adbrucker
/
lh-l4v
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,919 Commits 7 Branches 0 Tags 86 MiB
Commit Graph

3919 Commits

Author SHA1 Message Date
Edward Pierzchalski ba5983d22e lib: extend schematic instantiation tracer 
Adds a combinator, `trace_schematic_insts_tac`, which wraps a rule-using
tactic and reports any schematic instantiations.
 2019-08-27 16:12:06 +10:00
Edward Pierzchalski 8ffebe8f94 lib: add utilities for using options. 2019-08-27 16:12:06 +10:00
Edward Pierzchalski b0cf5638fd lib: trivial: use cartouches for ML comments. 
Useful for antiquotations.
 2019-08-27 16:12:06 +10:00
Japheth Lim 50b0f66a58 X64 CRefine: minor fixes for MCS kernel merge 
The previous commit only updated ARM and ARM_HYP; this updates X64.
 2019-08-23 15:43:25 +10:00
Japheth Lim da2081631b CRefine: minor fixes for MCS kernel merge 
We need to make small adjustments because the kernel will see minor
changes to variable initialisation, even in the non-MCS build.
 2019-08-22 11:22:29 +10:00
Japheth Lim e5e4f23ca2 CamkesAdlSpec: tag Wellformed_CAMKES conditions 
Checking an ill-formed spec can now yield a list of annotated
failures, rather than leaving a mess (or worse, just `1. False`).
 2019-08-21 14:23:28 +10:00
Japheth Lim 2c3b4c24fc CamkesCdlRefine, Lib: add debug tag for integrity policy 
This tags each generated policy goal with the object and cap that
led to that goal.

We create a new constant `generic_tag` in Lib for this purpose.
 2019-08-21 14:23:22 +10:00
Edward Pierzchalski 31d5c1c70e cspec: Add feature selection variable. 
Adds an 'L4V_FEATURES' variable which can be used to select different
CMake configurations for seL4. This makes it easier to build and test
alternative configurations (like MCS).
 2019-08-12 16:22:41 +10:00
Edward Pierzchalski f6599e9ce3 docs: update mlton-compiler instructions. 
Move `mlton-compiler` to the end of the apt-get list so it's easier for
a user to leave it off.

Point the user to the mlton website when installing on Debian Buster,
since there's no maintained mlton package for that distribution.
 2019-08-09 16:02:26 +10:00
Edward Pierzchalski 03411f7bdb docs: add python3 installation dependencies. 
seL4 and L4V are migrating to python 3 given the upcoming end of python
2's support. Until we've rooted out all the old scripts, we recommend
installing both systems.
 2019-08-05 17:05:25 +10:00
Rafal Kolanski 5e2f9bd83b ainvs: shorten proof of unique_table_refs_upd_eqD 2019-07-31 16:56:29 +10:00
Rafal Kolanski 95859fd47c license+gitignore: ignore stack.yaml.lock 
Contrary to its name, this is not a lock file, contains versions used
to build things, and does not go away. I have been informed this is the
industry standard.
 2019-07-31 16:56:29 +10:00
Gerwin Klein bcfefb359b riscv ainvs cleanup: remove unused crunches 2019-07-31 16:56:29 +10:00
Gerwin Klein cf168e2714 riscv ainvs: update cartouches to Isabelle2019 style 2019-07-31 16:56:29 +10:00
Gerwin Klein f29e73bc58 lib: move more facts on Numeral_Type from invariant proofs into lib 2019-07-31 16:56:29 +10:00
Gerwin Klein a1dca67543 riscv aspec/ainvs: resolve FIXMEs, reduce warnings 
Mostly moved lemmas and definitions to more suitable locations.
Removed unused lemmas and commented-out code.
Resolved simple Isabelle warnings.
 2019-07-31 16:56:26 +10:00
Gerwin Klein f8dc660baf riscv aspec/ainvs: move init_vspace_uses and canonical_user to spec 
Needed to define an initial state that satisfies invariants.
 2019-07-31 16:55:32 +10:00
Rafal Kolanski 56bbcb3b41 riscv ainvs: remove unused store_pte_equal_kernel_mappings 2019-07-31 16:55:32 +10:00
Gerwin Klein ab4b3b17c6 refine: adjustments for global None_upd_eq[simp] 2019-07-31 16:55:32 +10:00
Gerwin Klein 06010ef565 ainvs: adjustments for global None_upd_eq[simp] 2019-07-31 16:55:32 +10:00
Gerwin Klein d7bce104a7 drefine: adjust for arch-decode interface strengthening 2019-07-31 16:55:32 +10:00
Gerwin Klein 0c9c594026 ainvs: adjustments for stronger ArchFinalise interface assumptions 2019-07-31 16:55:32 +10:00
Gerwin Klein cf2a4d2743 riscv ainvs: cleanup in crunch setup and invariant definitions 2019-07-31 16:55:32 +10:00
Gerwin Klein 3369b33431 riscv ainvs cleanup: remove unused lemma 2019-07-31 16:55:32 +10:00
Gerwin Klein 29f5ac319c riscv ainvs: the sound of the last lemma fitting perfectly 2019-07-31 16:55:32 +10:00
Gerwin Klein 7440b7b7a4 riscv ainvs: close sorry for perform_page_table_invocation 2019-07-31 16:55:32 +10:00
Gerwin Klein 9acd6b2729 riscv ainvs: slightly tighten store_pte precondition for valid_vs_lookup 2019-07-31 16:55:32 +10:00
Gerwin Klein 519b672d08 riscv aspec bugfix: need to check vaddr alignment for PT-map 2019-07-31 16:55:32 +10:00
Gerwin Klein e77f11da9e riscv ainvs: close sorries on PageTableUnmap invocation 2019-07-31 16:55:32 +10:00
Gerwin Klein 0feb5c1a1e riscv aspec: add check for top-level PT in PT unmap decode 
See also SELFOUR-2158
 2019-07-31 16:55:32 +10:00
Gerwin Klein 3e5c0b7cf5 ainvs: provide real_cte assumption for arch decode functions 2019-07-31 16:55:32 +10:00
Gerwin Klein 55ed773c49 riscv ainvs: fix comment 2019-07-31 16:55:32 +10:00
Gerwin Klein e4f7e4676a riscv ainvs: close perform_pg_inv_unmap, remove unused unmap lemmas 2019-07-31 16:55:32 +10:00
Gerwin Klein 67e4d89ca2 riscv ainvs: close mapM sorry in ArchVSpace 2019-07-31 16:55:32 +10:00
Gerwin Klein 4a73ad6ef1 riscv ainvs: cleanup tweak for store_pte_invs 2019-07-31 16:55:32 +10:00
Gerwin Klein af6e0765c5 riscv aspec+ainvs: spec bugfix for arch_finalise_cap; finish ArchFinalise 2019-07-31 16:55:32 +10:00
Rafal Kolanski 366fb4988f riscv ainvs: remove unused/duplicate store_pte lemmas 
New proofs of invariant preservation over store_pte supersede old and
broken ones.
 2019-07-31 16:55:32 +10:00
Rafal Kolanski 8b1bb46293 riscv ainvs: preservation of invs over store_pte 
Proofs for valid_vspace_objs and valid_vs_lookup are rather repetitive
and could use extraction of a common principle involving vs_lookup_table
over an updated state.
 2019-07-31 16:55:32 +10:00
Rafal Kolanski 48e52e4ab9 riscv ainvs: sorry store_pte_valid_vspace_objs 
remove its dependency, rename to _FIXME_RISCV for further inspection,
remove from wp set
 2019-07-31 16:55:32 +10:00
Rafal Kolanski 34f901ec39 riscv ainvs: prove store_pte_PageTablePTE_valid_vspace_objs 
There is room to extract a property of vs_lookup_table on an updated
state, but for now the manipulation is done inline.

We needed an extra restriction that we do not introduce a loop by adding
a PTE to an empty table that would point to itself.
 2019-07-31 16:55:32 +10:00
Gerwin Klein 82df777dd7 riscv aspec: fix spec bug in pt_lookup_from_level 
This spec bug was inspired by slightly differently but similarly wrong C code
(SELFOUR-2091). Current change brings it into sync with the (correct, we think)
C. Proof update included.
 2019-07-31 16:55:32 +10:00
Gerwin Klein 0603b7d57c riscv ainvs: adjust frame invocation conditions; prove decode 2019-07-31 16:55:32 +10:00
Gerwin Klein ea334dc044 riscv ainvs: cleanup, combine unique_vs_lookup_table/no_loop_vs_lookup_table 
Prove the same for vs_lookup_slot, moving up lemmas and global_pt abbreviation
from ArchVSpace.
 2019-07-31 16:55:32 +10:00
Rafal Kolanski f443145e9c riscv ainvs: more vs_lookup_target/table properties 2019-07-31 16:55:32 +10:00
Gerwin Klein e46c7403fc riscv ainvs: reduce ArchArch to page invocation decode 2019-07-31 16:55:32 +10:00
Gerwin Klein 7a712d9d53 riscv ainvs: close 2 more sorries in ArchFinalise 2019-07-31 16:55:32 +10:00
Gerwin Klein faa124c6a1 riscv ainvs: clean out unused and vcpu-related lemmas 2019-07-31 16:55:32 +10:00
Gerwin Klein c08668c165 riscv ainvs: prove empty_slot invs in ArchFinalise_AI 2019-07-31 16:55:32 +10:00
Gerwin Klein 06f59c5f32 riscv ainvs: remove unused lemmas in ArchFinalise_AI 2019-07-31 16:55:32 +10:00
Gerwin Klein cc02bb366c riscv ainvs: close 4 asid_table sorries in ArchFinalise 2019-07-31 16:55:32 +10:00