Alexandre, On Mon, 15 Jul 2019, Alexandre Chartre wrote: > On 7/12/19 9:48 PM, Thomas Gleixner wrote: > > As I said before, come up with a list of possible usage scenarios and > > protection scopes first and please take all the ideas other people have > > with this into account. This includes PTI of course. > > > > Once we have that we need to figure out whether these things can actually > > coexist and do not contradict each other at the semantical level and > > whether the outcome justifies the resulting complexity. > > > > After that we can talk about implementation details. > > Right, that makes perfect sense. I think so far we have the following > scenarios: > > - PTI > - KVM (i.e. VMExit handler isolation) > - maybe some syscall isolation? Vs. the latter you want to talk to Paul Turner. He had some ideas there. > I will look at them in more details, in particular what particular > mappings they need and when they need to switch mappings. > > And thanks for putting me back on the right track. That's what maintainers are for :) Thanks, tglx
