selinux: simple_selinux/Tainted_prop.thy@b7fd75d104bf (annotated)

74 271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	1	theory Tainted_prop
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	2	imports Main Flask Flask_type Init_prop Current_files_prop Current_sockets_prop Delete_prop Proc_fd_of_file_prop Current_prop Alive_prop
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	3	begin
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	4
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	5	ML {quick_and_dirty := true}
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	6
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	7	context tainting begin
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	8
75 99af1986e1e0 update chunhan parents: 74 diff changeset	9	lemma valid_tainted_obj:
99af1986e1e0 update chunhan parents: 74 diff changeset	10	"\<lbrakk>obj \<in> tainted s; valid s\<rbrakk> \<Longrightarrow> (\<forall> f. obj \<noteq> O_dir f) \<and> (\<forall> q. obj \<noteq> O_msgq q) \<and> (\<forall> p fd. obj \<noteq> O_fd p fd) \<and> (\<forall> s. obj \<noteq> O_tcp_sock s) \<and> (\<forall> s. obj \<noteq> O_udp_sock s)"
99af1986e1e0 update chunhan parents: 74 diff changeset	11	apply (induct s, simp)
99af1986e1e0 update chunhan parents: 74 diff changeset	12	apply (drule seeds_in_init, case_tac obj, simp+)
74 271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	13	apply (frule vd_cons, frule vt_grant_os, case_tac a)
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	14	apply (auto split:if_splits option.splits)
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	15	done
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	16
75 99af1986e1e0 update chunhan parents: 74 diff changeset	17	lemma dir_not_tainted: "\<lbrakk>O_dir f \<in> tainted s; valid s\<rbrakk> \<Longrightarrow> False"
99af1986e1e0 update chunhan parents: 74 diff changeset	18	by (auto dest!:valid_tainted_obj)
99af1986e1e0 update chunhan parents: 74 diff changeset	19
99af1986e1e0 update chunhan parents: 74 diff changeset	20	lemma msgq_not_tainted: "\<lbrakk>O_msgq q \<in> tainted s; valid s\<rbrakk> \<Longrightarrow> False"
99af1986e1e0 update chunhan parents: 74 diff changeset	21	by (auto dest:valid_tainted_obj)
99af1986e1e0 update chunhan parents: 74 diff changeset	22
99af1986e1e0 update chunhan parents: 74 diff changeset	23	lemma tainted_in_current:
99af1986e1e0 update chunhan parents: 74 diff changeset	24	"\<lbrakk>obj \<in> tainted s; valid s\<rbrakk> \<Longrightarrow> alive s obj"
74 271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	25	apply (induct s, simp)
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	26	apply (drule seeds_in_init, case_tac obj, simp_all add:is_file_nil)
75 99af1986e1e0 update chunhan parents: 74 diff changeset	27	apply (frule vd_cons, frule valid_tainted_obj, simp, frule vt_grant_os, case_tac a)
99af1986e1e0 update chunhan parents: 74 diff changeset	28	apply (auto simp:alive_simps split:if_splits option.splits t_object.splits intro:file_of_pfd_is_file)
74 271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	29	done
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	30
75 99af1986e1e0 update chunhan parents: 74 diff changeset	31	lemma tainted_proc_in_current:
99af1986e1e0 update chunhan parents: 74 diff changeset	32	"\<lbrakk>O_proc p \<in> tainted s; valid s\<rbrakk> \<Longrightarrow> p \<in> current_procs s"
99af1986e1e0 update chunhan parents: 74 diff changeset	33	by (drule tainted_in_current, simp+)
74 271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	34
75 99af1986e1e0 update chunhan parents: 74 diff changeset	35	lemma t_remain: "\<lbrakk>obj \<in> tainted s; valid (e # s); alive (e # s) obj\<rbrakk>
99af1986e1e0 update chunhan parents: 74 diff changeset	36	\<Longrightarrow> obj \<in> tainted (e # s)"
99af1986e1e0 update chunhan parents: 74 diff changeset	37	apply (frule vd_cons, frule vt_grant_os, case_tac e)
99af1986e1e0 update chunhan parents: 74 diff changeset	38	apply (auto simp:alive_simps split:option.splits if_splits)
74 271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	39	done
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	40
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	41	lemma t_remain_app:
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	42	"\<lbrakk>obj \<in> tainted s; \<not> deleted obj (s' @ s); valid (s' @ s)\<rbrakk>
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	43	\<Longrightarrow> obj \<in> tainted (s' @ s)"
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	44	apply (induct s', simp)
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	45	apply (simp (no_asm) only:cons_app_simp_aux, rule t_remain)
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	46	apply (simp_all add:not_deleted_cons_D vd_cons)
75 99af1986e1e0 update chunhan parents: 74 diff changeset	47	apply (drule tainted_in_current)
99af1986e1e0 update chunhan parents: 74 diff changeset	48	apply (simp add:vd_cons)
99af1986e1e0 update chunhan parents: 74 diff changeset	49	apply (simp add:not_deleted_imp_alive_cons)
74 271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	50	done
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	51
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	52
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	53
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	54	end
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	55
271e9818b6f6 remove shm and linkhard, make a simplified version of selinux chunhan parents: diff changeset	56	end

author	chunhan
	Thu, 16 Jan 2014 11:04:04 +0800
changeset 95	b7fd75d104bf
parent 75	99af1986e1e0
permissions	-rw-r--r--