Initial commit

2195ffb8 · Per · 2195ffb8 · 2195ffb8 · 2195ffb8 · 2195ffb8
Commit 2195ffb8 authored Sep 29, 2017 by Per
--- a/.gitignore
+++ b/.gitignore
+/target/
+**/*.rs.bk
+Cargo.lock
--- a/.project
+++ b/.project
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>rtas</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>com.github.rustdt.ide.core.Builder</name>
+			<triggers>clean,full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>com.github.rustdt.ide.core.nature</nature>
+	</natures>
+</projectDescription>
--- a/Cargo.toml
+++ b/Cargo.toml
+[package]
+name = "rtas"
+version = "0.1.0"
+authors = ["pln <Per Lindgren>"]
+[dependencies]
--- a/src/main.rs
+++ b/src/main.rs
+#![feature(const_fn)]
+// The trusted code base, providing services such as Authorization, Encrytion
+mod trusted {
+    pub struct Sec {
+        level: u8,
+    }
+    impl Sec {
+        pub const unsafe fn new(l: u8) -> Self {
+            Sec { level: l }
+        }
+        pub fn level(&self) -> u8 {
+            self.level
+        }
+    }
+    trait Aut<R, S> {
+        fn encrypt(aut: Sec, R) -> S;
+        fn decrypt(aut: Sec, S) -> R;
+    }
+    pub fn data_access(sec: &Sec) -> Option<u32> {
+        if sec.level >= 2 {
+            println!("granted");
+            Some(72)
+        } else {
+            println!("denied");
+            None
+        }
+    }
+    pub fn auth(s: &str) -> Sec {
+        unsafe { if s == "abc" { Sec::new(2) } else { Sec::new(0) } }
+    }
+}
+static mut U1: u1::State = u1::State::new();
+static mut U2: u2::State = u2::State {};
+// Main should be inside trusted
+fn main() {
+    println!("trusted base");
+    let mut u1 = unsafe { &mut U1 };
+    let mut u2 = unsafe { &mut U2 };
+    unsafe {
+        let s = Sec::new(1);
+        // s.level = 3;
+        u1.user1(&s);
+        u2.user2(&s, &mut u1);
+    };
+}
+// user code
+// compiler directive, disallow unsafe code
+// unsafe constructor new
+use trusted::{Sec, auth};
+//
+mod u1 {
+    use ::*;
+    // static sec level
+    pub struct State {
+        data: u32,
+        s: &'static Sec,
+    }
+    impl State {
+        pub const fn new() -> Self {
+            State {
+                data: 11,
+                s: &unsafe { Sec::new(1) },
+            }
+        }
+        pub fn user1(&mut self, sec: &Sec) {
+            println!("user1, level = {}", sec.level());
+            println!("os call {:?}", trusted::data_access(sec));
+            // self.s = sec; // -- stopped by the borrow checker
+        }
+        pub fn get_data(&mut self, sec: &Sec, p: &Sec) -> Option<u32> {
+            println!("get_data, level = {}", sec.level());
+            // self.s = *p; // -- stopped by the borrow checker
+            println!("os call {:?}", trusted::data_access(p));
+            println!("called by {}", p.level());
+            if p.level() >= 2 {
+                Some(self.data)
+            } else {
+                None
+            }
+        }
+    }
+}
+// end user
+mod u2 {
+    use ::*;
+    pub struct State {}
+    impl State {
+        pub fn user2(&mut self, sec: &Sec, u1: &mut u1::State) {
+            println!("user2, level = {}", sec.level());
+            let s = auth("abc");
+            println!("user2, data = {:?}", u1.get_data(sec, &s));
+        }
+    }
+}