Entity descriptions
The ValidPictureClient and NonValidPictureClient entities do not provide functionality to other entities, but are clients that attempt to gain access to methods of the PictureManager entity.
ValidPictureClient.edl
entity defer_to_kernel.ValidPictureClient
NonValidPictureClient.edl
entity defer_to_kernel.NonValidPictureClient
The PictureManager entity is a data repository that contains an implementation of the Get interface, which provides the GetPictures() method for gaining access to data.
PictureManager.edl
entity defer_to_kernel.PictureManager
interfaces {
get : defer_to_kernel.Get
}
Get.idl
package defer_to_kernel.Get
const UInt32 MaxPathSize = 128;
const UInt32 MaxPathNum = 100;
typedef sequence<sequence<UInt8,MaxPathSize>, MaxPathNum> SeqString;
interface
{
GetPictures(out SeqString resultSeq);
}
Init description
init.yaml
entities:
- name: defer_to_kernel.ValidPictureClient
- name: defer_to_kernel.NonValidPictureClient
- name: defer_to_kernel.PictureManager
- name: kl.core.NameServer
path: ns
Solution security policy
security.psl
execute: kl.core.Execute
use nk.base._
use trusted._
/**
* This code includes EDL descriptions of corresponding non-platform
* untrusted entities.
*/
use EDL defer_to_kernel.ValidPictureClient
use EDL defer_to_kernel.NonValidPictureClient
use EDL defer_to_kernel.PictureManager
/**
* The following code lets you send requests from untrusted entities to the KasperskyOS kernel
* and receive responses. It makes it possible for untrusted entities to use system calls.
* Caution! This rule is strictly for early-stage development because it
* exposes a variety of system services that could be invoked by an attacker.
* An audit must be performed to determine the minimal set of methods to allow.
*/
request src=defer_to_kernel.NonValidPictureClient, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=defer_to_kernel.NonValidPictureClient
{
grant()
}
request src=defer_to_kernel.ValidPictureClient, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=defer_to_kernel.ValidPictureClient
{
grant()
}
request src=defer_to_kernel.PictureManager, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=defer_to_kernel.PictureManager
{
grant()
}
/**
* The following code enables interactions between untrusted entities.
*/
request src=defer_to_kernel.ValidPictureClient, dst=defer_to_kernel.PictureManager, interface=defer_to_kernel.Get, method=GetPictures
{
grant()
}
response src=defer_to_kernel.PictureManager, dst=defer_to_kernel.ValidPictureClient, interface=defer_to_kernel.Get, method=GetPictures
{
grant()
}
trusted.psl
/**
* This file describes trusted platform entities and their connections.
*/
/**
* This code includes EDL descriptions of corresponding platform entities.
*/
use EDL kl.core.Core
use EDL kl.core.NameServer
use EDL Einit
/**
* This statement lets the KasperskyOS kernel start system entities.
*/
execute src=kl.core.Core, dst=kl.core.Core
{
grant()
}
execute src=kl.core.Core, dst=Einit
{
grant()
}
/**
* This statement lets you start up and initialize non-platform entities.
*/
execute src=Einit
{
grant()
}
/**
* This code lets you send requests from the Einit entity to the KasperskyOS kernel and receive
* responses. It makes it possible for Einit to use system calls.
*/
request src=Einit, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=Einit
{
grant()
}
/**
* This code lets the kl.core.NameServer entity send requests to the KasperskyOS
* kernel and receive responses. It makes it possible for system calls to be used
* by kl.core.NameServer.
*/
request src=kl.core.NameServer, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=kl.core.NameServer
{
grant()
}
/**
* This code enables interaction with kl.core.NameServer: any entity can send
* requests to kl.core.NameServer and receive responses from it.
*/
request dst=kl.core.NameServer
{
grant()
}
response src=kl.core.NameServer
{
grant()
}
Page top