Mercurial Mercurial > hg > selinux / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
no_shm_selinux/Enrich2.thy
changeset 88 e832378a2ff2
parent 87 8d18cfc845dd
child 89 ded3f83f6cb9
equal deleted inserted replaced
87:8d18cfc845dd 88:e832378a2ff2 
     1 theory Enrich
 
     1 theory Enrich2
 
     2 imports Main Flask Static Init_prop Valid_prop Tainted_prop Delete_prop Co2sobj_prop S2ss_prop S2ss_prop2
 
     2 imports Main Flask Static Init_prop Valid_prop Tainted_prop Delete_prop Co2sobj_prop S2ss_prop S2ss_prop2
 
     3  Temp Enrich Proc_fd_of_file_prop
 
     3  Temp Enrich Proc_fd_of_file_prop
 
     4 begin
 
     4 begin
 
     5 
     5 
     6 context tainting_s begin
 
     6 context tainting_s begin
 
     7 
       
     8 
     7 
     9 fun enrich_msgq :: "t_state \<Rightarrow> t_msgq \<Rightarrow> t_msgq \<Rightarrow> t_state"
 
     8 fun enrich_msgq :: "t_state \<Rightarrow> t_msgq \<Rightarrow> t_msgq \<Rightarrow> t_state"
 
    10 where
 
     9 where
 
    11   "enrich_msgq [] tq dq = []"
 
    10   "enrich_msgq [] tq dq = []"
 
    12 | "enrich_msgq (CreateMsgq p q # s) tq dq = 
    11 | "enrich_msgq (CreateMsgq p q # s) tq dq = 
    21     (if (tq = q) 
    20     (if (tq = q) 
    22      then (RecvMsg p dq m # RecvMsg p q m # (enrich_msgq s tq dq))
 
    21      then (RecvMsg p dq m # RecvMsg p q m # (enrich_msgq s tq dq))
 
    23      else RecvMsg p q m # (enrich_msgq s tq dq))"
 
    22      else RecvMsg p q m # (enrich_msgq s tq dq))"
 
    24 | "enrich_msgq (e # s) tq dq = e # (enrich_msgq s tq dq)"
 
    23 | "enrich_msgq (e # s) tq dq = e # (enrich_msgq s tq dq)"
 
    25 
    24 
    26 
    25 lemma enrich_msgq_duq_in:
 
       
    26   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    27    \<Longrightarrow> q' \<in> current_msgqs (enrich_msgq s q q')"
 
       
    28 apply (induct s, simp)
 
       
    29 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
    30 apply auto
 
       
    31 done
 
       
    32 
       
    33 lemma enrich_msgq_duq_sms:
 
       
    34   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    35    \<Longrightarrow> msgs_of_queue (enrich_msgq s q q') q' = msgs_of_queue s q"
 
       
    36 apply (induct s, simp)
 
       
    37 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
    38 apply auto
 
       
    39 done
 
       
    40 
       
    41 lemma enrich_msgq_cur_inof:
 
       
    42   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    43    \<Longrightarrow> inum_of_file (enrich_msgq s q q') f = inum_of_file s f"
 
       
    44 apply (induct s arbitrary:f, simp)
 
       
    45 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
    46 apply (auto split:option.splits)
 
       
    47 done
 
       
    48 
       
    49 lemma enrich_msgq_cur_inos:
 
       
    50   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    51    \<Longrightarrow> inum_of_socket (enrich_msgq s q q') = inum_of_socket s"
 
       
    52 apply (rule ext)
 
       
    53 apply (induct s, simp)
 
       
    54 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
    55 apply (auto split:option.splits)
 
       
    56 done
 
       
    57 
       
    58 lemma enrich_msgq_cur_inos':
 
       
    59   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    60    \<Longrightarrow> inum_of_socket (enrich_msgq s q q') sock = inum_of_socket s sock"
 
       
    61 apply (simp add:enrich_msgq_cur_inos)
 
       
    62 done
 
       
    63 
       
    64 lemma enrich_msgq_cur_inums:
 
       
    65   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    66    \<Longrightarrow> current_inode_nums (enrich_msgq s q q') = current_inode_nums s"
 
       
    67 apply (auto simp:current_inode_nums_def current_file_inums_def 
       
    68   current_sock_inums_def enrich_msgq_cur_inof enrich_msgq_cur_inos)
 
       
    69 done
 
       
    70 
       
    71 lemma enrich_msgq_cur_itag:
 
       
    72   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    73    \<Longrightarrow> itag_of_inum (enrich_msgq s q q') = itag_of_inum s"
 
       
    74 apply (rule ext)
 
       
    75 apply (induct s, simp)
 
       
    76 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
    77 apply (auto split:option.splits t_socket_type.splits)
 
       
    78 done
 
       
    79 
       
    80 lemma enrich_msgq_cur_tcps:
 
       
    81   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    82    \<Longrightarrow> is_tcp_sock (enrich_msgq s q q') = is_tcp_sock s"
 
       
    83 apply (rule ext)
 
       
    84 apply (auto simp:is_tcp_sock_def enrich_msgq_cur_itag enrich_msgq_cur_inos
 
       
    85   split:option.splits t_inode_tag.splits)
 
       
    86 done
 
       
    87 
       
    88 lemma enrich_msgq_cur_udps:
 
       
    89   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    90    \<Longrightarrow> is_udp_sock (enrich_msgq s q q') = is_udp_sock s"
 
       
    91 apply (rule ext)
 
       
    92 apply (auto simp:is_udp_sock_def enrich_msgq_cur_itag enrich_msgq_cur_inos
 
       
    93   split:option.splits t_inode_tag.splits)
 
       
    94 done
 
       
    95 
       
    96 lemma enrich_msgq_cur_msgqs:
 
       
    97   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
    98    \<Longrightarrow> current_msgqs (enrich_msgq s q q') = current_msgqs s \<union> {q'}"
 
       
    99 apply (induct s, simp)
 
       
   100 apply (frule vt_grant_os, frule vd_cons)
 
       
   101 apply (case_tac a, auto)
 
       
   102 done
 
       
   103 
       
   104 lemma enrich_msgq_cur_msgs:
 
       
   105   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   106    \<Longrightarrow> msgs_of_queue (enrich_msgq s q q') =  (msgs_of_queue s) (q' := msgs_of_queue s q)"
 
       
   107 apply (rule ext, simp, rule conjI, rule impI)
 
       
   108 apply (simp add:enrich_msgq_duq_sms)
 
       
   109 apply (rule impI)
 
       
   110 apply (induct s, simp)
 
       
   111 apply (frule vt_grant_os, frule vd_cons)
 
       
   112 apply (case_tac a, auto)
 
       
   113 done
 
       
   114 
       
   115 lemma enrich_msgq_cur_procs:
 
       
   116   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   117    \<Longrightarrow> current_procs (enrich_msgq s q q') = current_procs s"
 
       
   118 apply (induct s, simp)
 
       
   119 apply (frule vt_grant_os, frule vd_cons)
 
       
   120 apply (case_tac a, auto)
 
       
   121 done
 
       
   122   
       
   123 lemma enrich_msgq_cur_files:
 
       
   124   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   125    \<Longrightarrow> current_files (enrich_msgq s q q') = current_files s"
 
       
   126 apply (auto simp:current_files_def)
 
       
   127 apply (simp add:enrich_msgq_cur_inof)+
 
       
   128 done
 
       
   129 
       
   130 lemma enrich_msgq_cur_fds:
 
       
   131   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   132    \<Longrightarrow> current_proc_fds (enrich_msgq s q q') = current_proc_fds s"
 
       
   133 apply (induct s, simp)
 
       
   134 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
   135 apply auto
 
       
   136 done
 
       
   137 
       
   138 lemma enrich_msgq_filefd:
 
       
   139   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   140    \<Longrightarrow> file_of_proc_fd (enrich_msgq s q q') = file_of_proc_fd s"
 
       
   141 apply (rule ext, rule ext)
 
       
   142 apply (induct s, simp)
 
       
   143 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
   144 apply auto
 
       
   145 done
 
       
   146 
       
   147 lemma enrich_msgq_flagfd:
 
       
   148   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   149    \<Longrightarrow> flags_of_proc_fd (enrich_msgq s q q') = flags_of_proc_fd s"
 
       
   150 apply (rule ext, rule ext)
 
       
   151 apply (induct s, simp)
 
       
   152 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
   153 apply auto
 
       
   154 done
 
       
   155 
       
   156 lemma enrich_msgq_proc_fds:
 
       
   157   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   158    \<Longrightarrow> proc_file_fds (enrich_msgq s q q') = proc_file_fds s"
 
       
   159 apply (auto simp:proc_file_fds_def enrich_msgq_filefd)
 
       
   160 done
 
       
   161 
       
   162 lemma enrich_msgq_hungs:
 
       
   163   "\<lbrakk>no_del_event s; valid s\<rbrakk>
 
       
   164    \<Longrightarrow> files_hung_by_del (enrich_msgq s q q') = files_hung_by_del s"
 
       
   165 apply (induct s, simp)
 
       
   166 apply (frule vt_grant_os, frule vd_cons, case_tac a)
 
       
   167 apply (auto simp:files_hung_by_del.simps)
 
       
   168 done
 
       
   169   
       
   170 lemma enrich_msgq_is_file:
 
       
   171   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   172    \<Longrightarrow> is_file (enrich_msgq s q q') = is_file s"
 
       
   173 apply (rule ext)
 
       
   174 apply (auto simp add:is_file_def enrich_msgq_cur_itag enrich_msgq_cur_inof
 
       
   175   split:option.splits t_inode_tag.splits)
 
       
   176 done
 
       
   177 
       
   178 lemma enrich_msgq_is_dir:
 
       
   179   "\<lbrakk>q' \<notin> current_msgqs s; q \<in> current_msgqs s; no_del_event s; valid s\<rbrakk>
 
       
   180    \<Longrightarrow> is_dir (enrich_msgq s q q') = is_dir s"
 
       
   181 apply (rule ext)
 
       
   182 apply (auto simp add:is_dir_def enrich_msgq_cur_itag enrich_msgq_cur_inof
 
       
   183   split:option.splits t_inode_tag.splits)
 
       
   184 done
 
       
   185 
       
   186 lemma enrich_msgq_alive:
 
       
   187   "\<lbrakk>alive s obj; valid s; q \<in> current_msgqs s; q' \<notin> current_msgqs s; no_del_event s\<rbrakk>
 
       
   188    \<Longrightarrow> alive (enrich_msgq s q q') obj"
 
       
   189 apply (case_tac obj)
 
       
   190 apply (simp_all add:enrich_msgq_is_file enrich_msgq_is_dir enrich_msgq_cur_msgqs 
       
   191   enrich_msgq_cur_msgs enrich_msgq_cur_procs enrich_msgq_cur_fds
 
       
   192   enrich_msgq_cur_tcps enrich_msgq_cur_udps)
 
       
   193 apply (rule impI, simp)
 
       
   194 done
 
       
   195 
       
   196 lemma enrich_msgq_alive':
 
       
   197   "\<lbrakk>alive (enrich_msgq s q q') obj; valid s; q \<in> current_msgqs s; q' \<notin> current_msgqs s; no_del_event s\<rbrakk>
 
       
   198    \<Longrightarrow> alive s obj \<or> obj = O_msgq q' \<or> (\<exists> m. obj = O_msg q' m \<and> alive s (O_msg q m))"
 
       
   199 apply (case_tac obj)
 
       
   200 apply (simp_all add:enrich_msgq_is_file enrich_msgq_is_dir enrich_msgq_cur_msgqs 
       
   201   enrich_msgq_cur_msgs enrich_msgq_cur_procs enrich_msgq_cur_fds
 
       
   202   enrich_msgq_cur_tcps enrich_msgq_cur_udps)
 
       
   203 apply (auto split:if_splits)
 
       
   204 done
 
    27 
   205 
    28 (* enrich s target_proc duplicated_pro *)
 
   206 (* enrich s target_proc duplicated_pro *)
 
    29 fun enrich_proc :: "t_state \<Rightarrow> t_process \<Rightarrow> t_process \<Rightarrow> t_state"
 
   207 fun enrich_proc :: "t_state \<Rightarrow> t_process \<Rightarrow> t_process \<Rightarrow> t_state"
 
    30 where 
   208 where 
    31   "enrich_proc [] tp dp = []"
 
   209   "enrich_proc [] tp dp = []"
 
    43      else Open p f flags fd opt # (enrich_proc s tp dp))"
 
   221      else Open p f flags fd opt # (enrich_proc s tp dp))"
 
    44 | "enrich_proc (ReadFile p fd # s) tp dp = (
 
   222 | "enrich_proc (ReadFile p fd # s) tp dp = (
 
    45      if (tp = p) 
   223      if (tp = p) 
    46      then ReadFile dp fd # ReadFile p fd # (enrich_proc s tp dp)
 
   224      then ReadFile dp fd # ReadFile p fd # (enrich_proc s tp dp)
 
    47      else ReadFile p fd # (enrich_proc s tp dp))"
 
   225      else ReadFile p fd # (enrich_proc s tp dp))"
 
       
   226 | "enrich_proc (RecvMsg p q m # s) tp dp = (
 
       
   227      if (tp = p) 
       
   228      then let dq = new_msgq (enrich_proc s tp dp) in
 
       
   229           RecvMsg dp dq m # RecvMsg p q m # (enrich_msgq (enrich_proc s tp dp) q dq)
 
       
   230      else RecvMsg p q m # (enrich_proc s tp dp))"
 
    48 (*
 
   231 (*
 
    49 | "enrich_proc (CloseFd p fd # s) tp dp = (
 
   232 | "enrich_proc (CloseFd p fd # s) tp dp = (
 
    50      if (tp = p \<and> fd \<in> proc_file_fds s p)
 
   233      if (tp = p \<and> fd \<in> proc_file_fds s p)
 
    51      then CloseFd dp fd # CloseFd p fd # (enrich_proc s tp dp)
 
   234      then CloseFd dp fd # CloseFd p fd # (enrich_proc s tp dp)
 
    52      else CloseFd p fd # (enrich_proc s tp dp))"
 
   235      else CloseFd p fd # (enrich_proc s tp dp))"
 
  1272     sorry
 
  1455     sorry
 
  1273   ultimately show ?case using vd_enrich_cons
 
  1456   ultimately show ?case using vd_enrich_cons
 
  1274     by simp
 
  1457     by simp
 
  1275 qed
 
  1458 qed
 
  1276   
  1459   
       
  1460 lemma enrich_proc_s2ss:
 
       
  1461   "\<lbrakk>valid s; is_created_proc s p; p' \<notin> all_procs s\<rbrakk> \<Longrightarrow> s2ss (enrich_proc s p p') = s2ss s"
 
  1277 
  1462 
  1278 lemma enrich_proc_valid:
 
  1463 lemma enrich_proc_valid:
 
  1279   "\<lbrakk>valid s; is_created_proc s p; p' \<notin> all_procs s\<rbrakk> \<Longrightarrow> valid (enrich_proc s p p')"
 
  1464   "\<lbrakk>valid s; is_created_proc s p; p' \<notin> all_procs s\<rbrakk> \<Longrightarrow> valid (enrich_proc s p p')"
 
  1280 by (auto dest:enrich_proc_prop)
 
  1465 by (auto dest:enrich_proc_prop)
 
  1281 
  1466
selinux