Clean up 'declassifyUtil' into a new module

Author: ssoelvsten

lib/DeclassifyUtil.trp

@@ -0,0 +1,110 @@
+import List
+
+let (* Mutually recursive deep declassification of tuples, lists, ... *)
+
+    (* Declassification for (most) tuples *)
+    fun declassify2 ((x,y), a, lev) =
+        ( declassifyDeep (x, a, lev)
+        , declassifyDeep (y, a, lev))
+
+    and declassify3 ((x,y,z), a, lev) =
+        ( declassifyDeep (x, a, lev)
+        , declassifyDeep (y, a, lev)
+        , declassifyDeep (z, a, lev))
+
+    and declassify4 ((x,y,z,w), a, lev) =
+        ( declassifyDeep (x, a, lev)
+        , declassifyDeep (y, a, lev)
+        , declassifyDeep (z, a, lev)
+        , declassifyDeep (w, a, lev))
+
+    and declassify5 ((x1,x2,x3,x4,x5), a, lev) =
+        ( declassifyDeep (x1, a, lev)
+        , declassifyDeep (x2, a, lev)
+        , declassifyDeep (x3, a, lev)
+        , declassifyDeep (x4, a, lev)
+        , declassifyDeep (x5, a, lev)
+        )
+
+    and declassify6 ((x1,x2,x3,x4,x5,x6), a, lev) =
+        ( declassifyDeep (x1, a, lev)
+        , declassifyDeep (x2, a, lev)
+        , declassifyDeep (x3, a, lev)
+        , declassifyDeep (x4, a, lev)
+        , declassifyDeep (x5, a, lev)
+        , declassifyDeep (x6, a, lev)
+        )
+
+    and declassify7 ((x1,x2,x3,x4,x5,x6,x7), a, lev) =
+        ( declassifyDeep (x1, a, lev)
+        , declassifyDeep (x2, a, lev)
+        , declassifyDeep (x3, a, lev)
+        , declassifyDeep (x4, a, lev)
+        , declassifyDeep (x5, a, lev)
+        , declassifyDeep (x6, a, lev)
+        , declassifyDeep (x7, a, lev)
+        )
+
+    and declassify8 ((x1,x2,x3,x4,x5,x6,x7,x8), a, lev) =
+        ( declassifyDeep (x1, a, lev)
+        , declassifyDeep (x2, a, lev)
+        , declassifyDeep (x3, a, lev)
+        , declassifyDeep (x4, a, lev)
+        , declassifyDeep (x5, a, lev)
+        , declassifyDeep (x6, a, lev)
+        , declassifyDeep (x7, a, lev)
+        , declassifyDeep (x8, a, lev)
+        )
+
+    and declassify9 ((x1,x2,x3,x4,x5,x6,x7,x8,x9), a, lev) =
+        ( declassifyDeep (x1, a, lev)
+        , declassifyDeep (x2, a, lev)
+        , declassifyDeep (x3, a, lev)
+        , declassifyDeep (x4, a, lev)
+        , declassifyDeep (x5, a, lev)
+        , declassifyDeep (x6, a, lev)
+        , declassifyDeep (x7, a, lev)
+        , declassifyDeep (x8, a, lev)
+        , declassifyDeep (x9, a, lev)
+        )
+
+    (* Declassification for lists *)
+    and declassifyList (xs, a, lev) =
+        List.map (fn x => declassifyDeep (x, a, lev) ) xs
+
+    (* TODO: Declassification of records? *)
+
+    (** Deep declassification of value `x` to `level` via the given `authority`. *)
+    and declassifyDeep (x, authority, level) =
+        let (* Declassify the blocking label before touching the value. *)
+            val _ = blockdeclto (authority, level)
+
+            (* declassification is a 2-step process:
+             *
+             * 1. We pattern match on the given value and figure out which function to apply;
+             *    this choice of the function needs to be declassified itself.
+             *
+             * 2. We proceed onto the application of the function. *)
+            val x' = declassify (x, authority, level)
+
+            val f = case x' of (_,_)               => declassify2
+                             | (_,_,_)             => declassify3
+                             | (_,_,_,_)           => declassify4
+                             | (_,_,_,_,_)         => declassify5
+                             | (_,_,_,_,_,_)       => declassify6
+                             | (_,_,_,_,_,_,_)     => declassify7
+                             | (_,_,_,_,_,_,_,_)   => declassify8
+                             | (_,_,_,_,_,_,_,_,_) => declassify9
+                             | (_::_)              => declassifyList
+                             | _                   => declassify
+
+        in f(x', authority, level)
+        end
+
+    (*--- Module ---*)
+    val DeclassifyUtil = {
+        declassifyDeep
+    }
+
+in [ ("DeclassifyUtil", DeclassifyUtil) ]
+end

lib/Makefile

@@ -6,6 +6,7 @@ build:
 	$(COMPILER) ./Number.trp -l
 	$(COMPILER) ./List.trp -l
 	$(COMPILER) ./ListPair.trp -l
+	$(COMPILER) ./DeclassifyUtil.trp -l
 	$(COMPILER) ./String.trp -l
 	$(COMPILER) ./Hash.trp -l
 	$(COMPILER) ./Unit.trp -l
@@ -14,7 +15,6 @@ build:
 	$(COMPILER) ./HashSet.trp -l
   # Old stuff, here be dragons...
 	$(COMPILER) ./timeout.trp -l
-	$(COMPILER) ./declassifyutil.trp -l
 
 clean:
 	rm -rf out

lib/README.md

@@ -6,15 +6,16 @@ reviewed rigorously rather than depend on the monitor.
 
 ## Modules
 
-- `Hash`          : Hash functions for values of all types.
-- `HashMap`       : Map from keys to values via their hash.
-- `HashSet`       : Set of elements via their hash.
-- `List`          : Operations for lists, i.e. `[]` and `x::xs`.
-- `ListPair`      : Operations for list of pairs, i.e. `(x,y)::xs`.
-- `Number`        : Operations for numbers, i.e. integer and floats.
-- `StencilVector` : Memory-efficient implementation of small (sparse) arrays.
-- `String`        : Operations for strings
-- `Unit`          : Unit testing.
+- `DeclassifyUtil` : Helper functions for declassification.
+- `Hash`           : Hash functions for values of all types.
+- `HashMap`        : Map from keys to values via their hash.
+- `HashSet`        : Set of elements via their hash.
+- `List`           : Operations for lists, i.e. `[]` and `x::xs`.
+- `ListPair`       : Operations for list of pairs, i.e. `(x,y)::xs`.
+- `Number`         : Operations for numbers, i.e. integer and floats.
+- `StencilVector`  : Memory-efficient implementation of small (sparse) arrays.
+- `String`         : Operations for strings
+- `Unit`           : Unit testing.
 
 ## How to add a new file
 

lib/declassifyutil.trp

@@ -1,4 +1,5 @@
-import declassifyutil 
+import DeclassifyUtil
+
 (* testing various corner cases of declassification *)
 let val secretAlice = 1 raisedTo `<alice;#root-integrity>`
     val secretBob = 1 raisedTo `<bob;#root-integrity>`
@@ -9,8 +10,8 @@ let val secretAlice = 1 raisedTo `<alice;#root-integrity>`
     val (a,b) = if secretAlice > 0 then (1,2) else (3,4)
     val (x,y) = if secretBob > 0 then (5,6) else (7,8)
     val _ = blockdecl authority 
-    val (a1, b1) = declassifydeep ( (a,b), aliceAuth, `{}` )
+    val (a1, b1) = DeclassifyUtil.declassifyDeep ( (a,b), aliceAuth, `{}` )
     val _ = if secretBob  > secretAlice then () else ()
 in 
     adv a1
-end
+end

tests/rt/neg/ifc/pini_d.trp

@@ -1,10 +1,10 @@
-import declassifyutil 
+import DeclassifyUtil
 import List
 
 let val x = 42 raisedTo `<alice&bob;#root-integrity>`
     val y = 100 raisedTo `<alice&bob;#root-integrity>`
     val tuple = (x,y,10)
     val ls = List.map (fn x => x) [x,y,10]
-    val z = declassifydeep (ls, authority, `{}`)
+    val z = DeclassifyUtil.declassifyDeep (ls, authority, `{}`)
 in z
 end

tests/rt/pos/ifc/decl2.trp

@@ -1,5 +1,3 @@
-import declassifyutil 
-
 let val secret = 1 raisedTo `<alice;#root-integrity>`
     val aliceAuth = attenuate (authority, `<alice;#root-integrity>`)
     (* val t = if secret > 0 then (1,2) else (3,4)  *)
@@ -8,4 +6,4 @@ let val secret = 1 raisedTo `<alice;#root-integrity>`
     val _ = pinipop c 
 in 
     adv 0
-end
+end

tests/rt/pos/ifc/pini.trp

@@ -1,5 +1,3 @@
-import declassifyutil 
-
 let val x = 42 raisedTo `<alice&bob;#root-integrity>`
     val y = 100 raisedTo `<alice&bob;#root-integrity>`