09a02acc7b
arm-hyp proofs/ROOT: make it possible to skip proofs in BaseRefine
2017-06-19 14:32:28 +10:00
a751e4f798
arm-hyp refine: More invariants for vcpuSwitch and alike
2017-06-19 14:32:28 +10:00
d1eef6c026
arm-hyp refine: Detype_R sorry free
2017-06-19 14:32:28 +10:00
511d3f5c40
arm-hyp refine: one sorry left in Detype_R
2017-06-19 14:32:28 +10:00
bdd6f9c896
arm-hyp refine: add armUSGlobalPD to global_refs' in Invariants_H
2017-06-19 14:32:28 +10:00
a6b0559e23
arm-hyp refine: set_vm_root_corres and auxiliary lemmas
2017-06-19 14:32:28 +10:00
e52c985b4b
arm-hyp refine: add valid_arch_tcb' invariant (vcpu_at' for atcbVCPUPtr)
2017-06-19 14:32:28 +10:00
1efbaf8e31
arm-hyp tests: fixing run_tests to work with testboard
2017-06-19 14:32:28 +10:00
9103207d8a
arm-hyp refine: fix storePDE/storePTE sorries in VSpace_R
2017-06-19 14:32:28 +10:00
abc195f170
arm-hyp ainvs: add valid_arch_tcb invariant (vcpu_at for tcb_vcpu)
2017-06-19 14:32:28 +10:00
db3ffbd4b6
arm-hyp abstract: fix order of VCPUSet arguments
2017-06-19 14:32:28 +10:00
4260a2c545
arm-hyp refine: new definition of valid_arch_state', with more sorries for now
...
valid_arch_state' now requires armHSCurVCPU to be a pointer to a live' vcpu
2017-06-19 14:32:28 +10:00
aa82471c17
arm-hyp refine: Invariants_H sorry free
2017-06-19 14:32:28 +10:00
1c85326bac
arm-hyp refine: new definition of valid_vcpu'
...
this introduces a more accessible definition of valid_vcpu'
2017-06-19 14:32:27 +10:00
4e90b0558f
arm-hyp refine: fixing some broken lemmas after the last batch of changes
2017-06-19 14:32:27 +10:00
b7e754bf1b
arm-hyp refine: vcpu{Switch,Save,Enable,etc}_corres + other related lemmas
2017-06-19 14:32:27 +10:00
76b02fe736
arm-hyp ainvs: Fixing StateRelation due to some renaming in abstract/haskell
2017-06-19 14:32:27 +10:00
bf8b1ebdad
arm-hyp ainvs: Fixing some proofs due to renaming
2017-06-19 14:32:27 +10:00
be3d9e7209
arm-hyp haskell: Renaming constants/records to follow abstract/haskell convention
...
* Renaming of some records to follow abstract/haskell convention
* Some duplicated constants were removed and placed in a shared
location (machine/ARM_HYP/MachineTypes.thy)
2017-06-19 14:32:27 +10:00
9fef0a9dcb
arm-hyp aspec: Renaming constants/records to follow abstract/haskell convention
...
* Renaming of some records to follow abstract/haskell convention
* Some duplicated constants were removed and placed in a shared
location (machine/ARM_HYP/MachineTypes.thy)
2017-06-19 14:32:27 +10:00
e99bd4d5f2
lib: properly defining arrayListUpdate (Fix)
2017-06-19 14:32:27 +10:00
740d606774
refine: closed the Orphanage
...
Not necessary for CRefine and better proved on the abstract spec now.
To be resurrected (on abstract) in the future.
2017-06-19 14:32:27 +10:00
75acdb3823
arm-hyp refine: add IRQReserved to state relation
2017-06-19 14:32:27 +10:00
8f8e72defa
arm-hyp haskell: add ctRunning check for vgicMaintenance
2017-06-19 14:32:27 +10:00
e2d8a0ae50
arm-hyp refine: Tcb_R sorry free
2017-06-19 14:32:27 +10:00
bc40dc4a46
arm-hyp refine: remove unused ADT_H lemma
2017-06-19 14:32:27 +10:00
e9d3c3eb54
arm-hyp: remove unused ParityEnabled in aspec; solve sorries in ADT_H
...
ParityEnabled isn't used in ARM_HYP and we had to prove its absence as
invariant, which in turn makes the abstraction function from Haskell
to abstract partial (only works when invariants hold).
This commit removes that problem by removing ParityEnabled from the
abstract spec. Updated ainv and refine as necessary.
2017-06-19 14:32:27 +10:00
cbb154f51d
arm-hyp ainvs: no_fail rules for vcpuregs_gets and vcpuregs_sets
2017-06-19 14:32:27 +10:00
4688427394
arm-hyp haskell: Small fix to vcpuSave
2017-06-19 14:32:27 +10:00
e727f3b27b
arm-hyp aspec: Small fix to vcpu_save
2017-06-19 14:32:27 +10:00
c850a8270a
lib: Adding some lemmas about init
...
* init_Snoc: init (xs @ [x]) = xs
* init_upto_enum_upt: init [0.e.n] = [0..<n]
2017-06-19 14:32:27 +10:00
e16231688d
arm-hyp aspec: (fix) Changed gicVCPUMaxNumLR from int to nat
2017-06-19 14:32:27 +10:00
61136c29fd
arm-hyp: wp_pre rebase repair
2017-06-19 14:32:27 +10:00
f33d584cac
arm-hyp refine: proof repair for spec updates
2017-06-19 14:32:26 +10:00
7cf0631ac2
arm-hyp ainvs: proof updates for abstract spec changes
...
In particular for:
- new global PD
- disable vcpu on switch to idle
- banked registers
2017-06-19 14:32:26 +10:00
a84e8dd147
ainvs: generalise as_user_cte_wp_at
2017-06-19 14:32:26 +10:00
b2d946ce4e
arm-hyp abstract: add handling of VCPU banked registers
2017-06-19 14:32:26 +10:00
364e1e7a3a
arm-hyp abstract: update sanitise_register
2017-06-19 14:32:26 +10:00
f8c44eba19
arm-hyp abstract: Use an explicitly invalid PD when there is no user one
...
Adds an arm_us_global_pd pointer pointing to a PD with only invalid entries.
2017-06-19 14:32:26 +10:00
d889cc37b7
arm-hyp abstract: Disable active VCPU when switching to the idle thread
2017-06-19 14:32:26 +10:00
8d1b696aa1
arm-hyp haskell: Use an explicitly invalid PD when there is no user one
...
Adds armUSGlobalPD pointer with no specific properties. Used in setVMRoot.
2017-06-19 14:32:26 +10:00
54999477b8
arm-hyp design: let ArchThread_H see ArchHypervisor_H
2017-06-19 14:32:26 +10:00
4839ac4ecd
arm-hyp haskell: Disable active VCPU when switching to the idle thread
2017-06-19 14:32:26 +10:00
6d037b92f6
arm-hyp design: requalify vcpureg type
2017-06-19 14:32:26 +10:00
1cffe58cb4
arm-hyp haskell: add handling of VCPU banked registers
2017-06-19 14:32:26 +10:00
9b922f0629
haskell: expose sanitiseRegister for lhs-boot imports
2017-06-19 14:32:26 +10:00
11f68df5fb
arm-hyp haskell: update sanitiseRegister
2017-06-19 14:32:26 +10:00
5a03004e2c
refine: minor cleanup
2017-06-19 14:32:26 +10:00
29abd9a19e
arm-hyp/refine: vgic maintenance updates
2017-06-19 14:32:26 +10:00
e4d8bb1d4f
arm_hyp/refine: 'getActiveIRQ in_kernel' updates
2017-06-19 14:32:26 +10:00
Gerwin Klein
Alejandro Gomez-Londono
Miki Tanaka
Gerwin Klein
Rafal Kolanski