Post Syndicated from original https://lwn.net/Articles/919683/

Speculative-execution vulnerabilities come about when the CPU, while executing
speculatively, is able to access memory that would otherwise be denied to
it. Most of these vulnerabilities would go away if the CPU were always
constrained by the established memory protections. An obvious way to fix
these problems would be to make CPUs behave that way, but doing that
without destroying performance is not an easy task. So, instead, Intel
has developed a feature called “linear address-space separation” (LASS) to
paper over parts of the problem; Yian Chen has posted a
patch set adding support for this feature.