native_client_sdk/src/doc/reference/sandbox_internals/index.rst - Issue 336563003: NaCl SDK doc: Recover sandbox internal doc for x86-64

Side by Side Diff: native_client_sdk/src/doc/reference/sandbox_internals/index.rst

Issue 336563003: NaCl SDK doc: Recover sandbox internal doc for x86-64 (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « native_client_sdk/src/doc/_book.yaml ('k') | native_client_sdk/src/doc/reference/sandbox_internals/x86-64-sandbox.rst » ('j') | native_client_sdk/src/doc/reference/sandbox_internals/x86-64-sandbox.rst » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 .. _sandbox-internals-index:	1 .. _sandbox-internals-index:

2	2

3 #################	3 #################

4 Sandbox Internals	4 Sandbox Internals

5 #################	5 #################

6	6

7 The sandbox internals documentation describes implementation details for	7 The sandbox internals documentation describes implementation details for

8 Native Client sandboxing, which is also used by Portable Native	8 Native Client sandboxing, which is also used by Portable Native

9 Client. These details can be useful to reimplement a sandbox, or to	9 Client. These details can be useful to reimplement a sandbox, or to

10 write assembly code that follows sandboxing rules for Native Client	10 write assembly code that follows sandboxing rules for Native Client

11 (Portable Native Client does not allow platform-specific assembly code).	11 (Portable Native Client does not allow platform-specific assembly code).

12	12

13 As an implementation detail, the Native Client sandboxes described here	13 As an implementation detail, the Native Client sandboxes described here

14 are currently used by Portable Native Client to execute code on the	14 are currently used by Portable Native Client to execute code on the

15 corresponding machines in a safe manner. The portable bitcode contained	15 corresponding machines in a safe manner. The portable bitcode contained

16 in a pexe is translated to a machine-specific nexe before	16 in a pexe is translated to a machine-specific nexe before

17 execution. This may change at a point in time: Portable Native Client	17 execution. This may change at a point in time: Portable Native Client

18 doesn't necessarily need these sandboxes to execute code on these	18 doesn't necessarily need these sandboxes to execute code on these

19 machines. Note that the Portable Native Client compiler itself is also	19 machines. Note that the Portable Native Client compiler itself is also

20 untrusted: it too runs in a Native Client sandbox described below.	20 untrusted: it too runs in a Native Client sandbox described below.

21	21

22 Native Client has sandboxes for:	22 Native Client has sandboxes for:

23	23

24 * :ref:`ARM 32-bit <arm-32-bit-sandbox>`.	24 * :ref:`ARM 32-bit <arm-32-bit-sandbox>`.

25 * x86-32: the original design is described in `Native Client: A Sandbox	25 * x86-32: the original design is described in `Native Client: A Sandbox

26 for Portable, Untrusted x86 Native Code	26 for Portable, Untrusted x86 Native Code

27 <http://research.google.com/pubs/archive/34913.pdf>`_, the current	27 <http://research.google.com/pubs/archive/34913.pdf>`_, the current

28 design has changed slightly since then.	28 design has changed slightly since then.

29 * x86-64: the original design is described in `Adapting Software Fault	29 * :ref:`x86-64 <x86-64-sandbox>`: the original design is described in

30 Isolation to Contemporary CPU Architectures	30 `Adapting Software Fault Isolation to Contemporary CPU Architectures

31 <http://research.google.com/pubs/archive/35649.pdf>`_, the current	31 <http://research.google.com/pubs/archive/35649.pdf>`_, the current

32 design has changed slightly since then.	32 design has changed slightly since then.
	JF 2014/06/12 20:00:46 The link to the research paper is already in the d The link to the research paper is already in the document you ported, so this section should only have the <x86-64-sandbox> link that you added. hamaji 2014/06/13 04:08:18 Done. Show quoted text On 2014/06/12 20:00:46, JF wrote: > The link to the research paper is already in the document you ported, so this > section should only have the <x86-64-sandbox> link that you added. Done.
33 * MIPS32, described in the `overview of Native Client for MIPS	33 * MIPS32, described in the `overview of Native Client for MIPS

34 <https://code.google.com/p/nativeclient/issues/attachmentText?id=2275&aid=2275 0018000&name=native-client-mips-0.4.txt>`_,	34 <https://code.google.com/p/nativeclient/issues/attachmentText?id=2275&aid=2275 0018000&name=native-client-mips-0.4.txt>`_,

35 and `bug 2275	35 and `bug 2275

36 <https://code.google.com/p/nativeclient/issues/detail?id=2275>`_.	36 <https://code.google.com/p/nativeclient/issues/detail?id=2275>`_.

OLD	NEW