search

evincarofautumn / Ward

A static analysis tool for C.
Other
26 stars 2 forks source link

Config file for permission relationships #1

Closed evincarofautumn closed 7 years ago

evincarofautumn commented 7 years ago

Re. https://github.com/mono/mono/pull/4529#issuecomment-286562418 and https://github.com/mono/mono/pull/4529#issuecomment-286566710, we want a way to specify how permissions are related. I propose adding a --config=<path> / -C<path> option, which reads a config file consisting of a series of declarations, each of which defines a permission or a relationship between permissions.

<config> ::= <decl>*
<decl> ::= <name> ("->" <expr>)? <desc>? ";"
<expr> ::= <or-expr>
<or-expr> ::= <and-expr> ("|" <and-expr>)*
<and-expr> ::= <term> ("&" <term>)*
<term> ::= <name> | "!" <term> | "(" <expr> ")"
<name> ::= /^[A-Za-z_][0-9A-Za-z_]*$/
<desc> ::= /^"([^"\\]|\\[\\"])*"$/

For example, suppose the foo lock can only be taken when the bar lock is held and the baz lock is not held.

lock_foo; foo_locked;
lock_bar; bar_locked;
lock_baz; baz_locked;

lock_foo -> bar_locked & !baz_locked;

Now checking need(lock_foo) also implies checking need(bar_locked) and deny(baz_locked).

When a config file is specified, use of a permission not declared in the config is an error, rather than implicitly creating the permission.

evincarofautumn commented 7 years ago

The logic of restrictions is pretty straightforward:

Disjunction is a bit more complicated, and maybe not even useful, so I think it’s low-priority to implement.

@lambdageek, would you look this over and let me know if it’s cromulent?