| OLD | NEW |
|---|
| 1 ================== | 1 ================== |
| 2 ARM 32-bit Sandbox | 2 ARM 32-bit Sandbox |
| 3 ================== | 3 ================== |
| 4 | 4 |
| 5 Native Client for ARM is a method for running programs---even malicious | 5 Native Client for ARM is a sandboxing technology for running |
| 6 ones---safely, on computers that use 32-bit ARM processors. It's an | 6 programs---even malicious ones---safely, on computers that use 32-bit |
| 7 extension of earlier work on Native Client for x86 processors. This | 7 ARM processors. The ARM sandbox is an extension of earlier work on |
| 8 security is provided with a low performance overhead of about 10% over | 8 Native Client for x86 processors. Security is provided with a low |
| 9 regular ARM code, and as you'll see in this document the sandbox model | 9 performance overhead of about 10% over regular ARM code, and as you'll |
| 10 is beautifully simple, meaning that the trusted codebase is much easier | 10 see in this document the sandbox model is beautifully simple, meaning |
| 11 to validate. | 11 that the trusted codebase is much easier to validate. |
| 12 | 12 |
| 13 As an implementation detail, the Native Client 32-bit ARM sandbox is | 13 As an implementation detail, the Native Client 32-bit ARM sandbox is |
| 14 currently used by Portable Native Client to execute code on 32-bit ARM | 14 currently used by Portable Native Client to execute code on 32-bit ARM |
| 15 machines in a safe manner. The portable bitcode contained in a **pexe** | 15 machines in a safe manner. The portable bitcode contained in a **pexe** |
| 16 is translated to a 32-bit ARM **nexe** before execution. This may change | 16 is translated to a 32-bit ARM **nexe** before execution. This may change |
| 17 at a point in time: Portable Native Client doesn't necessarily need this | 17 at a point in time: Portable Native Client doesn't necessarily need this |
| 18 sandbox to execute code on ARM. Note that the Portable Native Client | 18 sandbox to execute code on ARM. Note that the Portable Native Client |
| 19 compiler itself is also untrusted: it too runs in the ARM sandbox | 19 compiler itself is also untrusted: it too runs in the ARM sandbox |
| 20 described in this document. | 20 described in this document. |
| 21 | 21 |
| (...skipping 872 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 894 ^^^^^^^^^^^^^^ | 894 ^^^^^^^^^^^^^^ |
| 895 | 895 |
| 896 By now you're itching to see the sandbox validator's code and dissect | 896 By now you're itching to see the sandbox validator's code and dissect |
| 897 it. You'll have a disapointing read: at less that 500 lines of code | 897 it. You'll have a disapointing read: at less that 500 lines of code |
| 898 `validator.cc | 898 `validator.cc |
| 899 <http://src.chromium.org/viewvc/native_client/trunk/src/native_client/src/truste
d/validator_arm/validator.cc>`_ | 899 <http://src.chromium.org/viewvc/native_client/trunk/src/native_client/src/truste
d/validator_arm/validator.cc>`_ |
| 900 is quite simple to understand and much shorter than this document. It's | 900 is quite simple to understand and much shorter than this document. It's |
| 901 of course dependent on the `ARMv7 instruction table definition | 901 of course dependent on the `ARMv7 instruction table definition |
| 902 <http://src.chromium.org/viewvc/native_client/trunk/src/native_client/src/truste
d/validator_arm/armv7.table>`_, | 902 <http://src.chromium.org/viewvc/native_client/trunk/src/native_client/src/truste
d/validator_arm/armv7.table>`_, |
| 903 which teaches it about the ARMv7 instruction set. | 903 which teaches it about the ARMv7 instruction set. |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 144253005:
NaCl docs: fix a few more issues with the ARM sandbox documentation. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src