So if I understand correctly the vulnerability is that they call into the kernel with a syscall intended to protect them from spectre attacks which works, but only once the process has been rescheduled and this syscall doesn’t force the process to be rescheduled. Therefore if you can fit your attack into that short period between the mitigation syscall and the process being taken off the CPU, you can still perform spectre attacks?
So if I understand correctly the vulnerability is that they call into the kernel with a syscall intended to protect them from spectre attacks which works, but only once the process has been rescheduled and this syscall doesn’t force the process to be rescheduled. Therefore if you can fit your attack into that short period between the mitigation syscall and the process being taken off the CPU, you can still perform spectre attacks?