- Debug of optimization.
- Put down skeleton of new idea, related to a lemma from Niek Palm's work. This needs more investigating though.
This commit is contained in:
parent
b6806f6aaf
commit
39a2b4878c
@ -208,61 +208,77 @@ explorify (const System sys, const int run)
|
||||
flag = 0;
|
||||
|
||||
/*
|
||||
* Special check: if agents have been instantiated in such a way that no more claims need to be evaluated, then we can skip
|
||||
* further traversal.
|
||||
* Two cases: internal read or first read of a run; both are the first event of a run.
|
||||
*
|
||||
* Efficiency of the next check heavily relies on lazy L-R evaluation
|
||||
* Special checks after (implicit) choose events; always first in run reads.
|
||||
*/
|
||||
if (rd == sys->runs[run].start && rd->type == READ)
|
||||
{
|
||||
int rid;
|
||||
|
||||
if (inTermlist (sys->untrusted, agentOfRun (sys, run)))
|
||||
{
|
||||
/* this run is executed by an untrusted agent, do not explore */
|
||||
return 0;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* executed by trusted agent, but is there a claim left to explore? */
|
||||
if (sys->secrets == NULL)
|
||||
{ /* there are no remaining secrecy claims to be checked */
|
||||
Roledef rdscan;
|
||||
int rid;
|
||||
int validclaim;
|
||||
/* executed by trusted agent */
|
||||
|
||||
rid = 0;
|
||||
validclaim = 0;
|
||||
/* check for each run */
|
||||
while (rid < sys->maxruns)
|
||||
{
|
||||
/* are claims in this run evaluated anyway? */
|
||||
if (!untrustedAgent (sys, sys->runs[rid].agents))
|
||||
{ /* possibly claims to be checked in this run */
|
||||
rdscan = runPointerGet(sys, rid);
|
||||
while (rdscan != NULL)
|
||||
/* Special check 1: if agents have been instantiated in such a way that no more claims need to be evaluated, then we can skip
|
||||
* further traversal.
|
||||
*/
|
||||
if (sys->secrets == NULL)
|
||||
{ /* there are no remaining secrecy claims to be checked */
|
||||
Roledef rdscan;
|
||||
int validclaim;
|
||||
|
||||
rid = 0;
|
||||
validclaim = 0;
|
||||
/* check for each run */
|
||||
while (rid < sys->maxruns)
|
||||
{
|
||||
/* are claims in this run evaluated anyway? */
|
||||
if (!untrustedAgent (sys, sys->runs[rid].agents))
|
||||
{ /* possibly claims to be checked in this run */
|
||||
rdscan = runPointerGet(sys, rid);
|
||||
while (rdscan != NULL)
|
||||
{
|
||||
if (rdscan->type == CLAIM)
|
||||
{
|
||||
if (rdscan->type == CLAIM)
|
||||
{
|
||||
/* force abort of loop */
|
||||
validclaim = 1;
|
||||
rdscan = NULL;
|
||||
rid = sys->maxruns;
|
||||
}
|
||||
else
|
||||
{
|
||||
rdscan = rdscan->next;
|
||||
}
|
||||
/* force abort of loop */
|
||||
validclaim = 1;
|
||||
rdscan = NULL;
|
||||
rid = sys->maxruns;
|
||||
}
|
||||
else
|
||||
{
|
||||
rdscan = rdscan->next;
|
||||
}
|
||||
}
|
||||
rid++;
|
||||
}
|
||||
if (validclaim == 0)
|
||||
{ /* no valid claims, abort */
|
||||
return 0;
|
||||
}
|
||||
rid++;
|
||||
}
|
||||
if (validclaim == 0)
|
||||
{ /* no valid claims, abort */
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
/* Special check 2: if all agents in each run send only encrypted stuff, and all agents are trusted,
|
||||
* there is no way for the intruder to learn anything else than encrypted terms, so secrecy claims will not
|
||||
* be violated anymore if they contain no terms that are encrypted with such keys */
|
||||
|
||||
//!@todo For now, there is no check that the runs only send publicly encrypted stuff! Just an assumption to be made true using static analysis.
|
||||
|
||||
/*
|
||||
rid = 0;
|
||||
while (rid < sys->maxruns)
|
||||
{
|
||||
if (!untrustedAgent (sys, sys->runs[rid].agents))
|
||||
{
|
||||
}
|
||||
rid++;
|
||||
}
|
||||
*/
|
||||
}
|
||||
|
||||
/* Apparently, all is well, and we can explore further */
|
||||
if (executeStep (sys, run))
|
||||
{
|
||||
/* traverse the system after the step */
|
||||
|
Loading…
Reference in New Issue
Block a user