On Mon, May 13, 2019 at 7:39 AM Alexandre Chartre <[email protected]> wrote: > > From: Liran Alon <[email protected]> > > Add the address_space_isolation parameter to the kvm module. > > When set to true, KVM #VMExit handlers run in isolated address space > which maps only KVM required code and per-VM information instead of > entire kernel address space.
Does the *entry* also get isolated? If not, it seems less useful for side-channel mitigation.
