Petr Tesarik's Linux blog

View the Project on GitHub ptesarik/

15 December 2023

Plot Twist in the Sandbox Story

by Petr Tesařík

What Happened?

The original plan was to provide at least one in-tree user. However, the minimum implementation was too limited to allow converting any existing code, unless it was so trivial that it made little sense to run it in a sandbox.

So, the patch series kept growing… It is 31 patches now (and counting), they are still not quite fit to make a sensible conversion of existing code, and I can’t be even sure that the whole idea does not get NAKed right away by an influential kernel maintainer.

At this point I had a very fruitful discussion with Huawei’s Roberto Sassu how to get at some results, and most importantly how to get some feedback from the community.

The State

There has been good progress on sandbox mode (SBM) features:

With all the above, I was able to run several decompressors inside a sandbox to verify that the idea works for some real-world workloads.

However, the patch series is too complex for review, and there are still known issues.

The Plan

Instead of making a complete series and converting some existing code, the plan is now to submit a very minimal series to elicit some feedback from the community. This series is essentially just the public API and a trivial “bounce-buffer” implementation. But it is complete. It does include documentation and even a KUnit test case. It hopefully passes internal review at Huawei and will be posted early next week.

Other Random Remarks

You may not know that KUnit test cases can run in QEMU or as user-mode Linux (UML). The latter is the default. Now, my sandbox mode KUnit test suite ran fine when built for x86_64, but UML ran into an infinite loop. It took half a day of debugging. And man, is this code broken!

If interested, see my patches here.

tags: sandbox - kernel