@@ -1015,12 +1015,15 @@ The operating system shall implement mechanisms to reject a user account from lo
The operating system shall implement MI-MMAC.
The operating system shall implement mechanisms to prevent the executables it provides from leaking memory data to unauthorized users through known exploitable microarchitectural side channels (MASCs), such as via the observing the time of cache access for the operations:
The operating system shall implement mechanisms to prevent the executables it provides from leaking memory data to unauthorized users through known exploitable microarchitectural side channels (MASCs), such as via the observing the time of cache access for various operations, for exapmle:
* speculative execution/loads/stores
* branch prediction
* speculative loads/stores
* out-of-order execution
* FIXME more techniques
* shared multithreading resources
* address translation
* memory access patterns
* prefetching
The manufacturer shall document on which platforms the operating system mitigates known MASC leaks.
