Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

System design

Hermes is designed primarily around the use of capabilities, which represent an unforgeable object which offers its bearer various operations associated with a kernel object, such as a page of memory or an address space.

Capabilities represent rights for various object types, including resources managed by the kernel or IPC objects used to communicate with services and other processes. Capabilities supported by the kernel are enumerated and documented in the Capability API.

The following verbs are associated with capabilities:

  • Send: A send operation sends a message to a capability.
  • Recv: A receive operation receives a message from a capability.
  • Call: A call operation sends a message to a capability and then blocks until a reply is received.
  • Reply: Replying to a call will unblock the sender and deliver the outcome of an operation to it.
  • Invoke: Calling, receiving, or replying are all ways to invoke that capability.
  • Transfer: IPC interactions via endpoints may cause capabilities to be transferred, copying or moving them from one task to another.

A capability resides in a capability slot, or “cslot”. Most capabilities reside in a capability space, or “CSpace”, which provides addressable storage for capability slots.