Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks

From: Edgecombe, Rick P
Date: Wed Feb 14 2024 - 13:16:20 EST

Next message: Mark Rutland: "Re: [PATCH v2] arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata"
Previous message: Conor Dooley: "Re: [PATCH 0/4] Fix vendor strings on Rockchip boards"
In reply to: Petr Tesařík: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Next in thread: Petr Tesařík: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2024-02-14 at 17:41 +0100, Petr Tesařík wrote:
> Second, a sandbox can run unmodified kernel code and interact
> directly
> with other parts of the kernel. It's not really possible with this
> initial patch series, but the plan is that sandbox mode can share
> locks
> with the kernel.
>
> Third, sandbox code can be trusted for operations like parsing keys
> for
> the trusted keychain if the kernel is locked down, i.e. when even a
> process with UID 0 is not on the same trust level as kernel mode.

What use case needs to have the sandbox both protected from the kernel
(trusted operations) and non-privileged (the kernel protected from it
via CPL3)? It seems like opposite things.

Next message: Mark Rutland: "Re: [PATCH v2] arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata"
Previous message: Conor Dooley: "Re: [PATCH 0/4] Fix vendor strings on Rockchip boards"
In reply to: Petr Tesařík: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Next in thread: Petr Tesařík: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]