sel4-capdl-initializer: lazy SC rebind for passive

[dreamliner787-9]

Implements lazy Scheduling Context rebind for passive tasks inside the capDL initialiser.

Solves problems such as seL4/microkit#91

[midnightveil]

Use the let/Some destrucuturing (or match) here rather than is_none() and unwrap.

Also, if we do sc.bind_ntfn(), where is that SC from, if not obj.sc() and does that not imply that it is not none?

[dreamliner787-9]

sc in this context could be the initialiser's SC or the TCB's SC as created from the spec. Binding the Notification to the initialiser's SC wouldn't make sense so that's why I had the if obj.bound_notification().is_none() check.

[midnightveil]

But I'm confused, you then do sc.bind_ntfn(bound_notification_cap)?; next?

[dreamliner787-9]

Wait my bad, in the original comment, sc would be either a Null cap or the TCB's SC as created from the spec.

Regardless, the if obj.sc().is_none() { check will make sure that sc is the TCB's SC.

Then bound_notification_cap is the TCB's Notification cap.

[midnightveil]

Then I think we should be explicit and use let/Some for that as well instead of using the previous sc.

[dreamliner787-9]

Ok sounds good

[midnightveil]

I meant bound_sc here on the next line, not still sc. No point unwrapping to an unused var.

Also, I'd suggest using this variant:

let Some(bound_sc) = obj.sc() else {
   panic!("blah blah");
}

This removes the nested as you add more checks.

(Also, is panic!() the normal way that you do errors in rust-sel4?)