I followed the early development of the v8 interpreter, but I was distracted by other things and missed the v8.dev/blog/jitless announcement last year. Need to check this out at some point. It would be nice to fully purge the policy exceptions for JIT from the base system.
Conversation
Those SELinux policy changes in GrapheneOS still need to be restored for the current version. In the past, dynamic native code generation/execution via either memory or storage was fully disallowed for everything but the browser sandbox. Can perhaps do better than that now.