Archived
TD0247: FPT_VDP_EXT.1 Clarification for Assurance Activity
Publication Date
2017.11.29
Protection Profiles
PP_BASE_VIRTUALIZATION_V1.0
Other References
FPT_VDP_EXT.1
Issue Description
In the Assurance Activity, parts of the documentation requirements are unclear. Resolution
08/21/2019: This TD has been superseded by TD0443. The assurance activity for FPT_VDP_EXT.1 in PP_BASE_VIRTUALIZATION_V1.0. is modified (bold text) as follows: Assurance Activity: Parameters passed from Guest VMs to virtual device interfaces are thoroughly validated and all illegal values (as specified in the TSS) are rejected. Additionally, parameters passed from Guest VMs to virtual device interfaces are not able to degrade or disrupt the functioning of other VMs, the VMM, or the Platform. Thorough testing and architectural design reviews have been conducted to ensure the accuracy of these claims, and there are no known design or implementation flaws that bypass or defeat the security of the virtual device interfaces.
Justification
This change clarifies that for this SFR the Guest-to-VMM interface must be documented only at the virtual I/O port level. Interfaces internal to the VS need not be documented for this SFR to be met. |