What's new

KasperskyOS Community Edition 1.3

Print Support Send link Get as PDF

Methods of KasperskyOS core endpoints

Methods of KasperskyOS core endpoints

From the perspective of the Kaspersky Security Module, the KasperskyOS kernel is a container of components that provide endpoints. The list of kernel components is provided in the Core.edl file located in the sysroot-*-kos/include/kl/core directory of the KasperskyOS SDK. This directory also contains the CDL and IDL files for the formal specification of the kernel.

Methods of core endpoints can be divided into secure methods and potentially dangerous methods. Potentially dangerous methods could be used by a cybercriminal in a compromised solution component to cause a denial of service, set up covert data transfer, or hijack an I/O device. Secure methods cannot be used for these purposes.

Access to methods of core endpoints must be restricted as much as possible by the solution security policy (according to the Least Privilege principle). For that, the following requirements must be fulfilled:

Access to a secure method must be granted only to the solution components that require this method.
Access to a potentially dangerous method must be granted only to the trusted solution components that require this method.
Access to a potentially dangerous method must be granted to untrusted solution components that require this method only if the verifiable access conditions limit the possibilities of malicious use of this method, or if the impact from malicious use of this method is acceptable from a security perspective.
For example, an untrusted component may be allowed to use a limited set of I/O ports that do not allow this component to take control of I/O devices. In another example, covert data transfer between untrusted components may be acceptable from a security perspective.

In this section

Virtual memory endpoint

Synchronization endpoint

File system endpoints

Time endpoint

Hardware abstraction layer endpoint

KasperskyOS kernel XHCI DbC driver management endpoint

Audit endpoint

Profiling endpoint

I/O memory isolation management endpoint

Connections endpoint

Method	Method purpose and parameters	Potential danger of the method
`Allocate`	Purpose Allocates (reserves and optionally commits) a virtual memory region. Parameters [in] `addr` – preferred base address of the virtual memory region, or `0` for the base address to be selected automatically. [in] `size` – size of the virtual memory region in bytes. [in] `flags` – flags defining the parameters of the virtual memory region. [out] `va` – base address of the allocated virtual memory region. [out] `rc` – return code.	Allows the following: Exhaust the kernel memory by creating a multitude of objects within it. Exhaust the RAM.
`Commit`	Purpose Commits a virtual memory region that was reserved by the `Allocate` method. Parameters [in] `va` – base address of the virtual memory region. [in] `size` – size of the virtual memory region in bytes. [out] `rc` – return code.	Exhausts RAM.
`Decommit`	Purpose Decommits a virtual memory region. Parameters [in] `va` – base address of the virtual memory region. [in] `size` – size of the virtual memory region in bytes. [out] `rc` – return code.	N/A
`Protect`	Purpose Modifies the access rights to the virtual memory region. Parameters [in] `va` – base address of the virtual memory region. [in] `size` – size of the virtual memory region in bytes. [in] `flags` – flags defining the access rights to the virtual memory region. [out] `rc` – return code.	N/A
`Free`	Purpose Frees up the virtual memory region. Parameters [in] `va` – base address of the virtual memory region. [in] `size` – size of the virtual memory region in bytes. [out] `rc` – return code.	N/A
`Query`	Purpose Gets information about a virtual memory page. Parameters [in] `va` – address included in the virtual memory page. [out] `info` – sequence containing information about a virtual memory page. [out] `rc` – return code.	N/A
`Reset`	Purpose Decommits a virtual memory region. Parameters [in] `va` – base address of the virtual memory region. [in] `size` – size of the virtual memory region in bytes. [out] `rc` – return code.	N/A
`MdlCreate`	Purpose Creates an MDL buffer. Parameters [in] `size` – size of the MDL buffer in bytes. [in] `prot` – flags defining the access rights to the MDL buffer. [out] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer. [out] `rc` – return code.	Allows the following: Exhaust the kernel memory by creating a multitude of objects within it. Exhaust the RAM.
`MdlCreateFromVm`	Purpose Creates an MDL buffer from physical memory that is mapped to the defined virtual memory region and maps the created MDL buffer to this region. Parameters [in] `va` – base address of the virtual memory region. [in] `size` – size of the virtual memory region in bytes. [in] `flags` – flags defining the access rights to the MDL buffer. [out] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer. [out] `rc` – return code.	Allows the following: Exhaust the kernel memory by creating a multitude of objects within it. Exhaust the RAM.
`MdlGetSize`	Purpose Gets the size of the MDL buffer. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer. [out] `size` – size of the MDL buffer in bytes. [out] `rc` – return code.	N/A
`MdlMap`	Purpose Reserves a virtual memory region and maps the MDL buffer to it. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer. [in] `offset` – offset (in bytes) in the MDL buffer where mapping should start. [in] `length` – size (in bytes) of the part of the MDL buffer that needs to be mapped. [in] `hint` – preferred base address of the virtual memory region, or `0` for the base address to be selected automatically. [in] `prot` – flags defining the parameters of the virtual memory region. [out] `address` – base address of the virtual memory region. [out] `rc` – return code.	Allows the following: Create shared memory for interprocess communication concealed from the security module if multiple processes own the handles of one MDL buffer (the handle permissions masks must allow mapping of the MDL buffer). Exhaust the kernel memory by creating a multitude of objects within it.
`MdlClone`	Purpose Creates an MDL buffer based on an existing one. The MDL buffer is created from the same regions of physical memory as the original buffer. Parameters [in] `originHandle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the original MDL buffer. [in] `offset` – offset (in bytes) in the original MDL buffer where duplication should start. [in] `length` – size (in bytes) of the part of the original MDL buffer that needs to be duplicated. [out] `cloneHandle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the created MDL buffer. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.

Method	Method purpose and parameters	Potential danger of the method
`RegisterPort`	Purpose Registers a sequence of I/O ports. Parameters [in] `base` – address of the first I/O port in the sequence. [in] `size` – number of I/O ports in the sequence. [out] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the sequence of I/O ports. [out] `rc` – return code.	Allows the following: Hijack I/O ports (it is recommended to monitor the address of the first I/O port and the number of I/O ports in the sequence). Exhaust the kernel memory by creating a multitude of objects within it.
`RegisterMmio`	Purpose Registers an MMIO memory region. Parameters [in] `base` – base address of the MMIO memory region. [in] `size` – size of the MMIO memory region in bytes. [out] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MMIO memory region. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`RegisterDma`	Purpose Creates a DMA buffer. Parameters [in] `size` – size of the DMA buffer in bytes. [in] `flags` – flags defining the DMA buffer parameters. [in] `order` – parameter defining the minimum number of memory pages (2^order) in a block. [out] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the DMA buffer. [out] `rc` – return code.	Allows the following: Exhaust the kernel memory by creating a multitude of objects within it. Exhaust the RAM.
`RegisterIrq`	Purpose Registers an interrupt. Parameters [in] `irq` – interrupt number. [out] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the interrupt. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`MapMem`	Purpose Reserves the virtual memory region and maps the MMIO memory region to it. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MMIO memory region. [in] `prot` – flags defining the access rights to the virtual memory region. [in] `attr` – flags defining the parameters of the virtual memory region (for example, use of caching). [out] `address` – base address of the virtual memory region. [out] `mapping` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is used to free the virtual memory region. [out] `rc` – return code.	Allows the following: Take control of a device when mapping an MMIO memory region to a virtual memory region (it is recommended to monitor the base address and size of the MMIO memory region when the `RegisterMmio` method is called). Create shared memory for interprocess communication concealed from the security module if multiple processes own the handles of one MMIO memory region (the handle permissions masks must allow mapping of the MMIO memory region). Exhaust the kernel memory by creating a multitude of objects within it.
`PermitPort`	Purpose Opens access to I/O ports. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the sequence of I/O ports. [out] `access` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is used to close access to I/O ports. [out] `rc` – return code.	Allows the following: Take control of a device (it is recommended to monitor the address of the first I/O port and the number of I/O ports in the sequence when the `RegisterPort` method is called). Exhaust the kernel memory by creating a multitude of objects within it.
`AttachIrq`	Purpose Attaches the calling thread to an interrupt. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the interrupt. [in] `flags` – flags defining the interrupt parameters. [out] `delivery` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is the client IPC handle that is used by the interrupt handler. [out] `rc` – return code.	Allows the following: Take CPU time from all other threads, including from other processes (the thread that attached to the interrupt will become a real-time thread). Make it impossible to terminate a process from another process (the process whose thread was attached to the interrupt cannot be terminated from another process). Stop the operating system (if an unhandled exception occurs in the thread handling an interrupt, the operating system stops). Lock, delay, or incorrectly handle an interrupt (it is recommended to monitor the interrupt number when the `RegisterIrq` method is called). Exhaust the kernel memory by creating a multitude of objects within it.
`DetachIrq`	Purpose Sends a request to a thread. When this request is fulfilled, the thread must detach from the interrupt. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the interrupt. [out] `rc` – return code.	Stops interrupt handling in another process.
`EnableIrq`	Purpose Allows (unmasks) an interrupt. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the interrupt. [out] `rc` – return code.	Allows an interrupt at the system level.
`DisableIrq`	Purpose Denies (masks) an interrupt. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the interrupt. [out] `rc` – return code.	Denies an interrupt at the system level.
`ModifyDma`	Purpose Modifies the DMA buffer cache settings. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the DMA buffer. [in] `flags` – flags defining the DMA buffer caching parameters. [out] `rc` – return code.	N/A
`MapDma`	Purpose Reserves a virtual memory region and maps the DMA buffer to it. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the DMA buffer. [in] `offset` – offset (in bytes) in the DMA buffer where mapping should start. [in] `length` – size (in bytes) of the part of the DMA buffer that needs to be mapped. [in] `hint` – preferred base address of the virtual memory region, or `0` for the base address to be selected automatically. [in] `prot` – flags defining the access rights to the virtual memory region. [out] `address` – base address of the virtual memory region. [out] `mapping` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is used to free the virtual memory region. [out] `rc` – return code.	Allows the following: Create shared memory for interprocess communication concealed from the security module if multiple processes own the handles of one DMA buffer (the handle permissions masks must allow mapping of the DMA buffer). Exhaust the kernel memory by creating a multitude of objects within it.
`DmaGetInfo`	Purpose Gets information about a DMA buffer. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the DMA buffer. [out] `flags` – flags indicating the DMA parameters. [out] `order` – parameter indicating the minimum number of memory pages (2^order) in a block. [out] `size` – size of the DMA buffer in bytes. [out] `count` – number of blocks. [out] `frames` – sequence containing the addresses and sizes of blocks. [out] `rc` – return code.	N/A
`DmaGetPhysInfo`	Purpose Gets the physical addresses and sizes of DMA buffer blocks. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the DMA buffer. [out] `count` – number of blocks. [out] `frames` – sequence containing the physical addresses and sizes of blocks. [out] `rc` – return code.	N/A
`BeginDma`	Purpose Opens access to a DMA buffer for a device. Parameters [in] `resource` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the DMA buffer. [in] `domain` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the IOMMU domain. [out] `iomapping` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the kernel object that contains the addresses and sizes of blocks required by the device to use the DMA buffer. The memory addresses used by the device can be physical addresses or virtual addresses depending on whether the IOMMU is enabled. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.

Method	Method purpose and parameters	Potential danger of the method
`Create`	Purpose Creates a thread. Parameters [out] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [out] `tid` – thread ID (TID). [in] `priority` – thread priority. [in] `stackSize` – thread stack limit (in bytes), or `0` to use the default size that was defined when the process was created. [in] `routine` – pointer to the function that is called when the thread starts. [in] `context` – pointer to the function executed by the thread. [in] `context2` – pointer to the parameters passed to the function defined via the `context` parameter. [in] `flags` – flags defining the parameters for creating the thread. [out] `rc` – return code.	Allows the following: Create a real-time thread that takes up all the CPU time from other threads, including from other processes (it is recommended to monitor thread creation parameters). Create a multitude of threads (including with high priority) to reduce the CPU time available to the threads of other processes (it is recommended to monitor thread priority). Exhaust the RAM. Exhaust the kernel memory by creating a multitude of objects within it.
`OpenCurrent`	Purpose Creates the handle of the calling thread. Parameters [out] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [out] `rc` – return code.	N/A
`Suspend`	Purpose Locks the calling thread. Parameters [out] `rc` – return code.	Locks a thread that has captured a synchronization object that was created in shared memory and is anticipated by a thread of another process. As a result, the thread of the other process may be locked indefinitely.
`Resume`	Purpose Resumes execution of a locked thread. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [out] `rc` – return code.	N/A
`Terminate`	Purpose Terminates a thread. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [in] `code` – thread exit code. [out] `tid` – thread ID (TID). [out] `rc` – return code.	N/A
`Exit`	Purpose Terminates the calling thread. Parameters [in] `code` – thread exit code. [out] `rc` – return code.	N/A
`Wait`	Purpose Locks the calling thread until the defined thread is terminated. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [in] `msec` – thread termination timeout (in milliseconds). [out] `code` – thread exit code. [out] `rc` – return code.	N/A
`SetPriority`	Purpose Defines the priority of a thread. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [in] `priority` – thread priority. [out] `rc` – return code.	Allows the priority of a thread to be elevated to reduce the CPU time available to all other threads, including from other processes. It is recommended to monitor thread priority.
`SetTls`	Purpose Defines the base address of the thread local storage (TLS) for the calling thread. Parameters [in] `va` – pointer to the local memory of the thread. [out] `rc` – return code.	N/A
`Sleep`	Purpose Locks the calling thread for the specified duration. Parameters [in] `mdelay` – thread lockout duration (in milliseconds). [out] `rc` – return code.	N/A
`GetInfo`	Purpose Gets information about a thread. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [out] `info` – structure containing the base address of the thread stack and its size (in bytes), and the thread identifier (TID). [out] `rc` – return code.	N/A
`DetachIrq`	Purpose Detaches the calling thread from the interrupt handled in its context. Parameters [out] `rc` – return code.	N/A
`GetAffinity`	Purpose Gets a thread affinity mask. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [out] `mask` – thread affinity mask. [out] `rc` – return code.	N/A
`SetAffinity`	Purpose Defines a thread affinity mask. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [in] `mask` – thread affinity mask. [out] `rc` – return code.	N/A
`SetSchedPolicy`	Purpose Defines the scheduler class and priority of the thread. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [in] `policy` – thread scheduler class. [in] `priority` – thread priority. [in] `param` – union containing parameters of a thread scheduler class. [out] `rc` – return code.	Allows the following: Convert a thread into a real-time thread that takes up all the CPU time from all other threads, including from other processes (it is recommended to monitor the thread scheduler class). Elevate the priority of a thread to reduce the CPU time available to all other threads, including from other processes (it is recommended to monitor thread priority).
`GetSchedPolicy`	Purpose Gets information about the scheduler class and priority of a thread. Parameters [in] `thread` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the thread. [out] `policy` – thread scheduler class. [out] `priority` – thread priority. [out] `param` – union containing parameters of a thread scheduler class. [out] `rc` – return code.	N/A

Method	Method purpose and parameters	Potential danger of the method
`Copy`	Purpose Duplicates a handle. As a result of duplication, the calling process receives the handle descendant. Parameters [in] `inHandle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle field contains the original handle. [in] `newRightsMask` – permissions mask of the handle descendant. [in] `copyBadge` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource transfer context object. [out] `outHandle` – value whose binary representation consists of multiple fields, including a field for the handle descendant and a field for the permissions mask of the handle descendant. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`CreateUserObject`	Purpose Creates a handle. Parameters [in] `type` – handle type. [in] `rights` – handle permissions mask. [in] `context` – pointer to the data that should be associated with the handle. [in] `ipcChannel` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is the server IPC handle. [in] `riid` – Runtime Implementation Identifier (RIID). [out] `handle` – value whose binary representation consists of multiple fields, including a field for the created handle and a field for the permissions mask of the created handle. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`Close`	Purpose Closes a handle. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. [out] `rc` – return code.	N/A
`Connect`	Purpose Creates and connects the client, server, and listener IPC handles. Parameters [in] `server` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the server process. [in] `srListener` – listener handle from the handle space of the server process, or the value `0xFFFFFFFF` to create it. [in] `createSrEndpoint` – value that defines whether or not to create a server IPC handle in the handle space of the server process (`0` means no, and any other number means yes). [in] `client` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the client process. [out] `outSrListener` – listener handle from the handle space of the server process. [out] `outSrEndpoint` – server IPC handle from the handle space of the server process. [out] `outClEndpoint` – client IPC handle from the handle space of the client process. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`SecurityConnect`	Purpose Creates a client IPC handle for querying the Kaspersky Security Module through the security interface. Parameters [out] `client` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. [out] `rc` – return code.	Allows a multitude of possible kernel process handle values to be used up.
`GetSidByHandle`	Purpose Receives a security ID (SID) based on a handle. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. [out] `sid` – security ID (SID). [out] `rc` – return code.	N/A
`Revoke`	Purpose Closes a handle and revokes its descendants. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. [out] `rc` – return code.	N/A
`RevokeSubtree`	Purpose Revokes the handles that make up the inheritance subtree of the specified handle. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handles forming the inheritance subtree of this handle are revoked. [in] `badge` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource transfer context object that defines the inheritance subtree of the handles to revoke. The root node of this subtree is the handle that was generated by the transfer or duplication of the handle that is defined through the `handle` parameter and is associated with the resource transfer context object. [out] `rc` – return code.	N/A
`CreateBadge`	Purpose Creates a resource transfer context object and configures a notification mechanism for monitoring the life cycle of this object. Parameters [in] `notify` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver. [in] `notifyContext` – ID of the "resource–event mask" entry in the notification receiver. [in] `badgeContext` – pointer to the data that should be associated with the handle transfer. [out] `badge` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource transfer context object. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.

Method	Method purpose and parameters	Potential danger of the method
`Create`	Purpose Creates a process. Parameters [in] `name` – process name. [in] `eiid` – process class name. [in] `path` – name of the executable file in ROMFS. [in] `stackSize` – thread stack limit (in bytes) used by default when creating process threads. [in] `priority` – priority of the initial thread. [in] `flags` – flags defining the parameters for creating the process. [out] `child` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the created process. [out] `rc` – return code.	Allows the following: Create a process that will be privileged from the perspective of the solution security policy (indicating the name of the process class with privileges). Reserve a process name so that another process with this name cannot be created. Create a process that will cause the operating system to stop if an unhandled exception occurs. Load code from an executable file into process memory for subsequent execution of that code. Exhaust RAM by creating a multitude of processes. Exhaust the kernel memory by creating a multitude of objects within it.
`LoadSeg`	Purpose Loads an ELF image segment into process memory from the MDL buffer. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `mdl` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer containing the ELF image segment. [in] `segAttr` – structure containing the parameters for loading the ELF image segment. [out] `rc` – return code. [out] `retaddr` – base address of the virtual memory region of the process where the ELF image segment is loaded.	Allows code to be loaded into process memory for subsequent execution of that code.
`VmReserve`	Purpose Reserves the virtual memory region in a process that was created as an empty process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `addr` – preferred base address of the virtual memory region, or `0` for the address to be selected automatically. [in] `size` – size of the virtual memory region in bytes. [in] `flags` – flags defining the parameters of the virtual memory region. [out] `outAddr` – base address of the reserved virtual memory region. [out] `rc` – return code.	Allows the following: Exhaust the kernel memory by creating a multitude of objects within it. Reserve virtual memory regions in another process that was created as an empty process and has not yet been started (if its handle is available). The handle permissions mask must allow reservation of virtual memory.
`VmFree`	Purpose Frees the virtual memory region that was reserved by calling the `VmReserve` method in a process that was created as an empty process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `addr` – base address of the virtual memory region. [in] `size` – size of the virtual memory region in bytes. [out] `rc` – return code.	Frees virtual memory regions in another process that was created as an empty process and has not yet been started (if its handle is available). (The handle permissions mask must allow freeing of virtual memory.)
`SetEntry`	Purpose Defines the program entry point and the ELF image load offset. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `state` – structure containing the address of the program entry point and the ELF image load offset (in bytes). [out] `rc` – return code.	Creates conditions for executing code loaded into process memory.
`LoadElfSyms`	Purpose Loads the symbol table `.symtab` and string table `.strtab` from MDL buffers into the memory of a process that was created as an empty process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `symMdl` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer containing the symbol table `.symtab`. [in] `symSegAttr` – structure containing the parameters for loading the symbol table `.symtab`. [in] `symSize` – size of the symbol table `.symtab` (in bytes). [in] `strMdl` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer containing the string table `.strtab`. [in] `strSegAttr` – structure containing the parameters for loading the string table `.strtab`. [in] `strSize` – size of the string table `.strtab` (in bytes). [out] `rc` – return code.	N/A
`LoadElfHdr`	Purpose Writes the ELF image header to the PCB of a process that was created as an empty process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `hdrData` – sequence containing the ELF image header. [out] `rc` – return code.	N/A
`SetEnv`	Purpose Writes data to the SCP of a child process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the child process. [in] `env` – sequence containing data to be written to the SCP. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`FreeSelfEnv`	Purpose Deletes the SCP of the calling process. Parameters [out] `rc` – return code.	N/A
`Resume`	Purpose Starts a process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [out] `rc` – return code.	Allows the following: Execute code loaded into process memory. Start a multitude of previously created processes to reduce the computing resources available to other processes (it is recommended to monitor the priority of the initial thread when the `Create` method is called).
`Exit`	Purpose Terminates the calling process. Parameters [in] `status` – exit code of the process. [out] `rc` – return code.	N/A
`Terminate`	Purpose Terminates a process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [out] `rc` – return code.	Allows another process to be terminated if its handle is available. (The handle permissions mask must allow termination of the process.)
`GetExitInfo`	Purpose Gets information about a terminated process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the terminated process. [out] `status` – value indicating the reason for process termination. [out] `info` – union containing information about the terminated process. [out] `rc` – return code.	N/A
`GetThreadContext`	Purpose Gets the context of a thread that is part of a frozen process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process that is in a frozen state. [in] `index` – thread index. It is used to enumerate threads. Enumeration starts with zero. A thread in which an unhandled exception occurred has a zero index. [out] `context` – structure containing the thread ID (TID) and thread context. [out] `rc` – return code.	Enables disrupted isolation of a process that is in a frozen state. For example, the thread context may contain the values of variables.
`GetNextVmRegion`	Purpose Gets information about the virtual memory region that belongs to a frozen process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process that is in a frozen state. [in] `after` – address that is followed by the virtual memory region. [out] `next` – base address of the virtual memory region. [out] `size` – size of the virtual memory region in bytes. [out] `flags` – flags indicating the parameters of the virtual memory region. [out] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the MDL buffer mapped to a virtual memory region. [out] `rc` – return code.	Enables disrupted isolation of a process that is in a frozen state. Process isolation is disrupted due to the opened access to the process memory region.
`TerminateAfterFreezing`	Purpose Terminates a frozen process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process that is in a frozen state. [out] `rc` – return code.	Enables termination of a frozen process. This does not allow collection of data about this process for diagnostic purposes.
`GetName`	Purpose Gets the name of a calling process. Parameters [out] `name` – process name. [out] `rc` – return code.	N/A
`GetPath`	Purpose Gets the name of the executable file (in ROMFS) that was used to create the calling process. Parameters [out] `path` – name of the executable file. [out] `rc` – return code.	N/A
`GetInitialThreadPriority`	Purpose Gets the priority of the initial thread of a process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [out] `priority` – priority of the initial thread. [out] `rc` – return code.	N/A
`SetInitialThreadPriority`	Purpose Defines the priority of the initial thread of a process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `priority` – priority of the initial thread. [out] `rc` – return code.	Allows the priority of the initial thread of a process to be elevated to reduce the CPU time available to all other threads, including from other processes. It is recommended to monitor the priority of an initial thread.
`GetTasksList`	Purpose Gets information about existing processes. Parameters [out] `notice` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver that is configured to receive notifications regarding the termination of processes. [out] `strings` – sequence containing the parameters of processes. [out] `pids` – sequence containing the identifiers of processes (the PID of each process). [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`SetInitialThreadSchedPolicy`	Purpose Defines the scheduler class and priority of the initial thread of a process. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `policy` – scheduler class of the initial thread of the process. [in] `priority` – priority of the initial thread of a process. [in] `params` – union containing the parameters of the scheduler class of the initial thread of the process. [out] `rc` – return code.	Allows the following: Convert the initial thread of a process into a real-time thread that takes up all the CPU time from all other threads, including from other processes (it is recommended to monitor the scheduler class of the initial thread of the process). Elevate the priority of the initial thread of a process to reduce the CPU time available to all other threads, including from other processes (it is recommended to monitor the priority of the initial thread of the process).
`ReseedAslr`	Purpose Defines the seed value for ASLR support. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `seed` – sequence containing the seed value. [out] `rc` – return code.	N/A
`GetElfSyms`	Purpose Gets the address and size of the symbol table `.symtab` and string table `.strtab` for the calling process. Parameters [out] `relocBase` – ELF image load offset (in bytes). [out] `syms` – address of the symbol table `.symtab`. [out] `symsCnt` – size (in bytes) of the symbol table `.symtab`. [out] `strs` – address of the string table `.strtab`. [out] `strsSize` – size (in bytes) of the string table `.strtab`. [out] `rc` – return code.	N/A
`TransferHandle`	Purpose Transfers a handle to a process that is not yet running. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `srcHandle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle field contains the transferred handle. [in] `srcBadge` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource transfer context object. [in] `dstRights` – permissions mask of the descendant of the transferred handle. [out] `dstHandle` – value of the descendant of the transferred handle (from the handle space of the process that received the handle). [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`GetPid`	Purpose Gets the process ID (PID). Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [out] `pid` – process ID. [out] `rc` – return code.	N/A

Method	Method purpose and parameters	Potential danger of the method
`Open`	Purpose Opens a file. Parameters [in] `name` – name of the file. [out] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the opened file. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`Close`	Purpose Closes a file. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the opened file. [out] `rc` – return code.	N/A
`Read`	Purpose Reads data from a file. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the opened file. [in] `sectorNumber` – data block number. Enumeration starts with zero. [out] `read` – size of the read data in bytes. [out] `data` – sequence containing the read data. [out] `rc` – return code.	N/A
`GetSize`	Purpose Gets the size of a file. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the opened file. [out] `size` – file size in bytes. [out] `rc` – return code.	N/A
`GetId`	Purpose Gets the unique ID of a file. Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the opened file. [out] `id` – unique ID of the file. [out] `rc` – return code.	N/A
`Count`	Purpose Gets the number of files in the file system. Parameters [out] `count` – number of files in the file system. [out] `rc` – return code.	N/A
`GetInfo`	Purpose Gets the name and unique ID of a file based on the file index. Parameters [in] `index` – file index. Enumeration starts with zero. [in] `nameLenMax` – buffer size (in bytes) for saving the file name. [out] `name` – name of the file. [out] `id` – unique ID of the file. [out] `rc` – return code.	N/A
`GetFsSize`	Purpose Gets the size of the file system. Parameters [out] `fsSize` – size of the file system in bytes. [out] `rc` – return code.	N/A

Method	Method purpose and parameters	Potential danger of the method
`GetEnv`	Purpose Gets the value of a hardware platform parameter. Parameters [in] `name` – name of the parameter. [out] `value` – value of the parameter. [out] `rc` – return code.	Gets values of hardware platform parameters that could contain critical system information.
`GetPrivReg`	Purpose Gets the value of a peripheral device privileged register. Parameters [in] `reg` – name of the register. [out] `val` – value of the register. [out] `rc` – return code.	Sets up a data transfer channel with a process that has access to the `SetPrivReg` or `SetPrivRegRange` method. It is recommended to monitor the name of a register.
`SetPrivReg`	Purpose Sets the value of a peripheral device privileged register. Parameters [in] `reg` – name of the register. [in] `val` – value of the register. [out] `rc` – return code.	Allows the following: Set the value of a peripheral device privileged register. Set up a data transfer channel with a process that has access to the `GetPrivReg` or `GetPrivRegRange` method. It is recommended to monitor the name of a register.
`GetPrivRegRange`	Purpose Gets the value of a peripheral device privileged register. Parameters [in] `regRange` – name of the registers range. [in] `offset` – register offset in the registers range. [out] `val` – value of the register. [out] `rc` – return code.	Sets up a data transfer channel with a process that has access to the `SetPrivReg` or `SetPrivRegRange` method. It is recommended to monitor the name of the registers range and the register offset in this range.
`SetPrivRegRange`	Purpose Sets the value of a peripheral device privileged register. Parameters [in] `regRange` – name of the registers range. [in] `offset` – register offset in the registers range. [in] `val` – value of the register. [out] `rc` – return code.	Allows the following: Set the value of a peripheral device privileged register. Set up a data transfer channel with a process that has access to the `GetPrivReg` or `GetPrivRegRange` method. It is recommended to monitor the name of the registers range and the register offset in this range.
`FlushCache`	Purpose Clears the processor cache. Parameters [in] `type` – value defining the cache type (data cache, instructions cache, or joint data and instructions cache). [in] `va` – base address of the virtual memory region. The cache corresponding to this region is cleared. [in] `size` – size of the virtual memory region in bytes. The cache corresponding to this region is cleared. [out] `rc` – return code.	Allows the processor cache to be cleared.
`DebugWrite`	Purpose Puts data into the diagnostic output that is written, for example, to a COM port or USB port (version 3.0 or later, with DbC support). Parameters [in] `data` – sequence containing the data to be put into the diagnostic output. [out] `rc` – return code.	Populates diagnostic output with fictitious (uninformative) data.
`GetEntropy`	Purpose Gets hardware-generated random numbers. Parameters [out] `buffer` – sequence containing random byte values. [in] `size` – number of random byte values. [out] `rc` – return code.	Creates a load on the hardware-based random number generator with frequent method calls so that other processes are unable to receive random numbers using this generator.

Method	Method purpose and parameters	Potential danger of the method
`GetCoverageData`	Purpose Gets information about kernel code coverage. Parameters [in] `index` – index for enumerating object files containing instrumental code for receiving coverage data. Enumeration starts with zero. [out] `buf` – sequence containing information about the code coverage of an object file (in gcda format). [out] `size` – size (in bytes) of data containing information about the code coverage of an object file. [out] `name` – name of the `*.gcda` file that was assigned during compilation. [out] `rc` – return code.	N/A
`FlushGcov`	Purpose Output of data on kernel code coverage in gcda format via I/O interface (for example, COM, USB). Parameters [out] `rc` – return code.	N/A
`FlushGcovFile`	Purpose Output of data on user code coverage in gcda format via I/O interface (for example, COM, USB). Parameters [in] `name` – name of the `*.gcda` file that was assigned during compilation. [in] `buf` – pointer to the buffer containing information about code coverage in gcda format. [in] `size` – size of data containing code coverage information in bytes. [out] `rc` – return code.	N/A
`GetCounters`	Purpose Gets the values of performance counters. Parameters [in] `prefix` – prefix for names of performance counters. [in] `names` – sequence containing the names of performance counters. [out] `values` – sequence containing the values of performance counters. [out] `rc` – return code.	N/A
`ObjectGetStat`	Purpose Gets the values of performance counters associated with a system resource (process or thread). Parameters [in] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the system resource. [in] `names` – sequence containing the names of performance counters. [out] `values` – sequence containing the values of performance counters. [out] `rc` – return code.	N/A
`SamplingStart`	Purpose Starts sample code profiling. Parameters [in] `conf` – flags that define the profiling settings. [in] `cpus` – processor mask indicating the set of processors (processor cores) that execute the profiled code. [in] `contSize` – size (in bytes) of the container used to store data containing the code execution statistics obtained from profiling. [in] `interval` – fictitious parameter. [out] `rc` – return code.	N/A
`SamplingStop`	Purpose Stops sample code profiling. Parameters [out] `rc` – return code.	N/A
`SamplingRead`	Purpose Gets data containing the code execution statistics received from sample profiling. Parameters [in] `unsafeBuffer` – pointer to the buffer used to save the data on the code execution statistics obtained from profiling. [in] `size` – size of the buffer whose pointer is defined through the `unsafeBuffer` parameter in bytes. [out] `realSize` – size of the saved data in bytes. [in] `timeout` – container filling timeout (in milliseconds). [out] `rc` – return code.	Gets the addresses and names of functions of other processes.
`SamplingAddPidToList`	Purpose Adds a process to the set of processes in whose contexts the programs subject to sample profiling are running. Parameters [in] `pid` – process ID (PID). [out] `rc` – return code.	N/A
`SamplingClearPidList`	Purpose Clears the set of processes in whose contexts the programs subject to sample profiling are running. Parameters [out] `rc` – return code.	N/A
`LoadSegInfo`	Purpose Saves information about the loaded segment of the ELF image in the kernel. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `addr` – segment address in process memory. [in] `size` – segment size (in bytes). [in] `offset` – offset of the segment in the ELF file (in bytes). [in] `flags` – flags defining the access rights to the segment. [in] `buildId` – build ID. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`UnloadSegInfo`	Purpose Deletes information about the loaded ELF image segment that was saved in the kernel using the `LoadSegInfo` method. Parameters [in] `task` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the process. [in] `addr` – segment address in process memory. [in] `size` – segment size (in bytes). [out] `rc` – return code.	N/A
`KcovAlloc`	Purpose Allocates the resources required for collecting kernel code coverage data when handling system calls executed by the calling process. Parameters [in] `numThreads` – maximum number of threads whose kernel code coverage data will be collected. [in] `maxPoints` – maximum number of coverage points for one thread. [out] `rc` – return code.	Exhausts RAM.
`KcovFree`	Purpose Frees the resources required for collecting kernel code coverage data when handling system calls executed by the calling process. Parameters [out] `rc` – return code.	N/A
`KcovStart`	Purpose Starts the collection of kernel code coverage data when handling system calls executed by the calling thread. Parameters [out] `rc` – return code.	N/A
`KcovStop`	Purpose Stops the collection of kernel code coverage data when handling system calls executed by the calling thread. Also gets information about kernel code coverage. Parameters [in] `points` – pointer to the buffer used to store the IDs of coverage points. [in] `maxPoints` – maximum number of coverage point IDs that can be stored in the buffer defined via the `points` parameter. [out] `numPoints` – actual number of coverage point IDs stored in the buffer defined via the `points` parameter. [out] `rc` – return code.	N/A

Method	Method purpose and parameters	Potential danger of the method
`Attach`	Purpose Attaches a device on a PCIe bus to the automatically created IOMMU domain associated with the calling process. Parameters [in] `bdf` – address of the device on the PCIe bus in BDF format. [out] `rc` – return code.	Attaches a device on a PCIe bus managed by another process to an IOMMU domain associated with the calling process, which leads to failure of the device. It is recommended to monitor the address of a device on a PCIe bus.
`Detach`	Purpose Detaches a device on a PCIe bus from the automatically created IOMMU domain associated with the calling process. Parameters [in] `bdf` – address of the device on the PCIe bus in BDF format. [out] `rc` – return code.	N/A
`CreateDomain`	Purpose Creates an IOMMU domain associated with the calling process. Parameters [out] `domain` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the IOMMU domain. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`AttachToDomain`	Purpose Attaches a device on a PCIe bus to the defined IOMMU domain associated with the calling process. Parameters [in] `bdf` – address of the device on the PCIe bus in BDF format. [in] `domain` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the IOMMU domain. [out] `rc` – return code.	Attaches a device on a PCIe bus managed by another process to an IOMMU domain associated with the calling process, which leads to failure of the device. It is recommended to monitor the address of a device on a PCIe bus.
`DetachFromDomain`	Purpose Detaches a device on a PCIe bus from the defined IOMMU domain associated with the calling process. Parameters [in] `bdf` – address of the device on the PCIe bus in BDF format. [in] `domain` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the IOMMU domain. [out] `rc` – return code.	N/A

Method	Method purpose and parameters	Potential danger of the method
`Connect`	Purpose Requests to create an IPC channel with a server for use of the defined endpoint. Parameters [in] `server` – name of the server. [in] `service` – qualified name of the endpoint. [in] `msecs` – request fulfillment timeout, in milliseconds. [out] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is the client IPC handle. [out] `id` – Runtime Implementation Identifier (RIID). [out] `rc` – return code.	Creates a load on a server by sending a large number of requests to create an IPC channel.
`Listen`	Purpose Receives a client request to create an IPC channel for use of an endpoint. Parameters [in] `filter` – fictitious parameter. [in] `msecs` – client request timeout, in milliseconds. [out] `client` – client name. [out] `service` – qualified name of the endpoint. [out] `rc` – return code.	N/A
`Drop`	Purpose Rejects a client request to create an IPC channel for use of the defined endpoint. Parameters [in] `client` – client name. [in] `service` – qualified name of the endpoint. [out] `rc` – return code.	N/A
`Accept`	Purpose Accepts a client request to create an IPC channel for use of the defined endpoint. Parameters [in] `client` – client name. [in] `service` – qualified name of the endpoint. [in] `id` – Runtime Implementation Identifier (RIID). [in] `listener` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is the listener handle. [out] `handle` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle is the server IPC handle. [out] `rc` – return code.	N/A

Method	Method purpose and parameters	Potential danger of the method
`Create`	Purpose Creates a notification receiver. Parameters [out] `notify` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`SubscribeToObject`	Purpose Adds a "resource–event mask" entry to the notification receiver so that it can receive notifications about events associated with the defined resource and match the defined event mask. Parameters [in] `notify` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver. [in] `object` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource. [in] `evMask` – event mask. [in] `evId` – ID of the "resource–event mask" entry. [out] `rc` – return code.	Allows the kernel memory to be used up by creating a multitude of objects within it.
`UnsubscribeFromEvent`	Purpose Removes from the notification receiver "resource—event mask" entries with the specified identifier to prevent the receiver from getting notifications about events that match these entries. Parameters [in] `notify` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver. [in] `evId` – ID of the "resource–event mask" entry. [out] `rc` – return code.	N/A
`UnsubscribeFromObject`	Purpose Removes from the notification receiver "resource—event mask" entries that match the specified resource to prevent the receiver from getting notifications about events that match these entries. Parameters [in] `notify` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver. [in] `object` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the resource. [out] `rc` – return code.	N/A
`GetEvent`	Purpose Extracts notifications from the receiver. Parameters [in] `notify` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver. [in] `mdelay` – timeout for notifications to appear in the receiver, in milliseconds. [out] `events` – sequence of notifications comprised of structures containing a "resource–event mask" entry ID, mask and counter of events associated with the resource. [out] `rc` – return code.	N/A
`DropAndWake`	Purpose Removes from the specified notification receiver all "resource—event mask" entries, resumes all threads waiting for notifications to appear in the specified receiver; optionally prohibits adding of "resource—event mask" entries to the specified notification receiver. Parameters [in] `notify` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the notification receiver. [in] `finish` – value defining whether or not the addition of "resource–event mask" entries will be prohibited (`0` – will not be prohibited, `1` – will be prohibited). [out] `rc` – return code.	N/A
`SetObjectEvent`	Purpose Signals the occurrence of events that are related to the defined user resource and match the defined event mask. Parameters [in] `object` – value whose binary representation consists of multiple fields, including a handle field and a handle permissions mask field. The handle identifies the user resource. [in] `evMask` – mask of events to be signaled. [out] `rc` – return code.	N/A

Method	Method purpose and parameters	Potential danger of the method
`GetTime`	Purpose Lets you get the current time from the time source on the hardware platform and the characteristics of this source. Parameters [out] `time` – structure containing time information. [out] `capabilities` – structure containing the characteristics of the time source. [out] `rc` – return code.	N/A
`SetTime`	Purpose Sets the current time in the time source on the hardware platform. Parameters [in] `time` – structure containing time information. [out] `rc` – return code.	Lets you set the current time in the time source on the hardware platform.
`GetVariable`	Purpose Lets you get the value of the EFI variable. Parameters [in] `variableName` – sequence containing the name of a variable with a terminating zero. [in] `vendorGuid` – structure containing the unique ID of the vendor related to the variable. [out] `attributes` – value whose bits are interpreted as attributes of a variable. [out] `dataSizeReal` – size (bytes) of data received via the `data` parameter. [out] `data` – sequence containing the value of the variable. [out] `rc` – return code.	Gets values of EFI variables that could contain critical system information.
`GetNextVariableName`	Purpose Enumerates the names of EFI variables. Parameters [in] `variableNamePrev` – sequence containing the name of the variable with a terminating zero obtained during the previous call of the `GetNextVariableName` method, or null if the `GetNextVariableName` method is being called for the first time. [in] `vendorGuidPrev` – structure containing the unique ID of the vendor related to the variable whose name was received during the previous call of the `GetNextVariableName` method, or null if the `GetNextVariableName` method is being called for the first time. [out] `variableNameSizeReal` – size (bytes) of data received via the `variableNameNext` parameter. [out] `variableNameNext` – sequence containing the name of a variable with a terminating zero. [out] `vendorGuidNext` – structure containing the unique ID of the vendor related to the variable. [out] `rc` – return code.	Gets the names of EFI variables that could contain critical system information.
`SetVariable`	Purpose Specifies the value of the EFI variable. Parameters [in] `variableName` – sequence containing the name of a variable with a terminating zero. [in] `vendorGuid` – structure containing the unique ID of the vendor related to the variable. [in] `attributes` – value whose bits are interpreted as attributes of the variable. [in] `data` – sequence containing the value of the variable. [out] `rc` – return code.	Lets you set the value of the EFI variable.
`QueryVariableInfo`	Purpose Gets information about EFI variables. Parameters [in] `attributes` – value whose bits are interpreted as the types of those variables whose information you need to get. [out] `maximumVariableStorageSize` – size (bytes) of memory that is intended for storing variables of specific types. [out] `remainingVariableStorageSize` – size (bytes) of the unused portion of memory that is intended for storing variables of specific types. [out] `maximumVariableSize` – maximum size (bytes) of variables of specific types. [out] `rc` – return code.	N/A
`ResetSystem`	Purpose Restarts the hardware platform. Parameters [in] `resetType` – value that defines the restart type, such as cold or hot restart. [in] `resetStatus` – code that indicates the restart status, such as normal restart or restart due to malfunction. [in] `resetData` – sequence containing information about the causes of restarts. [out] `rc` – return code.	Lets you restart the hardware platform.

Contents