KasperskyOS Community Edition 1.0
English
KasperskyOS: overview  >  Isolation and interaction between entities  >  Describing entities' interfaces (EDL, CDL, IDL)

Describing entities' interfaces (EDL, CDL, IDL)

To control interactions between entities, the structure of the sent IPC messages must be transparent to the security module. In KasperskyOS, this is achieved using a static declaration of entities' interfaces. Special languages are used for this: Entity Definition Language (EDL), Component Definition Language (CDL) and Interface Definition Language (IDL). If an IPC message does not match an interface description, it will be rejected by the security module.

An entity's interface description defines the allowed IPC message structures. This creates a clear link between the implementation of each method and how that method is represented for the security module. Nearly every build tool uses entities' interface descriptions either explicitly or implicitly.

Types of static descriptions

A description of entities' interfaces is built using an "entity-component-interface" model:

  • An IDL description declares an interface, as well as user types and constants (optional). Taken together, all of the IDL descriptions in a solution encompass all the interfaces implemented in the solution.
  • A CDL description lists the interfaces implemented by a component. Components make it possible to group interface implementations. Components can include other components.
  • An entity's EDL description declare instances of the components included in the entity. An entity may include no components.

Example

Below are static declarations of a solution consisting of a Client entity that does not implement a single interface, and a Server entity that implements the FileOps interface.

Client.edl

// The static description consists of only the entity's name

entity Client

Server.edl

// The Server entity contains an instance of the Operations component

entity Server

components {

OpsComp: Operations

}

Operations.cdl

// The Operations component implements the FileOps interface

component Operations

interfaces {

FileOpsImpl: FileOps

}

FileOps.idl

package FileOps

// Declaration of the String user type

typedef array <UInt8, 256> String;

// The FileOps interface contains a single Open method with a 'name' input argument and 'h' output argument

interface {

Open(in String name, out UInt32 h);

}

For more details, refer to Syntax of static declarations.

Article ID: overview_idl_cdl_edl, Last review: Feb 16, 2022
Page top