proxy object
return =>
<= return proxy
use file
USING FILES
===========
PROC A SYSTEM FILESYSTEM DRIVER
------ ------ -----------------
io::read(buf) => look up page caps
io::read{pages...}(buf) => map pages
perform read
unmap pages(?)
<= return <= return