Multiple Kernel Address Spaces Restricting kernel mappings is used as a mitigation against speculative attacks like Meltdown with Page Table Isolation (PTI [1]), or L1TF/MDS with KVM Address Space Isolation (KVM ASI [2]). KVM ASI was refactored as Kernel Address Space Isolation [3] to provide a generic kernel framework for ASI, and Thomas Gleixner has indicated that PTI should be implemented using ASI. This work is mostly done and will be submitted as ASI RFC v3 later this month. The on-going work on ASI RFC v3 has highlighted several points I would like to discuss: * Kernel ASI framwork, and refactoring of PTI to use ASI. * Generic TLB flushing mechanism to be used for ASI (and so PTI), and for possible optimization. * Kernel page table management improvement, in particular pagetable creation and population. This is an area that Mike Rapoport is also investigating. ASI RFC v3, which will definitively be available before the MM summit, and Mike Rapoport work on kernel page table management can be used as a base for these discussions. Thanks, alex. --- [1] https://www.kernel.org/doc/html/latest/x86/pti.html [2] ASI RFC v1: https://lore.kernel.org/lkml/1557758315-12667-1-git-send-email-alexandre.chartre@xxxxxxxxxx/ [3] ASI RFC v2: https://lore.kernel.org/lkml/1562855138-19507-1-git-send-email-alexandre.chartre@xxxxxxxxxx/
