# HG changeset patch # User chunhan # Date 1386245610 -28800 # Node ID f27ba31b7e96b27925f862931f87d52e18033baf # Parent 99af1986e1e0ae1ff99f22050fbe9beb461e3dcc no shm version diff -r 99af1986e1e0 -r f27ba31b7e96 simple_selinux/Temp.thy --- a/simple_selinux/Temp.thy Tue Dec 03 22:42:48 2013 +0800 +++ b/simple_selinux/Temp.thy Thu Dec 05 20:13:30 2013 +0800 @@ -69,9 +69,15 @@ (S_proc (pi, pctxt, fds \ {(pctxt, flags, (Created, nfsec, Some fsec, asecs \ {fsec}))}, shms) tagp) ) \ static" | S_readf: "\ss \ static; S_proc (pi,pctxt,fds,shms) tagp \ ss; (fdctxt,flags,sf) \ fds; - permission_check pctxt fdctxt C_fd P_setattr; S_file sfs tagf \ ss; sf \ sfs; - permission_check pctxt (sectxt_of_sfile sf) C_file P_read; is_read_flag flags\ + permission_check pctxt fdctxt C_fd P_setattr; S_file sf tagf \ ss; + permission_check pctxt (sectxt_of_sfile sf) C_file P_read\ \ (update_ss_shms ss (pi, pctxt,fds,shms) (tagp \ tagf)) \ static" +(*add following to locale assumptions: + \ pctxt fctxt. permission_check pctxt fctxt C_file P_read/P_write \ + permission_check pctxt pctxt C_fd P_setattr \ + search_check_s pctxt sf True; not \ sf, should be \ sf \ static \ sectxt_of_sfile sf = fctxt. + + *) | S_writef: "\ss \ static; S_proc (pi,pctxt,fds,shms) tagp \ ss; (fdctxt,flags,sf) \ fds; permission_check pctxt fdctxt C_fd P_setattr; sf \ sfs; S_file sfs tagf \ ss; permission_check pctxt (sectxt_of_sfile sf) C_file P_write; is_write_flag flags\