Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* start * make type-check * backup * fix syntax errors * establish necessary precondition of DecodeFromBytes * remove TODOs * backup * move on with proof obligations * verify packSCMP; reinstate TODO()s for doing the proof step by step * backup * backup * fix parse and type errors * fix packscmp * backup * backup * kill branches for now * backup * backup * remove files pushed by mistake * del file * fix verification error * change comment format * backup * reset changes to scion_spec.gobra * continue making progress * backup * simplify spec * backup * non-termination again * backup * packSCMP Continued (#373) * fix missing precondition for packSCMP * progress scmp * further progress * further scmp fixes * fix syntax error and strengthen spec of erros.Is function * fix verification error * fix verification errors in process() * drop last scmp assumption * fix verification errors in process() * add missing postconditions to resolveInbound * fix p.d permissions * remove wrong precondition from validateEgressUp() * clean up * feedback * Update router/dataplane.go --------- Co-authored-by: João Pereira <[email protected]> * Move ownership of underlying slice of `SerializableBuffer` to outside of `Mem()` (#374) * fix missing precondition for packSCMP * progress scmp * further progress * further scmp fixes * fix syntax error and strengthen spec of erros.Is function * fix verification error * fix verification errors in process() * drop last scmp assumption * fix verification errors in process() * add missing postconditions to resolveInbound * fix p.d permissions * save * remove wrong precondition from validateEgressUp() * clean up * feedback * change dependencies to new buffer approach * remove buffWithFullPerm flag from scionPacketProcessor * fix verification errors * fix permission mistake * Apply suggestions from code review Co-authored-by: João Pereira <[email protected]> * pass underlying buffer slice to prepareSCMP * remove deep ownership of buffer slice in message * fix verification error in run * fix injectivity issue in run() and verification error in newPacketProcessor * different trigger * proves injectivity for message buffer directly without sets * test: remove unnecessary invariants in run() * improvements to injectivity lemma for messages * introduce new lemma PermsImplyIneq() * fixed missing preconditions * minor fixes and feedback * fix verification error * fmt --------- Co-authored-by: João Pereira <[email protected]> --------- Co-authored-by: Markus Limbeck <[email protected]>
- Loading branch information