Things to be addressed, at some point, or at least before releasing version 1.0
(tagged with [v1.0]). Otherwise unsorted, unprioritized, likely incomplete.

x86 support
  - AMD interrupt remapping support
  - power management [v1.0]
    - block
    - allow per cell (managing inter-core/inter-cell impacts)
  - NMI control/status port - moderation or emulation required? [v1.0]
  - whitelist-based MSR access [v1.0]
  - CAT enhancements
    - add support for CDP (code/data L3 partitioning)
    - add support for L2 partitioning (-> Apollo Lake), including accurate
      modeling of the partitioning scope (affected CPUs)

ARM support
  - v7 (32-bit)
    - analyze cp15 system control registers access, trap critical ones
  - v8 (64-bit)
    - check if we need arch_inject_dabt
    - analyze system constrol registers access, specifically regarding cache
      maintenance and side effects on neighboring cores
    - GICv3 support
  - common (v7 and v8)
    - System MMU support
    - runtime selection of GICv2 vs. v3
    - re-evaluate IRQ priorities for GIC emulation and possibly add support
    - properly reset interrupts on cell reset or reassignment
    - support for big endian? (depends on relevant targets)
      - infrastructure to support BE architectures (byte-swapping services)
      - usage of that infrastructure in generic subsystems
      - specific BE support for first target

Configuration
 - review of format, rework of textual representation
 - refactor config generator
    - better internal structure, also to prepare non-x86 support
    - move into Python module, for reuse by multiple helper scripts
 - enhance config generator
    - confine the created root cell config to the essentially required
      resources (e.g. PCI BARs)
    - generate non-root cell configs
    - add knowledge base about resource access rules that need manual review or
      configurations that are known to be problematic (e.g. INTx sharing
      between cells)

Setup validation
  - check integrity of configurations
  - check integrity of runtime environment (hypervisor core & page_pool,
    probably just excluding volatile Linux-related state variables)
    - pure software solution (without security requirements)
    - Intel TXT support? [WIP: master thesis]
    - secure boot?
  - check for execution inside hypervisor, allow only when enabled in config
  - clear memory regions before reassignment to prevent information leaks?

Inter-cell communication
  - finalize and specify shared memory device [v1.0]
    - 3 types of regions (r/w both, r/w local, r/o local)
    - unprivileged MMIO register region (UIO-suitable)
    - fast-path for checking remote state (vmexit-free)
    - clarify: "ivshmem 2.0" or own device (with own IDs)
  - specify virtual Ethernet protocol [v1.0]
  - specify and implements virtual console protocol
  - upstream Linux drivers

Testing
  - unit tests
  - system tests, also in QEMU/KVM, maybe using Lava + Fuego

Inmates
  - reusable runtime environment for cell inmates
    - skeleton in separate directory
    - inter-cell communication library
  - port free small-footprint RTOS to Jailhouse bare-metal environment
    - RTEMS upstream support
    - Zephyr?
  - upstream Linux support
    - x86 patches
    - removable generic PCI host controller
    - discuss remaining patches (export __boot_cpu_mode, CONFIG_PCI_DOMAINS)

Hardware error handling
  - MCE processing + managed forwarding [v1.0]
  - PCI AER
  - APEI
  - Thermal
  - ...

Monitoring
  - report error-triggering devices behind IOMMUs via sysfs
  - cell software watchdog via comm region messages
    -> time out pending comm region messages and kill failing cells
       (includes timeouts of unanswered shutdown requests)