Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Right, but the abstraction later for Treble is the HAL boundary and not the syscall boundary. The seccomp filter is unrelated and IIRC relatively permissive.


Syscalls are not part of the NDK stable APIs contract, so although seccomp isn't as extensive as it might be, there are zero guarantees about blocking further syscalls.


Nothing you need to write a driver is part of the NDK stable API contract either. They're orthogonal concepts.


Sure, however we are speaking about general purpose access to syscalls from user space here.

Only Android OEMs get to publish drivers.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: