[$] Keeping secrets in memfd areas

Back in November 2019, Mike Rapoport madethe case that there is too much address-space sharing in Linuxsystems. This sharing can be convenient and good for performance, but inan era of advanced attacks and hardware vulnerabilities it also facilitatessecurity problems. At that time, he proposed a number of possible changesin general terms; he has now come back with a patchimplementing a couple of address-space isolation options for the memfd mechanism. This work demonstrates thesort of features we may be seeing, but some of the hard work has been leftfor the future.