A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
Linux 5.14 add support for core scheduling. Is it possible to add support for core scheduling in nsjail?
My usecase is that I potentially have multiple nsjail instances running concurrently and I don't want those two instances be scheduled on the same core for security reasons.
https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.14-Core-Scheduling
Linux 5.14 add support for core scheduling. Is it possible to add support for core scheduling in nsjail? My usecase is that I potentially have multiple nsjail instances running concurrently and I don't want those two instances be scheduled on the same core for security reasons.