remove the capability "move" operation

[rottaran]

After talking with other micro-kernel developers, it should not be necessary. It is harmful because it allows to create cyclic dependencies that are very difficult to delete properly. It prohibit some perfomance optimizations during capabilty revocation. It prohibits proxy objects that apear twice in the capability tree: as child of the source memory they where allocated from, and as child of what they are logically child of.

Without "move" an object that was allocated later can never contain the original capability of an object that was allocated earlier.

On application side it can be replaced by indirect target address into other capability maps while allocating new objects. By remapping capability maps, the access right to the original capability can still be moved. Supervisors such as the init process shall never give up control over children they create.

[kubanrob]

Before removing the move operation, we should sort out the following:

• [ ] #104 move the cap pointer guard into the mapping capability
• [ ] allow switching the init process to multi-level cap map
• [ ] rewrite the process manager (#174) to avoid using move

The process manager can serve as the usecase to see if our CapMap functionality is complete enough.