[$] Containers and address space separation

James Bottomley began his talk at the 2019 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM) by noting that the main opposition to his ideaswas not present at the summit, which was likely to mean the ideas got a mucheasier reception than they would have otherwise. In particular, PeterZijlstra and Ingo Molnar expressed some strong reservations to the workthat Bottomley's colleague Mike Rapoport postedrecently; none of those three were in attendance at LSFMM. The idea is touse address spaces to reduce the attack surface available to virtualmachines (VMs) and containers such that kernel bugs of various sorts haveless reach on multi-tenant systems.