IPC message structure

In KasperskyOS, all interactions between entities are statically typed. The permissible structures of an IPC message are defined in the IDL description of the interfaces of the entity that receives the message (server).

A correct IPC message (request and response) contains a constant part and an arena.

Constant part of a message

The constant part of a message contains arguments of a fixed size, and the RIID and MID.

Fixed-size arguments can be arguments of any IDL types except the sequence type.

The RIID and MID identify the interface and method being called:

• The RIID (Runtime Interface ID) is the number of the entity interface implementation being called, starting at zero.
• The MID (Method ID) is the number of the method within the interface that contains it, starting at zero.

The type of the constant part of the message is generated by the NK compiler based on the IDL description of the interface. A separate structure is generated for each interface method. Union types are also generated for storing any request to a server, component or interface.

For example, for the Ping method of the IPing interface (the ping component of the server entity in the echo example), the NK compiler will create the IPing_Ping_req type for the constant part of the request and the IPing_Ping_res type for the constant part of the response. The following union types will also be generated:

• IPing_req and IPing_res – constant parts of the request and response for any method of the IPing interface
• ping_component_req and ping_component_res – constant parts of the request and response for any method of the ping component
• server_entity_req and server_entity_res – constant parts of the request and response for any method of the server entity

Arena

The arena is a buffer for storing variable-size arguments (sequence IDL type).

Validating a message in Kaspersky Security System

Kaspersky Security System checks that the structure of the message being sent is correct. Requests and responses are both validated. If the message has an incorrect structure, it will be rejected without calling the security policies associated with it.

Forming a message structure

The KasperskyOS Starter Kit is shipped with the following tools that make it easier for the developer to create and package an IPC message:

• The transport-kos library for working with NkKosTransport.
• The NK compiler that lets you generate special methods and types.

The echo example shows the creation of a simple IPC message.

Page top