adbrucker/lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,298 Commits 7 Branches 0 Tags 63 MiB
4a44874a26
Commit Graph

203 Commits

Author SHA1 Message Date
Corey Lewis
02116815be proof+autocorres: update for select_wp and alternative_wp 
Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2023-08-09 16:42:01 +10:00
Gerwin Klein
0e3016251f
lib+proof: proof updates for wpc change 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-06-15 09:52:15 +10:00
Gerwin Klein
0cf64b5498
READMEs: use run_tests consistently in READMEs (#622) 
Avoid mixing `isabelle`, `make`, and `run_tests` invocations.
Standardise on `run_tests` and mention `L4V_ARCH` each time to
indicate that you can and should set `L4V_ARCH`.

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-03-30 13:59:18 +11:00
Corey Lewis
7514d9ee69
arm access+infoflow: physBase abstraction 
The example valid state is changed to correctly use both the virtual
and physical address of the shared page, instead of just the virtual
address.

Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2023-03-29 11:05:26 +11:00
Rafal Kolanski
d5fa6043cb proof: update (non-x64) for physBase-dependent defs 
Co-authored-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
Signed-off-by: Rafal Kolanski <rafal.kolanski@proofcraft.systems>
 2023-03-20 09:34:42 +11:00
Corey Lewis
a2ffb3b4f5 proof: remove is_thread_control and thread_control_target 
Instead use discriminator and selector provided by the datatype
package.

Signed-off-by: Corey Lewis <corey.lewis@proofcraft.systems>
 2023-02-14 18:33:44 +11:00
Gerwin Klein
e89813ecf2
proofs: updates for monad refactor 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-02-09 11:46:55 +11:00
Gerwin Klein
a6dee7bf17
access: constrain auto 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-02-09 11:46:52 +11:00
Gerwin Klein
2da61f7373
access: remove unused lemma 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-02-09 11:46:52 +11:00
Gerwin Klein
8791c1be22
proofs: hoare_pre_cont variable renamed 
s/hoare_pre_cont[where a=/hoare_pre_cont[where f=/

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-02-09 11:46:51 +11:00
Gerwin Klein
e3c2e878b9
lib+proof+autocorres: consolidate when[E]/unless[E]_wp naming 
wp rules for most operators such as return, get, gets are named
return_wp, get_wp, etc. Then when, whenE, unless, unlessE operators had
an additional hoare_.. prefix that this commit removes for more
consistency.

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-01-25 11:48:39 +11:00
Gerwin Klein
6dcbd4f09f
spec+proofs+autocorres: theory import fixes 
Adjust theory imports for new sessions.

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-01-24 11:30:06 +11:00
Gerwin Klein
3960115459
lib+proofs+sys-init+tools: proof updates for Fun_Pred_Syntax 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2023-01-09 14:54:11 +11:00
Ryan Barry
7aaaabf15b riscv refine+crefine+access+infoflow: update proofs 
Signed-off-by: Ryan Barry <ryan.barry@proofcraft.systems>
 2022-06-17 15:32:16 +10:00
Gerwin Klein
6c938f2a35 isabelle2021-1 riscv: Access 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2022-03-29 08:38:25 +11:00
Gerwin Klein
34d2554b7c isabelle2021-1 access: update Access session 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2022-03-29 08:38:25 +11:00
Gerwin Klein
24c0c5c390 spec+proof: use generated config constants 
This includes replacing previous ASpec names for such constants with
the names used in Haskell/ExecSpec to avoid duplication. This also
makes some of the proofs slightly more generic.

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2021-12-23 14:54:13 +11:00
Ryan Barry
72ab7cc180 various: resolve some new fixmes 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-11-12 09:39:16 +11:00
Ryan Barry
edb555382b access: strengthen integrity_asids on RISCV64 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-11-12 09:39:16 +11:00
Ryan Barry
5eb64d0b30 infoflow+access: Syscall arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-10-05 08:46:11 +11:00
Ryan Barry
255c211864 infoflow+access: CNode arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-10-05 08:46:11 +11:00
Gerwin Klein
a41eee7154 isabelle-2021 riscv: update Access 
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2021-09-30 16:53:17 +10:00
Gerwin Klein
7edf5a6b37 isabelle-2021: update Access control 
Signed-off-by: Gerwin Klein <gerwin.klein@data61.csiro.au>
 2021-09-30 16:53:17 +10:00
Gerwin Klein
81b95eb6bf READMEs: fix publication links 
PDFs and abstracts have moved to trustworthy.systems/

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2021-08-25 11:22:05 +10:00
Gerwin Klein
6fd6d6bd48 arm/arm-hyp: proof updates for Arm cache fix 
This commit updates the proofs for seL4/seL4#485, which fixes
the security and correctness bug seL4/seL4#481. The bug was that
caches are not sufficiently flushed in retype for frames that can
be mapped uncached later.

Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
 2021-08-16 16:47:10 +10:00
Ryan Barry
a99a2bf739 various: resolve some existing fixmes 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
0d53d6909f lib+ainvs+access+refine: resolve most of the new fixmes 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
1fbe4895ed access: update ARM proofs 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
cb9249cb4a riscv access: add ExampleSystem 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
9f85f6c2d2 riscv access: add proofs for ADT_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
b61aaa7ce6 riscv access: add proofs for Syscall_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
638bc490d2 riscv access: add proofs for DomainSepInv 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
c3a88fa901 riscv access: add proofs for Ipc_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
1bf9139886 riscv access: add proofs for Tcb_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
5ea4d2b6ba riscv access: add proofs for Interrupt_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
a485d26f23 riscv access: add proofs for Finalise_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
ed8971a269 riscv access: add proofs for Arch_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
cc5014240d riscv ainvs+access: add proofs for Retype_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
9478264f19 riscv access: add proofs for CNode_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
52abdf42de riscv access: add proofs for Access_AC 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Ryan Barry
16e9242665 riscv access: specify riscv access control 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-07-22 10:44:43 +10:00
Mitchell Buckley
2cf89e20c8 Cleanup some FIXMEs in AInvs and related sessions 
Mostly moving lemmas up into various lemma bucket theories. Also:
* replace cte_wp_at_eqD with cte_wp_at_norm (equal lemmas)
* pd_shifting_gen generalise pd_shifting' in 2 architectures
* remove some redundant crunch lemmas

Signed-off-by: Mitchell Buckley <Mitchell.Buckley@data61.csiro.au>
 2021-07-16 14:13:07 +10:00
Ryan Barry
c2939c771a access: move ExampleSystem 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00
Ryan Barry
bcba6594e4 aspec+access: ADT_AC arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00
Ryan Barry
f75f26ff0d aspec+access: Syscall_AC arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00
Ryan Barry
c36d6e367d access: DomainSepInv arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00
Ryan Barry
9d543d29c1 access: Ipc_AC arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00
Ryan Barry
0026b0dd34 access: Tcb_AC arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00
Ryan Barry
79799754f0 access: Interrupt_AC arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00
Ryan Barry
2f6bdeb14e access: Finalise_AC arch split 
Signed-off-by: Ryan Barry <ryan.barry@unsw.edu.au>
 2021-06-21 20:10:32 +10:00