[epynonymous]

i didnt see this posed in the comments, but it was certainly tops on my mind. is this the same issue for linux kernel?

[petee]

If they are using Hyper Threading, then yes, unless they already have a different architecture:

"We really should not run different security domains on different processor threads of the same core. Unfortunately changing our scheduler to take this into account is far from trivial."

[aade]

The (recent) SPARC Hypervisor does a fair job at this. Fujitsu has an interesting implementation. But it would be conceivably difficult to do this with time sharing on Intel chips without exposing side channels. That kind of control should be supervisory and in control of the chip. I haven’t yet seen that on Intel, but I’ve heard there are some hardware manufacturers that are looking to do something like that.