| #
011e0845 |
|
09-Jun-2018 |
Gerwin Klein <gerwin.klein@data61.csiro.au> |
Isabelle2018: new comment syntax
(result of "isabelle update_comments <dirs>")
|
| #
b5cdf470 |
|
13-Jun-2018 |
Gerwin Klein <gerwin.klein@data61.csiro.au> |
globally use session-qualified imports; add Lib session
Session-qualified imports will be required for Isabelle2018 and help clarify
the structure of sessions in the build tree.
This commit mainly adds a new set of sessions for lib/, including a Lib
session that includes most theories in lib/ and a few separate sessions for
parts that have dependencies beyond CParser or are separate AFP sessions.
The group "lib" collects all lib/ sessions.
As a consequence, other theories should use lib/ theories by session name,
not by path, which in turns means spec and proof sessions should also refer
to each other by session name, not path, to avoid duplicate theory errors in
theory merges later.
|
| #
9e0551f5 |
|
12-Jul-2018 |
Rafal Kolanski <rafal.kolanski@nicta.com.au> |
arm-hyp: update proofs for TPIDRUR[OW]/TLS_BASE preservation
TPIDRUR[OW] registers removed from VCPU registers. Their saving now
lives in arch_c_entry_hook, which is before verified code is hit.
Relevant for verification, TPIDRURO is already handled as TLS_BASE
register, and TPIDRURW (holds IPC buffer) is saved/restored as part of
normal thread register save/restore.
|
| #
4a3d7a95 |
|
13-Jun-2018 |
Rafal Kolanski <rafal.kolanski@nicta.com.au> |
arm-hyp: update proofs for SELFOUR-584: running multiple VMs on ARM
As requested by verification, hypervisor registers are now an
enumeration-indexed array rather than individual fields. This cleans up
some of the proof. Additionally, we sweep some non-complexity under the
machine op rug: vcpu_hw_write/read_reg_ccorres is as deep as we go,
rather than specifying every operation and proving that
vcpu_hw_write seL4_VCPUReg_REG calls set_REG for every REG
I took this opportunity to clean up some arm-hyp definitions and proofs,
so some whitespace cleanup got tangled in.
|
| #
62bee91f |
|
21-Mar-2018 |
Gerwin Klein <gerwin.klein@data61.csiro.au> |
cspec/crefine: make ctcb_offset available to AUXUPD
|
| #
48b3a8b4 |
|
04-Oct-2017 |
Matthew Brecknell <Matthew.Brecknell@data61.csiro.au> |
update object and field widths for x64, and remove some magic numbers
In X64 update the following to match the C kernel:
- TCB size-bits (11).
- Endpoint size-bits (4).
- Guard bits (58).
- Message registers.
For all architectures, replace magic numbers with defined constants in
specifications, and as far as possible in proofs:
- tcb_bits in abstract spec.
- tcbBlockSizeBits, cteSizeBits, ntfnSizeBits, epSizeBits in Haskell
spec, Haskell and C refinement proofs.
|
| #
46662075 |
|
19-Apr-2017 |
Alejandro Gomez-Londono <alejandro.gomez@nicta.com.au> |
arm-hyp crefine: Adding setObject_ccorres rules for updating vcpuTCB and tcbVCPU
* New archThreadSet_tcbVCPU_Basic_ccorres for updating the
associated vcpu inside a tcb
* New setObject_vcpuTCB_Basic_ccorres for updating the
associated tcb inside a vcpu
|
| #
3c4c5f31 |
|
04-Apr-2017 |
Rafal Kolanski <rafal.kolanski@nicta.com.au> |
arm-hyp crefine: Wellformed_C deals with VCPUs
|
| #
a07a9b76 |
|
03-Apr-2017 |
Rafal Kolanski <rafal.kolanski@nicta.com.au> |
arm-hyp crefine: update ARM*. with ARM_HYP*. qualification
Found three quantification flavours styles: ARM. ARM_A. ARM_H.
Via find|sed on entire folder.
|
| #
526c9af3 |
|
03-Apr-2017 |
Rafal Kolanski <rafal.kolanski@nicta.com.au> |
arm-hyp crefine: copy from ARM
|