Supervisor Memory Protection
SMAP and SMEP is awesome. SMAP uses an EFLAGS bit (AC, set with slac and unset with clac) to control whether the kernel can access user-space pages. Set/unset it in CopyFromUser / CopyToUser. Unset AC in interrupt handlers. User-space can set AC. Use the slac instruction in the interrupt handler and change the IDT offset if it's unsupported. CopyFromUser/fromToUser can be runtime patched with nops in case it's not supported, but they're not super fast on Sortix anyway, might as well branch.
This should be simple to do and well worth it and gives the insurance all memory is properly copied in and out. The features appeared about Sandy Bridge for Intel and Ryzen on AMD.
For more information see https://wiki.osdev.org/Supervisor_Memory_Protection and the Intel Manual and sortie's conversation with geist in #osdev on 2018-01-02.