Toybox component

The Toybox component is an implementation of the toybox command line tool adapted to work in KasperskyOS.

Contents of the Toybox component:

Executable file /opt/KasperskyOS-Community-Edition-<platform>-<version>/sysroot-*-kos/bin/terminal_uart_entity
Formal specification files named Terminal.edl and Terminal.idl and the header files generated from them, Terminal.edl.h and Terminal.idl.h, which are located in the directory /opt/KasperskyOS-Community-Edition-<platform>-<version>/sysroot-*-kos/include/kl
Static library /opt/KasperskyOS-Community-Edition-<platform>-<version>/sysroot-*-kos/lib/libtoybox.a

Important! The Toybox component is experimental and subject to limitations described below. The component is available to users for testing purposes and for providing feedback.

The functionality of the Toybox component in KasperskyOS has the following differences from the implementation of the toybox tool in Linux due to the architectural features of KasperskyOS and its security policies:

A limited set of commands is supported (the list is provided in the table below).
Some commands have limited functionality compared to the original version (marked with an asterisk * in the table below).
Some commands have their own implementation that replaces the original version (marked with two asterisks ** in the table below).

Commands supported by the Toybox component

`[`	`df*`	`file*`	`jobs**`	`mountpoint*`	`reboot**`	`strings`	`uptime*`
`base64*`	`dirname`	`find*`	`kill**`	`mv*`	`reset`	`tail*`	`wc`
`basename`	`dmesg**`	`fmt`	`link`	`nl`	`rm`	`test`	`xxd`
`cat*`	`du*`	`free**`	`ln*`	`od`	`rmdir`	`top**`	`yes`
`chmod`	`echo`	`getopt*`	`ls*`	`patch*`	`sed*`	`touch*`	`zcat`
`clear`	`egrep`	`grep*`	`lsblk**`	`ping**`	`seq`	`true`
`cmp`	`env`	`gunzip*`	`lspcie**`	`printf`	`sleep`	`truncate`
`comm`	`exec**`	`head`	`lsusb**`	`pwd*`	`sort*`	`uname*`
`cp*`	`false`	`help`	`md5sum*`	`readelf*`	`split`	`uniq`
`date*`	`fgrep`	`hexedit`	`mkdir`	`readlink`	`stat*`	`unlink`

Commands with limited functionality in the Toybox component

Command	Unsupported command options and other limitations
`base64`	`[-i]`
`cat`	`[-etuv]`
`cp`	`[-adFHLlnRsv]`
`date`	`[-s]` The value of the TZ environment variable is ignored.
`df`	`[-aHhikP] [-t TYPE]`
`du`	`[-abcHKkLlmsx] [-d N]`
`file`	`[-bs]`
`find`	Unsupported search filters: `-user UNAME` `-nouser` `-group GROUP` `-nogroup` `-prune` `-xdev` `-links N` `-empty` `-atime N[u]` `-ctime N[u]` `-mtime N[u]` `-inum N` `-context PATTERN` `-newer FILE` `-executable` `-readable` `-depth` `-mindepth N` Search filters were added: `-lname PATTERN` `-ilname` Unsupported actions: `-print0` `-exec` `-execdir` `-ok` `-okdir` `-delete`
`getopt`	`[-a]`
`grep`	`[-ft] [-MS PATTERN]`
`gunzip`	`[-ft]`
`ln`	`[-v]`
`ls`	`[-HLghns] [--color[=auto]]`
`md5sum`	`[-b]` Hashes are not calculated based on SHA algorithms.
`mountpoint`	`[-qdx]` Operations with devices are not supported.
`mv`	`[-FTvx] [-t TARGET]`
`patch`	`[-Rlsuv] [-d DIR] [-i FILE] [-p DEPTH] [-F FUZZ]`
`pwd`	`[-L]`
`readelf`	`[-A]`
`sed`	`[-i]`
`sort`	`[-bdiMsVz]`
`stat`	`[-tfL]`
`tail`	`[-fFs]`
`touch`	`[-h]`
`uname`	`[-m]`
`uptime`	`[-ps]` Data on the number of active users and the average system load are not provided.

Commands with their own custom implementation in the Toybox component

Command	Command details
`dmesg`	Purpose Displays diagnostic messages from the KasperskyOS kernel generated when the system is loaded and running. Syntax `dmesg` Options N/A
`exec`	Purpose Starts a process from an executable file using the `StartEntity()` function of the IApplicationController interface of the ExecutionManager component. Syntax `exec [--bg] [--eiid <className>] [--name <taskName>] <fileName> [--<arguments>…]` Options `--bg` Starts a process in the background. After starting a process in the background, the terminal will display the ID of the running process enclosed in square brackets. `--eiid <className>` Process class name. Unless otherwise specified, the name `exec_app.ExecApp` will be used. `--name <taskName>` Process name. If not specified, the process class name is used. `fileName` Executable file name. `--<arguments>` Command line arguments to be passed to the started process.
`free`	Purpose Displays data on physical memory based on the values of performance counters: Installed physical memory (`total`) Used memory, calculated as the difference between installed memory and free memory, shared memory and memory with the "execution access" attribute (`used = total - free - shmem - exsize`) Free physical memory (`free`) Physical memory used as shared memory (`shmem`) Physical memory with the "execution access" attribute (`exsize`) Syntax `free [-bkmg]` Options `-bkmg` Display values in bytes/kilobytes/megabytes/gigabytes.
`jobs`	Purpose Displays data on background processes obtained using the `GetApplicationState()` function of the IStateProvider interface of the ExecutionManager component in the following format: [`<jobNumber>`] `<taskName>`: `<state> [`ExitCode=`<exitCode>]` Where: `jobNumber` – process ID `taskName` – process name `state` – process state `exitCode` – return code for the process if the process stopped on its own (including after receiving a signal to stop) For example: `[1] DemoSuccess.3: Completed ExitCode=0` Syntax `jobs` Options N/A
`kill`	Purpose Stops background processes that were previously started by the `exec` command using the `StopEntity()` function of the IApplicationController interface of the ExecutionManager component. Syntax `kill jobNumber1 [jobNumber2...]` Options `jobNumber<N>` Process ID that can be obtained by using the `jobs` or `exec` commands (if `exec` was called with the `--bg` option).
`lsblk`	Purpose Displays a list of detected block devices in the following format: `<idx> <devName>` hw:`<hwName> <{present\|absent}>`, `<{removable\|non-removable}>` [`<blockCount>` * `<blockSize>` bytes] `<flags>` Where: `idx` – device index in the list `devName` – device name `hwName` – name of the driver that facilitates operation of the device `present\|absent` – device state: `present` (available) or `absent` (not available) `removable\|non-removable` – device type: `removable` or `non-removable` [`<blockCount>` * `<blockSize>` bytes] – device size in bytes, defined as the result of multiplying `blockCount` (the number of blocks on the device) by `blockSize` `flags` – additional device attributes: `raw` (raw device), `ro` (read-only), `rw` (read and write), `(partition)` (disk partition) For example: `1 SDv2 hw:pl181-sd present, non-removable [522240 * 512 bytes] rw (partition)` Syntax `lsblk` Options N/A
`lspcie`	Purpose Displays data about PCIe devices detected on the hardware platform. For each PCIe device, the following is indicated: Device address in the following format: `<segment>:<bus>:<device>.<function>` `segment` – device segment number in hexadecimal format `bus` – PCIe bus number in hexadecimal format `device` – device number on the bus in hexadecimal format `function` – device function number in hexadecimal format Vendor and device identifiers in the following format: `vendorId: <vID>, deviceId: <dID>` `vID` – vendor ID in hexadecimal format `dID` – device ID in hexadecimal format Device class and its subclasses in the following format: `class: <class>, subclass: <subc>, interface: <intr>, revision: <rev>` `class` – device class code in hexadecimal format `subc` – device subclass code in hexadecimal format `intr` – software interface code in hexadecimal format `rev` – device revision number in hexadecimal format Interrupts in the following format: `IRQ: <irq>, pin: <pin>, mode: <mode>` `irq` – interrupt line number `pin` – interrupt pin number `mode` – interrupt mode in hexadecimal format List of base address registers (BAR) in the following format: `BAR<N>: <type> <{prefetchable`\|`non-prefetchable}> @ <start> - <end>` `N` – BAR number `type` – BAR type: `IO` (I/O port), `MEM32` (32-bit memory), `MEM64` (64-bit memory) `prefetchable`\|`non-prefetchable` – BAR properties: `prefetchable` (supports preloading data into the cache), `non-prefetchable` (does not support preloading data into the cache) `start` – BAR start address `end` – BAR end address Syntax `lspcie` Options N/A
`lsusb`	Purpose Displays a list of USB devices detected on the hardware platform in the following format: `<N> <devName>`: `<bus>/<addr>/<bus_idx>` <`<vendor> <product>`> cfg`<cfg_idx>` (cnt=`<cfgN>`) Where: `N` – serial number of the device in the list `devName` – device name `bus` – USB bus number `addr` – device address on the USB bus `idx` – device index `vendor` – name of the device manufacturer `product` – product name `cfg_idx` – device configuration index `cfgN` – device configuration number Syntax `lsusb` Options N/A
`ping`	Purpose Checks network connections via ICMP requests. Syntax `ping [-c <count>] host` Options `-c <count>` Number of sent packets. `host` Target network host specified by IP address or domain name.
`reboot`	Purpose Restarts the hardware platform using the KnHalResetSystem() function. Syntax `reboot` Options N/A
`top`	Purpose Displays data on processes: `PID` – process ID. `PPID` – ID of the parent process. `PR` – process priority. `S` – process state: `R` (running), `S` (blocked) or `T` (terminated but not deleted), `U` (not initialized). `THR` – number of threads in the process. `VMEM` – size of process virtual memory, in memory pages. `PMEM` – size of physical memory used by the process, in memory pages. `VSHR` – size of process virtual memory mapped to shared physical memory, in memory pages. `TIME` – total uptime of all processors used for execution of the defined process (in nanoseconds). `TIME` – total uptime of all processors used for execution of the defined process in user mode (in nanoseconds). `NAME` – process name. `PATH` – name of the executable file in ROMFS from which the process was started. Syntax `top [-h] [-a] [-f <format>]` Options `-h` Help text. `-a` Additional information about processes (PR and UTIME). `-f <format>` Output format. Detailed information about the output format is specified in the Help text (option `-h`).

Page top