Milestone 4.1
Commission an external security audit of the supervisor, syscall boundary, and GPU isolation layer.
Scope
- Syscall validation (boundary checks, capability enforcement)
- GPU partition isolation (IOMMU configuration, VRAM zeroing, DMA gating)
- Capability system (grant/revoke/restrict correctness)
- Side-channel mitigations (FPU/SSE clearing, IBPB, CR4.TSD)
Context
The supervisor is ~5K LoC with a small attack surface by design. Phase 4 focuses on hardening before multi-vendor GPU support.
Milestone 4.1
Commission an external security audit of the supervisor, syscall boundary, and GPU isolation layer.
Scope
Context
The supervisor is ~5K LoC with a small attack surface by design. Phase 4 focuses on hardening before multi-vendor GPU support.