Dubbed SAPM -- or Speculative-Access Protected Memory -- it is the work of Intel STORM (STrategic Offensive Research & Mitigations), a team of security researchers that Intel assembled since 2017 to work on creating mitigations for all the speculative-execution attacks that have impacted the CPU maker's products.
SAPM is only in Intel's heads yet, and there are no silicon prototypes. STORM engineers only released "the theory and possible implementation options" to provide "a ground base for other researchers to improve upon and also for the industry to consider".
Intel STORM researchers say SAPM will implement protections at the hardware level and will work with both physical and virtual memory addresses.
"SAPM can be applied to specific memory ranges, with the attribute that any memory access to such memory type will be instruction-level serialised, meaning that any speculative execution beyond the SAPM-accessing instruction will be stopped pending the successful retirement of this SAPM-accessing instruction,"
Intel STORM researchers say the second part (backend) of most speculative execution attacks performs the same actions. SAPM was designed to introduce hardware-based protections against the backend part of most attacks. It's because of this concept that Intel's research team believes that SAPM will also future-proof the next generations of Intel CPUs against other -- currently undiscovered -- speculative execution attacks.
The boffins don't deny that there's a performance hit but it is low and could be mitigated further by dropping other existing protections.