|
1
|
1 |
theory source_prop
|
|
|
2 |
imports Main rc_theory os_rc deleted_prop obj2sobj_prop
|
|
|
3 |
begin
|
|
|
4 |
|
|
|
5 |
context tainting_s_complete begin
|
|
|
6 |
|
|
|
7 |
lemma all_sobjs_srp_init'[rule_format]:
|
|
|
8 |
"sobj \<in> all_sobjs \<Longrightarrow> \<forall> sp srp. sobj = SProc sp (Some srp) \<longrightarrow> srp \<in> init_processes"
|
|
|
9 |
apply (erule all_sobjs.induct, auto)
|
|
|
10 |
using init_proc_has_type
|
|
|
11 |
by (simp add:bidirect_in_init_def)
|
|
|
12 |
|
|
|
13 |
lemma all_sobjs_srp_init:
|
|
|
14 |
"SProc sp (Some srp) \<in> all_sobjs \<Longrightarrow> srp \<in> init_processes"
|
|
|
15 |
by (auto dest!:all_sobjs_srp_init')
|
|
|
16 |
|
|
|
17 |
(*
|
|
|
18 |
lemma tainted_sproc_srp_init:
|
|
|
19 |
"SProc sp (Some srp) \<in> tainted_s \<Longrightarrow> srp \<in> init_processes"
|
|
|
20 |
by (auto dest:tainted_s_in_all_sobjs intro:all_sobjs_srp_init) *)
|
|
|
21 |
|
|
|
22 |
lemma source_proc_of_init_remains:
|
|
|
23 |
"\<lbrakk>p \<in> init_processes; \<not> deleted (Proc p) s; valid s\<rbrakk> \<Longrightarrow> source_proc s p = Some p"
|
|
|
24 |
apply (induct s, simp)
|
|
|
25 |
apply (frule valid_cons, frule valid_os, frule not_deleted_cons_D, simp)
|
|
6
|
26 |
apply (case_tac a, auto dest:not_deleted_imp_exists)
|
|
1
|
27 |
done
|
|
|
28 |
|
|
|
29 |
lemma init_proc_keeps_source:
|
|
|
30 |
"\<lbrakk>p \<in> init_processes; \<not> deleted (Proc p) s; valid s\<rbrakk>
|
|
|
31 |
\<Longrightarrow> source_of_sobj (obj2sobj s (Proc p)) = Some (Proc p)"
|
|
|
32 |
apply (frule not_deleted_imp_exists, simp, simp only:exists.simps)
|
|
|
33 |
apply (frule current_proc_has_sproc, simp)
|
|
|
34 |
apply (clarsimp split:option.splits simp:source_proc_of_init_remains)
|
|
|
35 |
done
|
|
|
36 |
|
|
|
37 |
lemma init_file_keeps_source:
|
|
|
38 |
"\<lbrakk>f \<in> init_files; \<not> deleted (File f) s; valid s\<rbrakk>
|
|
|
39 |
\<Longrightarrow> source_of_sobj (obj2sobj s (File f)) = Some (File f)"
|
|
|
40 |
apply (frule not_deleted_imp_exists, simp, simp only:exists.simps)
|
|
|
41 |
apply (frule current_file_has_sfile, auto)
|
|
|
42 |
done
|
|
|
43 |
|
|
|
44 |
lemma init_ipc_keeps_source:
|
|
|
45 |
"\<lbrakk>i \<in> init_ipcs; \<not> deleted (IPC i) s; valid s\<rbrakk>
|
|
|
46 |
\<Longrightarrow> source_of_sobj (obj2sobj s (IPC i)) = Some (IPC i)"
|
|
|
47 |
apply (frule not_deleted_imp_exists, simp, simp only:exists.simps)
|
|
|
48 |
apply (frule current_ipc_has_sipc, auto)
|
|
|
49 |
done
|
|
|
50 |
|
|
|
51 |
lemma init_obj_keeps_source:
|
|
|
52 |
"\<lbrakk>exists [] obj; \<not> deleted obj s; valid s\<rbrakk> \<Longrightarrow> source_of_sobj (obj2sobj s obj) = Some obj"
|
|
|
53 |
apply (case_tac obj)
|
|
|
54 |
by (auto intro:init_ipc_keeps_source init_proc_keeps_source init_file_keeps_source
|
|
|
55 |
simp del:obj2sobj.simps)
|
|
|
56 |
|
|
|
57 |
end
|
|
|
58 |
|
|
|
59 |
context tainting_s_sound begin
|
|
|
60 |
|
|
|
61 |
lemma source_eq:
|
|
|
62 |
"\<lbrakk>source_of_sobj sobj = Some obj; sobj_source_eq_obj sobj obj'\<rbrakk> \<Longrightarrow> obj = obj'"
|
|
|
63 |
apply (case_tac obj, case_tac [!] sobj, case_tac [!] obj')
|
|
|
64 |
by (auto split:option.splits)
|
|
|
65 |
|
|
|
66 |
lemma proc_source_eq_prop:
|
|
|
67 |
"\<lbrakk>obj2sobj s (Proc p) = SProc sp srp; p \<in> current_procs s;
|
|
|
68 |
sobj_source_eq_obj (SProc sp srp) (Proc p); valid s\<rbrakk>
|
|
|
69 |
\<Longrightarrow> srp = Some p"
|
|
|
70 |
apply (frule current_proc_has_srp,auto split:option.splits)
|
|
|
71 |
by (case_tac "source_proc s p", simp+)
|
|
|
72 |
|
|
|
73 |
end
|
|
|
74 |
|
|
|
75 |
end |