PVF: add landlock sandboxing (#7303) (2b9c4f82) · Commits · parity / Mirrored projects / polkadot-sdk

Commit 2b9c4f82 authored 1 year ago by

Marcin S. Committed by GitHub 1 year ago

PVF: add landlock sandboxing (#7303)


* Begin adding landlock + test

* Move PVF implementer's guide section to own page, document security

* Implement test

* Add some docs

* Do some cleanup

* Fix typo

* Warn on host startup if landlock is not supported

* Clarify docs a bit

* Minor improvements

* Add some docs about determinism

* Address review comments (mainly add warning on landlock error)

* Update node/core/pvf/src/host.rs

Co-authored-by: Andrei Sandu <54316454+sandreim@users.noreply.github.com>

* Update node/core/pvf/src/host.rs

Co-authored-by: Andrei Sandu <54316454+sandreim@users.noreply.github.com>

* Fix unused fn

* Update ABI docs to reflect latest discussions

* Remove outdated notes

* Try to trigger new test-linux-oldkernel-stable job

Job introduced in https://github.com/paritytech/polkadot/pull/7371.

---------

Co-authored-by: Andrei Sandu <54316454+sandreim@users.noreply.github.com>

parent a40417da

Branches

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 445 additions and 95 deletions

Please register or to comment