[$] Strengthening user-space Spectre v2 protection

The Spectre variant 2 vulnerability allows the speculative execution ofincorrect (in an attacker-controllable way) indirect branch predictions,resulting in the ability to exfiltrate information via side channels. The kernel hasbeen reasonably well protected against this variant since shortly after itsdisclosure in January. It is, however, possible for user-space processesto use Spectre v2 to attack each other; thus far, the mainline kernel hasoffered relatively little protection against such attacks. A recent proposalfrom Jiri Kosina may change that situation, but there are still somedisagreements around the details.