Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks

From: Petr Tesařík
Date: Wed Feb 14 2024 - 13:22:28 EST

Next message: Conor Dooley: "Re: [PATCH v2 03/12] dt-bindings: phy: add rockchip usbdp combo phy document"
Previous message: Borislav Petkov: "Re: [PATCH 2/2] RAS: Introduce the FRU Memory Poison Manager"
In reply to: Petr Tesařík: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Next in thread: Dave Hansen: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 14 Feb 2024 06:52:53 -0800
Dave Hansen <dave.hansen@xxxxxxxxx> wrote:

> On 2/14/24 03:35, Petr Tesarik wrote:
> > This patch series implements x86_64 arch hooks for the generic SandBox
> > Mode infrastructure.
>
> I think I'm missing a bit of context here. What does one _do_ with
> SandBox Mode? Why is it useful?

I see, I split the patch series into the base infrastructure and the
x86_64 implementation, but I forgot to merge the two recipient lists.
:-(

Anyway, in the long term I would like to work on gradual decomposition
of the kernel into a core part and many self-contained components.
Sandbox mode is a useful tool to enforce isolation.

In its current form, sandbox mode is too limited for that, but I'm
trying to find some balance between "publish early" and reaching a
feature level where some concrete examples can be shown. I'd rather
fail fast than maintain hundreds of patches in an out-of-tree branch
before submitting (and failing anyway).

Petr T

Next message: Conor Dooley: "Re: [PATCH v2 03/12] dt-bindings: phy: add rockchip usbdp combo phy document"
Previous message: Borislav Petkov: "Re: [PATCH 2/2] RAS: Introduce the FRU Memory Poison Manager"
In reply to: Petr Tesařík: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Next in thread: Dave Hansen: "Re: [PATCH v1 0/8] x86_64 SandBox Mode arch hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]