The goal of this tree is to have a toolbox of mechanisms and ideas on how to sandbox a kernel. A development tree is used to show the evolution of ideas behind the concept of kernel sandboxing through different strategies. Each strategy has a dedicated directory starting with an introduction to the most basic concept of code retiring in the kernel today, freeing unused kernel code. The rest of the sections expand on this idea for different use cases with different code examples and tools.
Further reading:
- 101_intro/README.md
- 102_retiring/README.md
- 103_iovisor/README.md