[$] The sidechannel LSM

<p>Side-channel attacks are a reasonably well-known technique to exfiltrateinformation across security boundaries. Until relatively recently,concerns about these types of attacks were mostly confined to cryptographicoperations, where the target was to extract secrets by observing some sidechannel. But with the advent of Spectre, speculative execution provides anew way to exploit side channels. A new Linux SecurityModule (LSM) is meant to help determine where a side channelmight provide secrets to an attacker, so that aspeculative-execution barrier operation can be performed.