Capability replicate/split/destroy/grant working for test0 ipc.

Implemented a protocol between a client and its pager to
request and get a capability to ipc to another client of the pager.

Pager first ensures the request is valid from its client.
It then tries to use a greater capability that it possesses, to
produce a new capability that the client requested. Once the kernel
validates the correct one and replicates/reduces it to client's
need, it grants it to the client.

include/l4/api/capability.h

@@ -14,6 +14,7 @@
 #define CAP_CONTROL_REPLICATE		0x00000005
 #define CAP_CONTROL_SPLIT		0x00000006
 #define CAP_CONTROL_DEDUCE		0x00000007
+#define CAP_CONTROL_DESTROY		0x00000008
 
 #define CAP_SHARE_MASK			0x00000003
 #define CAP_SHARE_SINGLE		0x00000001

include/l4/generic/cap-types.h

@@ -108,6 +108,7 @@
 #define CAP_CAP_REPLICATE	(1 << 3)
 #define CAP_CAP_SPLIT		(1 << 4)
 #define CAP_CAP_DEDUCE		(1 << 5)
-#define CAP_CAP_MODIFY		(CAP_CAP_SPLIT | CAP_CAP_DEDUCE)
-
+#define CAP_CAP_DESTROY		(1 << 6)
+#define CAP_CAP_MODIFY		(CAP_CAP_DEDUCE | CAP_CAP_SPLIT \
+				 | CAP_CAP_DESTROY)
 #endif /* __CAP_TYPES_H__ */

include/l4/generic/capability.h

@@ -99,6 +99,13 @@ static inline void cap_list_insert(struct capability *cap,
 	clist->ncaps++;
 }
 
+static inline void cap_list_remove(struct capability *cap,
+				   struct cap_list *clist)
+{
+	list_remove(&cap->list);
+	clist->ncaps--;
+}
+
 /* Detach a whole list of capabilities from list head */
 static inline struct capability *
 cap_list_detach(struct cap_list *clist)
@@ -141,6 +148,8 @@ struct capability *cap_list_find_by_rtype(struct cap_list *clist,
 					  unsigned int rtype);
 struct capability *cap_find_byid(l4id_t capid);
 
+int cap_find_destroy(l4id_t capid);
+
 /* Capability checking on system calls */
 int cap_map_check(struct ktcb *task, unsigned long phys, unsigned long virt,
 		  unsigned long npages, unsigned int flags);