Separate Storage example

The Separate Storage example demonstrates use of the Distrustful Decomposition pattern to separate data storage for trusted and untrusted applications.

Example architecture

The Separate Storage example contains two user programs: UserManager and CertificateManager.

These programs work with data located in the corresponding files:

The UserManager program works with data from the userlist.txt file.
The CertificateManager program works with data from the certificate.cer file.

Each of these programs uses its own instance of the VFS program to access a separate file system. Each VFS program includes a block device driver linked to an individual logical drive partition. The UserManager program does not have access to the file system of the CertificateManager program, and vice versa.

secure_logger_uml

This architecture guarantees that if there is an attack or error in any of the UserManager or CertificateManager programs, this program will not be able to access any file that was not intended for the specific program's operations.

A security policy in the Separate Storage example has the following characteristics:

The UserManager program has access to the file system only through the VfsUser program.
The CertificateManager program has access to the file system only through the VfsCertificate program.

Example files

The code of the example and build scripts are available at the following path:

/opt/KasperskyOS-Community-Edition-<platform>-<version>/examples/separate_storage

Building and running the example

To run an example on QEMU, go to the directory containing the example, build the example and run the following command:

$ qemu-system-aarch64 -m 2048 -machine vexpress-a15,secure=on -cpu cortex-a57 -nographic -monitor none -smp 4 -nic user -serial stdio -sd build/einit/sdcard0.img -kernel build/einit/kos-qemu-image

See also Building and running examples section.

Preparing the SD card to run on hardware platforms

To run the Separate Storage example on hardware platforms, the following additional actions are necessary:

Create a /lib directory in the SD card boot sector unless one already exists. Copy the contents of the build/hdd/part1/lib directory generated during the build of the example to the /lib directory on the SD card. (If the bootable SD card image is created using the build_sd_image() function, these steps are not required.)
The SD card must contain both a bootable partition with the solution image as well as 2 additional partitions with the ext2 or ext3 file systems.
The first additional partition must contain the userlist.txt file from the ./resources/files/ directory.
The second additional partition must contain the certificate.cer file from the ./resources/files/ directory.

To run the Separate Storage example on hardware platforms, you can use an SD card prepared for running the vfs_extfs example after copying the userlist.txt and certificate.cer files to the appropriate partitions.

Page top