The restricted room is the part of the machine behind the protection. Memory reads are not checked at the tine access. They are checked when the instruction retires.

On intel* this isn’t a property intrinsic to superscalar processors, other architectures check it in flight or while it’s in the issue queue, preventing this side channel.

You can call into the kernel.

edit: s/call into/trigger a syscall/

You don't even need to do that for meltdown.