Function sys_cap_revoke 

pub fn sys_cap_revoke(_cap: u64) -> SyscallResult<()>

Revoke a capability and all capabilities derived from it.

Invalidates the specified capability token and performs cascade revocation: all capabilities that were derived from it (via sys_cap_grant or sys_cap_create) are also revoked, recursively. This ensures that once a capability is revoked, no process in the system retains access through that delegation chain.

The generation counter embedded in the capability token is incremented so that any cached references to the revoked token are immediately detected as stale by the kernel’s O(1) capability lookup.

After revocation, any attempt to use the revoked token (or its derivatives) in a syscall will return NotFound.

Arguments

• cap - Capability token to revoke. The caller must hold this capability (or its parent with REVOKE rights).

Returns

• Ok(()) on successful revocation of the capability and all its descendants.

Errors

• SyscallError::NotFound - The capability token is invalid or was already revoked.
• SyscallError::PermissionDenied - The caller does not own the capability and does not hold a parent with REVOKE rights.

Examples

use veridian_kernel::pkg::sdk::syscall_api::{sys_cap_create, sys_cap_grant, sys_cap_revoke};

// Create and grant a capability
let cap = sys_cap_create(0x01 | 0x08).expect("cap_create failed");
sys_cap_grant(cap, 42).expect("cap_grant failed");

// Revoke the capability -- process 42's derived copy is also revoked
sys_cap_revoke(cap).expect("cap_revoke failed");