The makekss script creates the Kaspersky Security Module.
The script calls the nk-psl-gen-c compiler to generate the source code of the security module and then builds it.
The script creates a security module based on the solution security policy description and the IDL, CDL, and EDL descriptions.
Syntax of the shell command for running the makekss script:
makekss --with-toolchain=<PATH> --with-compile-config=<PATH> --with-nkflags=<FLAGS>
[--with-nk=<PATH>] [--output=<PATH>] [--with-cc=<PATH>] [--depfile=<PATH>]
[-h|--help] <FILE>
Parameters:
FILEPath to the top-level policy description file.
--with-toolchain=<PATH>Path to the directory containing the toolchain files. You must specify the path to the toolchain root directory from the KasperskyOS SDK.
--with-compile-config=<PATH>Path to the file containing the security module build parameters: toolchain/share/ksm-<platform>-kos.kos or toolchain/share/ksm-qemu-<platform>-kos.kos from the KasperskyOS SDK. For example: toolchain/share/ksm-aarch64-kos.kos or toolchain/share/ksm-qemu-aarch64-kos.kos.
--with-nkflags=<FLAGS>Parameters used when calling the nk-psl-gen-c compiler.
The nk-psl-gen-c compiler requires access to all IDL, CDL, and EDL descriptions. To enable the nk-psl-gen-c compiler to find these descriptions, you must pass the paths of these descriptions in the --with-nkflags=<FLAGS> parameter by using the {-I|--include-dir} <DIR> parameter of the nk-psl-gen-c compiler.
--with-nk=<PATH>Path to the nk-psl-gen-c compiler executable file that will be used to generate the source code of the security module. The nk-psl-gen-c compiler from the KasperskyOS SDK is used by default.
--output=<PATH>Path to the created security module file.
--with-cc=<PATH>Path to the C compiler executable file that will be used to build the security module. The C compiler from the KasperskyOS SDK is used by default.
--depfile=<PATH>Path to the file containing data on the security module build dependencies (these are dependencies between the files created by the makekss script and the policy description files). The makekss script creates this file for the CMake build system. The CMake command add_custom_command(), which runs the makekss script, receives the path of the file containing the dependency data through the DEPFILE parameter to ensure that the security module is rebuilt when the policy description files are changed.
-h|--helpPrints the Help text.