PSL data types
The data types supported in the PSL language are presented in the table below.
PSL data types
Designations of types | Description of types |
---|---|
| Unsigned integer |
| Signed integer |
| Boolean type The Boolean type includes two values: |
| Text type |
|
The |
| Text literal A text literal includes one immutable text value. Example definitions of text literals:
|
< | Integer literal An integer literal includes one immutable integer value. Example definitions of integer literals:
|
< | Variant type A variant type combines two or more types and may perform the role of either of them. Examples of definitions of variant types:
|
| Dictionary A dictionary consists of one or more types of fields. A dictionary can be empty. Examples of dictionary definitions:
|
| Tuple A tuple consists of fields of one or more types in the order in which the types are listed. A tuple can be empty. Examples of tuple definitions:
|
| Set A set includes zero or more unique elements of the same type. Examples of set definitions:
|
| List A list includes zero or more elements of the same type. Examples of list definitions:
|
| Associative array An associative array includes zero or more entries of the "key-value" type with unique keys. Example of defining an associative array:
|
| Array An array includes a defined number of elements of the same type. Example of defining an array:
|
| Sequence A sequence includes from zero to the defined number of elements of the same type. Example of defining a sequence:
|
Aliases of certain PSL types
The nk/base.psl
file from the KasperskyOS SDK defines the data types that are used as the types of parameters (or structural elements of parameters) and returned values for methods of various security models. Aliases and definitions of these types are presented in the table below.
Aliases and definitions of certain data types in PSL
Type alias | Type definition |
---|---|
| Unsigned integer
|
| Signed integer
|
| Integer
|
| Scalar literal
|
| Literal
|
| Type of security ID (SID)
|
| Type of security ID (SID)
|
| Dictionary containing fields for the SID and handle permissions mask
|
| Type of data received by expressions of security models called in the
|
| Type of data defining the conditions for conducting the security audit
|
Mapping IDL types to PSL types
Data types of the IDL language are used to describe the parameters of interface methods. The input data for security model methods have types from the PSL language. The set of data types in the IDL language differs from the set of data types in the PSL language. Parameters of interface methods transmitted in IPC messages can be used as input data for methods of security models, so the policy description developer needs to understand how IDL types are mapped to PSL types.
Integer types of IDL are mapped to integer types of PSL and to variant types of PSL that combine these integer types (including with other types). For example, signed integer types of IDL are mapped to the Signed
type in PSL, and integer types of IDL are mapped to the ScalarLiteral
type in PSL.
The Handle
type in IDL is mapped to the HandleDesc
type in PSL.
Unions and structures of IDL are mapped to PSL dictionaries.
Arrays and sequences of IDL are mapped to arrays and sequences of PSL, respectively.
String buffers in IDL are mapped to the text type in PSL.
Byte buffers in IDL are not currently mapped to PSL types, so the data contained in byte buffers cannot be used as inputs for security model methods.