NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details   TD0615:  Audit generation for hypercalls implemented in HW Publication Date 2022.01.06 Protection Profiles PP_BASE_VIRTUALIZATION_V1.1 Other References Table 2, FAU_GEN.1, FPT_HCL_EXT.1 Issue Description When a hypervisor is implemented in hardware, hypercalls may not be able to generate some audit records. The audit records for these cases need to be changed to selection-based dependent upon if they are generatable. Resolution The audit events for FPT_HCL_EXT.1 in Table 2 in Protection Profile for Virtualization v1.1 are updated as follows: FPT_HCL_EXT.1 [selection: Invalid parameter to hypercall detected., None] Hypercall interface for which access was attempted. FPT_HCL_EXT.1 [selection: Hypercall interface invoked when documented preconditions are not met., None.]   Justification See issue description.