init policy

Initializes the new capability with the specified resource SID.

The list of access rights received by the capability owner is passed in the policy arguments.

Only one capability can be initialized for one resource within an ocap family instance.

Type: call policy

Syntax

init <configuration> (in SID owner, in SID resource,

                                    in Rights rights)

Parameters

owner	Entity that is declared the capability owner.
resource	Link to the resource that will be associated with the object of the capability.
rights	Mask of access rights received by the capability owner.

Policy configuration

<configuration> ::= "{" <type> "}"

<type> ::= "type" ":" <resource-type>

Configuration elements

<type>

Type that will be assigned to the resource. It must match one of the types in the family instance configuration.

Returned value

KSS_GRANT, if the capability was successfully initialized, otherwise KSS_DENY. The capability will not be initialized in the following cases:

• At least one of the specified SIDs is incorrect.
• A resource SID is already associated with a capability.
• For the specified resource type in the ocap family instance configuration, at least one of the transferred access rights is missing.

All specified restrictions apply only within the ocap family instance.

Page top