Just spotted a typo: On Tue, 11 Oct 2022 16:40:13 +1100 David Gibson <david(a)gibson.dropbear.id.au> wrote:@@ -59,12 +101,31 @@ void drop_caps(void) } } +/** + * isolate_initial() - Early, config independent self isolation + * + * Should: + * - drop unneeded capabilities + * Musn't: + * - remove filessytem access (we need to access files during setup)filesystem -- Stefano