On Fri, 8 Oct 2021 at 23:36, Thomas Hellström <thomas.hellstrom@xxxxxxxxxxxxxxx> wrote: > > This patch series introduces failsafe migration blits. > The reason for this seemingly strange concept is that if the initial > clearing or readback of LMEM fails for some reason, and we then set up > either GPU- or CPU ptes to the allocated LMEM, we can expose old > contents from other clients. Can we enumerate "for some reason" here? This feels like "security" with no defined threat model. Maybe if the cover letter contains more details on the threat model it would make more sense. Dave.