auditor

An aarch64 constant-time memory access auditing tool.
git clone git://git.ppad.tech/auditor.git
Log | Files | Refs | README | LICENSE

IMPL11.md (984B)

      1 # IMPL11: Implement Configurable Public Roots
      2 
      3 ## Summary
      4 
      5 Add a JSON-configurable public root register set and use it to seed the
      6 initial taint state.
      7 
      8 ## Steps
      9 
     10 1) Define config types
     11 - Add a `PublicRootsConfig` with `public_roots :: Set Reg`.
     12 - Implement FromJSON with register name validation.
     13 
     14 2) CLI integration
     15 - Add `--public-roots PATH` flag.
     16 - Parse JSON and pass into analysis options.
     17 
     18 3) Taint initialization
     19 - Modify `initTaintState` to accept an optional public-roots set.
     20 - Add `initTaintStateWithRoots :: Set Reg -> TaintState`.
     21 - Thread config through `runDataflow`, `runInterProc`, and config-aware
     22   variants.
     23 
     24 4) Tests
     25 - Add tests for JSON parsing and override behavior.
     26 - Add a small taint test with a custom root set.
     27 
     28 ## Files to Touch
     29 
     30 - `lib/Audit/AArch64/Taint.hs`
     31 - `lib/Audit/AArch64/Types.hs` (if new config types exported)
     32 - `app/` CLI entrypoint
     33 - `test/`
     34 
     35 ## Validation
     36 
     37 - `cabal test`
     38 - Run auditor with/without `--public-roots` to confirm behavior.