The kernel's direct map provides code running in kernel mode with direct
access to all physical memory installed in the system - on 64-bit systems,
at least. It obviously makes life easier for kernel developers, but the
direct map also brings some problems of its own, most of which are security-related. Interest in removing at least some pages from the direct
map has been simmering for years; a couple of patch sets under
discussion show some use cases for memory that has been removed from the
direct map, and how such memory might be efficiently managed.
https://lwn.net/Articles/1064090/
--- SBBSecho 3.37-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)