Hi,
I'm having trouble building the manual from the latest genode-manual master:
<use img/genode_labs.pdf> [150] <use img/genode_labs.pdf> [151] <use img/genode_labs.pdf> [152]
! LaTeX Error: File `spec/classes/genode/capability/description.tex' not found.
Type X to quit or <RETURN> to proceed, or enter new name. (Default extension: tex)
Enter file name:
Being unable to build, I instead read the March 9th version of the really excellent manual, and have the following feedback:
- section 3.1.4: Capability delegation through capability invocation
Is there a notion of access rights on capabilities, e.g. read/write/grant as in sel4? If not, it might be good to comment on the design choice.
- 3.2.4: Client-server relationship
Not sure if this is the best place for it, but related to the lifetime of a session, can capabilities be revoked or deleted, and who can perform this action (child/parent/delegatee)? It would be good to have an explanation that is as clear as the one on capability creation and delegation, explaining how a capability is removed from a protection domain.
- 3.4.5: Address-space management
One issue that was not referred to was handling page-faults, which I found is indeed covered in the 'Under the hood' chapter. It would be good to have a forward reference.
I found the sub-section on managed dataspaces a bit unclear, especially the relationship between 'the RM client' and 'the component' in the first case, and 'client', 'RM client' and 'server' in the second case. One (or two) of your excellent diagrams would be really helpful here.
- 3.6.1: Synchronous RPC
This is not clear: "Each IPC server has a corresponding untyped capability that can be used to perform calls to the server using an IPC client object." Perhaps server/client got swapped somewhere?
- 3.6.2: Asynchronous notifications
Even when the server is signalling events to a single trusted client, isn't there a possibility of deadlock that motivates the need for asynchronous notifications?
- 6.2.6: Assigning subsystems to CPUs
At the end of the section, I thought the upper-left CPU would be at position (0,8) instead of (4,0). Perhaps a diagram could help, or the existing diagram showing affinity for nested inits could be reused for this example.
Hope this is useful.
--prashanth