selinux: comparison Co2sobj

equal deleted inserted replaced

-:6f3ac2861978
+:ced9becf9eeb
 same_inode_files_prop6 ch2sshm_simps
 dest!:current_shm_has_sh'
 dest:is_file_in_current is_dir_in_current)
 done
+declare Product_Type.split_paired_Ex Product_Type.split_paired_All [simp del]
+lemma info_flow_shm_prop1:
+"p \<in> current_procs s \<Longrightarrow> info_flow_shm s p p"
+by (simp add:info_flow_shm_def)
 lemma co2sobj_attach:
 "\<lbrakk>valid (Attach p h flag # s); alive s obj\<rbrakk> \<Longrightarrow> co2sobj (Attach p h flag # s) obj = (
 case obj of
-O_proc p' \<Rightarrow> if (p' = p)
+O_proc p' \<Rightarrow> if (info_flow_shm s p p')
-then (case (cp2sproc (Attach p h flag # s) p) of
+then (case (cp2sproc (Attach p h flag # s) p') of
-Some sp \<Rightarrow> Some (S_proc sp (O_proc p \<in> Tainted s \<or>
+Some sp \<Rightarrow> Some (S_proc sp (O_proc p' \<in> Tainted s \<or>
-(\<exists> p'. O_proc p' \<in> Tainted s \<and> (p', SHM_RDWR) \<in> procs_of_shm s h)))
+(\<exists> p''. O_proc p'' \<in> Tainted s \<and> (p'', SHM_RDWR) \<in> procs_of_shm s h)))
 | _       \<Rightarrow> None)
-else if (\<exists> flag'. (p', flag') \<in> procs_of_shm s h)
+else if (\<exists> p'' flag'. (p'', flag') \<in> procs_of_shm s h \<and> flag = SHM_RDWR \<and> O_proc p \<in> Tainted s \<and>
+info_flow_shm s p'' p')
 then (case (cp2sproc s p') of
-Some sp \<Rightarrow> Some (S_proc sp (O_proc p' \<in> Tainted s \<or>
+Some sp \<Rightarrow> Some (S_proc sp True)
-(O_proc p \<in> Tainted s \<and> flag = SHM_RDWR)))
 | _       \<Rightarrow> None)
 else co2sobj s obj
 | _         \<Rightarrow> co2sobj s obj)"
 apply (frule vt_grant_os, frule vd_cons, case_tac obj)
 apply (simp_all add:current_files_simps is_dir_simps ch2sshm_other cq2smsgq_other tainted_eq_Tainted)
 apply (rule conjI|rule impI|erule exE)+
-apply (simp split:option.splits)
+apply (simp split:option.splits del:split_paired_Ex)
 apply (rule impI, frule current_proc_has_sp, simp)
-apply ((erule exE)+, auto simp:cp2sproc_attach tainted_eq_Tainted)[1]
+apply ((erule exE)+, auto simp:tainted_eq_Tainted intro:info_flow_shm_Tainted)[1]
-apply (rule impI|rule conjI)+
+apply (rule impI, simp add:tainted_eq_Tainted split:option.splits del:split_paired_Ex)
-apply (subgoal_tac "p \<in> current_procs (Attach p h flag # s)")
+apply (auto simp:info_flow_shm_prop1 cp2sproc_attach dest!:current_proc_has_sp')[1]
-apply (drule_tac p = p in current_proc_has_sp, simp, erule exE)
-apply (auto simp:tainted_eq_Tainted)[1]
+apply (case_tac "cp2sproc (Attach p h flag # s) nat")
-apply (simp, rule impI)
+apply (drule current_proc_has_sp', simp+)
-apply (subgoal_tac "nat \<in> current_procs (Attach p h flag # s)")
-apply (drule_tac p = nat in current_proc_has_sp, simp, erule exE)
+apply (rule conjI|erule exE|erule conjE|rule impI)+
-apply (drule_tac p = nat in current_proc_has_sp, simp, erule exE)
+apply (simp add:tainted_eq_Tainted)
-apply (auto simp:cp2sproc_attach tainted_eq_Tainted)[1]
+apply (auto simp:info_flow_shm_prop1 cp2sproc_attach intro:info_flow_shm_Tainted dest!:current_proc_has_sp')[1]
-apply simp
+apply (auto simp:info_flow_shm_prop1 cp2sproc_attach tainted_eq_Tainted intro:info_flow_shm_Tainted dest!:current_proc_has_sp'
+split:option.splits if_splits)[1]
 apply (auto split:if_splits option.splits dest!:current_file_has_sfile'
 simp:current_files_simps cf2sfiles_simps cf2sfile_simps tainted_eq_Tainted
 same_inode_files_prop6
 dest:is_file_in_current is_dir_in_current)

changeset 56	ced9becf9eeb
parent 41	db15ef2ee18c
child 65	6f9a588bcfc4