Demonstrates use of a solution security policy to control IPC interaction between programs.
Example directory in the SDK
The code of the example and build scripts are available at the following path:
/opt/KasperskyOS-Community-Edition-<platform>-<version>/examples/ping
List of programs
Server is an application that implements the Ping() and Pong() methods, which increase the number received from the client by a fixed amount and return the result. Client is an application that calls the Ping() and Pong() methods.KlogEntity is a system program that is responsible for security audits.KlogStorageEntity is a system program that feeds security audit data to standard error.DCM – system program that lets you dynamically create IPC channels.Initialization description
The solution initialization description file named init.yaml is generated during the solution build process based on the ./einit/src/init.yaml.in template. Macros in @INIT_*@ format contained in the template are automatically expanded in the resulting init.yaml file. For more details, refer to init.yaml.in template.
Security policy description
The security.psl file contains the solution security policy description and is generated based on the ./einit/src/security.psl.in template during the solution build process. For more details, refer to "security.psl.in template".
The use declaration is applied to include parts of the solution security policy description into the security.psl.in template by using the following PSL files:
dynld.psl contains the part of the security policy description that is used when dynamically linking the solution components.core.psl contains the part of the security policy description that regulates the interactions of the example ping programs with other system programs (Einit, DCM, VMM) and with the KasperskyOS kernel.The declarations in the PSL files are provided with comments that explain the purpose of these declarations.
The solution security policy in this example allows startup of the KasperskyOS kernel and the Einit program, which is allowed to start all programs in the solution. Queries to the Server program are managed by methods of the Flow security model.
The finite-state machine described in the configuration of the request_state Flow security model object has two states: not_sent and sent. The initial state is not_sent. Only transitions from not_sent to sent and vice versa are allowed.
When the Ping() and Pong() methods are called, the current state of the request_state object is checked. In the not_sent state, only a Ping() call is allowed, in which case the state changes to sent. Likewise, in the sent state, only a Pong() call is allowed, in which case the state changes to not_sent.
Therefore, the Ping() and Pong() methods can be called only in succession.
Resources
The ./resources/xdl/ping directory contains the following files:
Client.edl, Server.edl, KlogEntity.edl, and KlogStorageEntity.edl are EDL descriptions for the example programs.Control.cdl is the CDL description of the ping.Control component.Connection.idl is an IDL description of the ping.Connection package.Operating scenario
Client program establishes a connection to the Server program and attempts to call the Ping() and Pong() methods in the following sequence: alternate between Ping() and Pong() five times, then Ping() twice and Pong() twice.Ping() and Pong() methods are called, the current state of the request_state object tracking the state of the finite-state machine is checked.Ping() is allowed only in the not_sent state.Pong() is allowed only in the sent state.Ping() and the second consecutive Pong()) are blocked by the security policy.Building and running the example
The CMake system, which is included with KasperskyOS Community Edition, is used to build and run the example.
See Building and running examples section.
Page top