On Fri, Jul 12, 2019 at 06:37:47PM +0200, Alexandre Chartre wrote: > On 7/12/19 5:16 PM, Thomas Gleixner wrote: > > Right. If we decide to expose more parts of the kernel mappings then that's > > just adding more stuff to the existing user (PTI) map mechanics. > > If we expose more parts of the kernel mapping by adding them to the existing > user (PTI) map, then we only control the mapping of kernel sensitive data but > we don't control user mapping (with ASI, we exclude all user mappings). > > How would you control the mapping of userland sensitive data and exclude them > from the user map? Would you have the application explicitly identify sensitive > data (like Andy suggested with a /dev/xpfo device)? To what purpose do you want to exclude userspace from the kernel mapping; that is, what are you mitigating against with that?
