TD0615: Audit generation for hypercalls implemented in HW
Publication Date
2022.01.06
Protection Profiles
PP_BASE_VIRTUALIZATION_V1.1
Other References
Table 2, FAU_GEN.1, FPT_HCL_EXT.1
Issue Description
When a hypervisor is implemented in hardware, hypercalls may not be able to generate some audit records. The audit records for these cases need to be changed to selection-based dependent upon if they are generatable. Resolution
The audit events for FPT_HCL_EXT.1 in Table 2 in Protection Profile for Virtualization v1.1 are updated as follows:
Justification
See issue description. |