TD0798: Static Memory Mapping Exceptions
Publication Date
2023.11.29
Protection Profiles
PP_APP_v1.4
Other References
FPT_AEX_EXT.1.1
Issue Description
The assignment for explicitly-mapped exceptions to ASLR in FPT_AEX_EXT.1.1 permits exceptions in the abstract but does not provide any guidance for what is considered an allowable exception. Additionally, the evaluation activities for this element are written in such a way that no consideration for these exceptions is given.
Resolution
The evaluation activities for FPT_AEX_EXT.1.1 in PP_APP_V1.4 are modified as follows, with green underscored highlighting denoting additions: TSS The evaluator shall ensure that the TSS describes the compiler flags used to enable ASLR when the application is compiled. If any explicitly-mapped exceptions are claimed, the evaluator shall check that the TSS identifies these exceptions, describes the static memory mapping that is used, and provides justification for why static memory mapping is appropriate in this case. Guidance None. Tests The evaluator shall perform either a static or dynamic analysis to determine that no memory mappings are placed at an explicit and consistent address except for any exceptions claimed in the SFR. For these exceptions, the evaluator shall verify that this analysis shows explicit mappings that are consistent with what is claimed in the TSS. The method of doing so varies per platform. For those platforms requiring the same application running on two different systems, the evaluator may alternatively use the same device. After collecting the first instance of mappings, the evaluator must uninstall the application, reboot the device, and reinstall the application to collect the second instance of mappings.
Justification
See issue description. |