mmolloy/Cognition-OS
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Cognition-OS/linux/mapping.md
deamonkai a59d4b6515 Framework design upload
2026-02-08 07:53:24 -06:00

468 B
Raw Permalink Blame History

Linux mapping notes (draft)

Isolation domains

  • namespaces (pid, net, mount, user) + cgroups.

Capabilities / sandbox

  • seccomp for syscall filtering
  • LSM (AppArmor/SELinux/Landlock) for policy enforcement
  • ambient capabilities should be avoided; prefer explicit capability passing.

Eventing

  • epoll + structured logs
  • optional auditd hooks

Resource control

  • cgroups for CPU/memory/IO
  • accelerator scheduling will depend on driver/runtime stack
Reference in New Issue View Git Blame Copy Permalink