Описания сущностей
Сущности ValidPictureClient и NonValidPictureClient не предоставляют функциональности другим сущностям и представляют собой клиентов, которые пытаются получить доступ к методам сущности PictureManager.
ValidPictureClient.edl
entity defer_to_kernel.ValidPictureClient
NonValidPictureClient.edl
entity defer_to_kernel.NonValidPictureClient
Сущность PictureManager представляет собой хранилище данных и содержит реализацию интерфейса Get, который предоставляет метод GetPictures() для доступа к данным.
PictureManager.edl
entity defer_to_kernel.PictureManager
interfaces {
get : defer_to_kernel.Get
}
Get.idl
package defer_to_kernel.Get
const UInt32 MaxPathSize = 128;
const UInt32 MaxPathNum = 100;
typedef sequence<sequence<UInt8,MaxPathSize>, MaxPathNum> SeqString;
interface
{
GetPictures(out SeqString resultSeq);
}
Init-описание
init.yaml
entities:
- name: defer_to_kernel.ValidPictureClient
- name: defer_to_kernel.NonValidPictureClient
- name: defer_to_kernel.PictureManager
- name: kl.core.NameServer
path: ns
Политика безопасности решения
security.psl
execute: kl.core.Execute
use nk.base._
use trusted._
/**
* This code includes EDL descriptions of corresponding non-platform
* untrusted entities.
*/
use EDL defer_to_kernel.ValidPictureClient
use EDL defer_to_kernel.NonValidPictureClient
use EDL defer_to_kernel.PictureManager
/**
* Next code enables to send requests from untrusted entities to KasperskyOS kernel
* and get responses. It makes able to use system calls by untrusted entities.
* Caution! This rule is strictly for early-stage development as it
* exposes a variety of system services that can be invoked by an attacker.
* An audit must be performed to determine minimal set of methods to allow.
*/
request src=defer_to_kernel.NonValidPictureClient, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=defer_to_kernel.NonValidPictureClient
{
grant()
}
request src=defer_to_kernel.ValidPictureClient, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=defer_to_kernel.ValidPictureClient
{
grant()
}
request src=defer_to_kernel.PictureManager, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=defer_to_kernel.PictureManager
{
grant()
}
/**
* Next code enables interactions between untrusted entities.
*/
request src=defer_to_kernel.ValidPictureClient, dst=defer_to_kernel.PictureManager, interface=defer_to_kernel.Get, method=GetPictures
{
grant()
}
response src=defer_to_kernel.PictureManager, dst=defer_to_kernel.ValidPictureClient, interface=defer_to_kernel.Get, method=GetPictures
{
grant()
}
trusted.psl
/**
* This file describes trusted platform entities and their connections.
*/
/**
* This code includes EDL descriptions of corresponding platform entities.
*/
use EDL kl.core.Core
use EDL kl.core.NameServer
use EDL Einit
/**
* This instruction enables to start up system entities by KasperskyOS kernel.
*/
execute src=kl.core.Core, dst=kl.core.Core
{
grant()
}
execute src=kl.core.Core, dst=Einit
{
grant()
}
/**
* This instruction enables to start up and initialize non-platform entities.
*/
execute src=Einit
{
grant()
}
/**
* This code enables to send requests from Einit entity to KasperskyOS kernel and get
* responses. It makes able to use system calls by Einit.
*/
request src=Einit, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=Einit
{
grant()
}
/**
* This code enables to send requests from kl.core.NameServer entity to KasperskyOS
* kernel and get responses. It makes able to use system calls
* by kl.core.NameServer.
*/
request src=kl.core.NameServer, dst=kl.core.Core
{
grant()
}
response src=kl.core.Core, dst=kl.core.NameServer
{
grant()
}
/**
* This code enables to interact with kl.core.NameServer: any entity can send
* request to kl.core.NameServer and get responses from it.
*/
request dst=kl.core.NameServer
{
grant()
}
response src=kl.core.NameServer
{
grant()
}
В начало