Support

Support for KasperskyOS

KasperskyOS Community Edition

Developing security policies

Methods of KasperskyOS core endpoints

Handles endpoint

KasperskyOS Community Edition
Online Help
FAQ Download Forum Contact support Recovery tools Product videos

Handles endpoint

August 2, 2023

ID kernel_methods_handles

Get as PDF

This endpoint is intended for working with handles.

Information about methods of the endpoint is provided in the table below.

Methods of the handle.Handle endpoint (kl.core.Handle interface)

Method

Method purpose and parameters

Potential danger of the method

Copy

Purpose

Creates a handle based on an existing one.

Parameters

  • [in] inHandle – value whose binary representation consists of multiple fields, including an original handle field and an original handle permissions mask field.
  • [in] newRightsMask – permissions mask of the created handle.
  • [in] copyBadge – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource transfer context object.
  • [out] outHandle – value whose binary representation consists of multiple fields, including a field for the created handle and a field for the permissions mask of the created handle.
  • [out] rc – return code.

Allows the kernel memory to be used up by creating a multitude of objects within it.

CreateUserObject

Purpose

Creates a handle for a user resource.

Parameters

  • [in] type – handle type.
  • [in] rights – permissions mask of the created handle.
  • [in] context – pointer to the context of the user resource.
  • [in] ipcChannel – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is the server IPC handle of the IPC channel associated with the user resource.
  • [out] riid – ID of the endpoint (RIID) associated with the user resource.
  • [in] handle – value whose binary representation consists of multiple fields, including a field for the created handle and a field for the permissions mask of the created handle. The handle identifies the user resource.
  • [out] rc – return code.

Allows the kernel memory to be used up by creating a multitude of objects within it.

Close

Purpose

Deletes a handle.

Parameters

  • [in] handle – value whose binary representation consists of multiple fields, including a field for the deleted handle and a field for the permissions mask of the deleted handle.
  • [out] rc – return code.

N/A

Connect

Purpose

Creates and connects the client-, server-, and listener IPC handles.

Parameters

  • [in] server – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the server process.
  • [in] srListener – listener IPC handle that was already created by the previous method call, or the value 0xFFFFFFFF to create the listener IPC handle.
  • [in] client – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the client process.
  • [out] outSrListerner – the created listener IPC handle.
  • [out] outSrEndpoint – server IPC handle.
  • [out] outClEndpoint – client IPC handle.
  • [out] rc – return code.

Allows the kernel memory to be used up by creating a multitude of objects within it.

Disconnect

Purpose

Disconnects the client- and server IPC handles.

Parameters

  • [in] client – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is the client IPC handle.
  • [out] rc – return code.

N/A

SecurityConnect

Purpose

Creates a handle and connects it to a security interface.

Parameters

  • [out] client – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is used to query the security module through the security interface.
  • [out] rc – return code.

Allows a multitude of possible kernel process handle values to be used up.

SecurityDisconnect

Purpose

Disconnects a handle from a security interface.

Parameters

  • [in] client – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is used to query the security module through the security interface.
  • [out] rc – return code.

N/A

UidAlloc

Purpose

Allocates a unique ID value.

This method is used for backward compatibility because handles are currently being used instead of unique IDs.

Parameters

  • [out] uid – unique ID value.
  • [out] rc – return code.

Allows a multitude of possible unique ID values to be used up.

UidFree

Purpose

Frees the value of a unique ID. (This value must be freed so that it can be available for re-use.)

This method is used for backward compatibility because handles are currently being used instead of unique IDs.

Parameters

  • [in] uid – unique ID value.
  • [out] rc – return code.

Allows a unique ID value used by another process to be freed.

GetSidByHandle

Purpose

Lets you receive a security ID (SID) based on a handle.

Parameters

  • [in] handle – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field.
  • [out] sid – security ID (SID).
  • [out] rc – return code.

N/A

Revoke

Purpose

Deletes a handle and revokes its descendants.

Parameters

  • [in] handle – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field.
  • [out] rc – return code.

N/A

RevokeSubtree

Purpose

Revokes the handles that make up the inheritance subtree of the specified handle.

Parameters

  • [in] handle – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handles forming the inheritance subtree of this handle are revoked.
  • [in] badge – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource transfer context object that defines the inheritance subtree to revoke. The root node of this subtree is the handle that was generated by the transfer of the handle that is defined through the handle parameter and is associated with the resource transfer context object.
  • [out] rc – return code.

N/A

CreateBadge

Purpose

Creates a resource transfer context object and configures a notification mechanism for monitoring the life cycle of this object.

Parameters

  • [in] notify – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver.
  • [in] notifyContext – ID of the "resource–event mask" entry in the notification receiver.
  • [in] badgeContext – pointer to the resource transfer context.
  • [out] badge – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource transfer context object.
  • [out] rc – return code.

Allows the kernel memory to be used up by creating a multitude of objects within it.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.