We initially wanted to move ucast_ucast_ppn to Kernel_Config_Lemmas. This doesn't work, because ppn is only defined in Arch_Structs_A, but it turns out that ppn_len is exactly the term `ipa_size - pageBits` that the lemma needs, so instead of moving the lemma up, we make its proof generic by providing the symbolic form of `ppn_len` instead. This still unfolds Kernel_Config.config_ARM_PA_SIZE_BITS_40, but it does so only trivially and directly where ppn_len is defined. Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems> |
||
---|---|---|
.. | ||
abstract | ||
capDL | ||
cspec | ||
design | ||
haskell | ||
machine | ||
sep-abstract | ||
take-grant | ||
Makefile | ||
README.md | ||
ROOT | ||
tests.xml |
README.md
Formal Specifications of seL4
See the sub directories for more details.
The Makefile
and ROOT
file define runnable Isabelle sessions for
these specifications.