Modref equality in capability guards fail equality check
sirlensalot opened this issue · 2 comments
sirlensalot commented
Issue description
Using modrefs in capability guards fails when trying to require the cap because the equality check for the modref value fails.
Steps to reproduce/Expected behavior
The following test should succeed but fails in the success case.
(interface ops
(defun op1:bool (a:string b:integer))
(defun op2:bool (c:string d:bool))
)
(module caller G
(defcap G () true)
(defschema dep
callee:module{ops})
(deftable deps:{dep})
(defcap OP1 (a:string b:integer m:module{ops})
@managed
true)
(defcap OP2 (c:string d:bool m:module{ops})
@managed
true)
(defun op1-guard (a:string b:integer m:module{ops})
(create-capability-guard (OP1 a b m)))
(defun op2-guard (c:string d:bool m:module{ops})
(create-capability-guard (OP2 c d m)))
(defun callees:[module{ops}] ()
(map (compose (read deps) (at 'callee)) (keys deps)))
(defun call-op1 (a:string b:integer)
(map (lambda (m:module{ops})
(install-capability (OP1 a b m))
(with-capability (OP1 a b m)
(m::op1 a b)))
(callees)))
(defun call-op2 (c:string d:bool)
(map (lambda (m:module{ops})
(install-capability (OP2 c d m))
(with-capability (OP2 c d m)
(m::op2 c d)))
(callees)))
)
(create-table deps)
(module callee-A G
(defcap G () true)
(implements ops)
(defun op1:bool (a:string b:integer)
(enforce-guard (op1-guard a b callee-A))
true)
(defun op2:bool (c:string d:bool)
(enforce-guard (op2-guard c d callee-A))
false)
)
(module callee-B G
(defcap G () true)
(implements ops)
(defun op1:bool (a:string b:integer)
;; out-of-band call to callee-A
(callee-A.op1 a b)
false)
(defun op2:bool (c:string d:bool)
(enforce-guard (op2-guard c d callee-B))
true)
)
(insert deps "callee-A" { 'callee: callee-A })
(insert deps "callee-B" { 'callee: callee-B })
(expect-failure
"out-of-band call fails"
"Capability not acquired"
(call-op1 "hello" 2))
(expect
"normal case succeeds for both callees"
[false true]
(call-op2 "goodbye" false))
Debug Information
This is because infos are not being elided from modrefs.
emilypi commented