Hardware abstraction layer endpoint

Support

Support for KasperskyOS

KasperskyOS Community Edition

Developing security policies

Methods of KasperskyOS core endpoints

Hardware abstraction layer endpoint

May 21, 2024

ID kernel_methods_hal

Get as PDF

This endpoint is intended for receiving the values of HAL parameters, working with privileged registers, clearing the processor cache, providing diagnostic output, and receiving hardware-generated random numbers.

Information about methods of the endpoint is provided in the table below.

Methods of the hal.HAL endpoint (kl.core.HAL interface)

Method	Method purpose and parameters	Potential danger of the method
`GetEnv`	Purpose Gets the value of a HAL parameter. Parameters [in] `name` – name of the parameter. [out] `value` – value of the parameter. [out] `rc` – return code.	Gets values of HAL parameters that could contain critical system information.
`GetPrivReg`	Purpose Gets the value of a privileged register. Parameters [in] `reg` – name of the register. [out] `val` – value of the register. [out] `rc` – return code.	Sets up a data transfer channel with a process that has access to the `SetPrivReg` or `SetPrivRegRange` method. It is recommended to monitor the name of a register.
`SetPrivReg`	Purpose Sets the value of a privileged register. Parameters [in] `reg` – name of the register. [in] `val` – value of the register. [out] `rc` – return code.	Allows the following: Set the value of a privileged register. Set up a data transfer channel with a process that has access to the `GetPrivReg` or `GetPrivRegRange` method. It is recommended to monitor the name of a register.
`GetPrivRegRange`	Purpose Gets the value of a privileged register. Parameters [in] `regRange` – name of the registers range. [in] `offset` – register offset in the registers range. [out] `val` – value of the register. [out] `rc` – return code.	Sets up a data transfer channel with a process that has access to the `SetPrivReg` or `SetPrivRegRange` method. It is recommended to monitor the name of the registers range and the register offset in this range.
`SetPrivRegRange`	Purpose Sets the value of a privileged register. Parameters [in] `regRange` – name of the registers range. [in] `offset` – register offset in the registers range. [in] `val` – value of the register. [out] `rc` – return code.	Allows the following: Set the value of a privileged register. Set up a data transfer channel with a process that has access to the `GetPrivReg` or `GetPrivRegRange` method. It is recommended to monitor the name of the registers range and the register offset in this range.
`FlushCache`	Purpose Clears the processor cache. Parameters [in] `type` – value defining the cache type (data cache, instructions cache, or joint data and instructions cache). [in] `va` – base address of the virtual memory region. The cache corresponding to this region is cleared. [in] `size` – size of the virtual memory region. The cache corresponding to this region is cleared. [out] `rc` – return code.	Allows the processor cache to be cleared.
`DebugWrite`	Purpose Puts data into the diagnostic output that is written, for example, to a COM port or USB port (version 3.0 or later, with DbC support). Parameters [in] `data` – sequence containing the data to be put into the diagnostic output. [out] `rc` – return code.	Populates diagnostic output with fictitious (uninformative) data.
`GetEntropy`	Purpose Gets hardware-generated random numbers. Parameters [out] `buffer`—sequence containing random byte values. [in] `size`—number of random byte values. [out] `rc` – return code.	Creates a load on the hardware-based random number generator with frequent method calls so that other processes are unable to receive random numbers using this generator.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.