TD0247: FPT_VDP_EXT.1 Clarification for Assurance Activity
In the Assurance Activity, parts of the documentation requirements are unclear.
08/21/2019: This TD has been superseded by TD0443.
The assurance activity for FPT_VDP_EXT.1 in PP_BASE_VIRTUALIZATION_V1.0. is modified (bold text) as follows:
Parameters passed from Guest VMs to virtual device interfaces are thoroughly validated and all illegal values (as specified in the TSS) are rejected. Additionally, parameters passed from Guest VMs to virtual device interfaces are not able to degrade or disrupt the functioning of other VMs, the VMM, or the Platform. Thorough testing and architectural design reviews have been conducted to ensure the accuracy of these claims, and there are no known design or implementation flaws that bypass or defeat the security of the virtual device interfaces.
This change clarifies that for this SFR the Guest-to-VMM interface must be documented only at the virtual I/O port level. Interfaces internal to the VS need not be documented for this SFR to be met.