static void BuildNamespace(this INamespaceSymbol ns, Context cx, TextWriter trapFile) { // Only include the assembly information in each type ID // for normal extractions. This is because standalone extractions // lack assembly information or may be ambiguous. bool prependAssemblyToTypeId = !cx.Extractor.Standalone && ns.ContainingAssembly != null; if (prependAssemblyToTypeId) { // Note that we exclude the revision number as this has // been observed to be unstable. var assembly = ns.ContainingAssembly.Identity; trapFile.Write(assembly.Name); trapFile.Write('_'); trapFile.Write(assembly.Version.Major); trapFile.Write('.'); trapFile.Write(assembly.Version.Minor); trapFile.Write('.'); trapFile.Write(assembly.Version.Build); trapFile.Write("::"); } trapFile.WriteSubId(Namespace.Create(cx, ns)); trapFile.Write('.'); }
public static Expression Create(ExpressionNodeInfo info) { var symbolInfo = info.Context.GetSymbolInfo(info.Node); var target = symbolInfo.Symbol; if (target == null && symbolInfo.CandidateReason == CandidateReason.OverloadResolutionFailure) { // The expression is probably a cast target = info.Context.GetSymbolInfo((CSharpSyntaxNode)info.Node.Parent).Symbol; } if (target == null && (symbolInfo.CandidateReason == CandidateReason.Ambiguous || symbolInfo.CandidateReason == CandidateReason.MemberGroup)) { // Pick one at random - they probably resolve to the same ID target = symbolInfo.CandidateSymbols.First(); } if (target == null) { info.Context.ModelError(info.Node, "Failed to resolve name"); return(new Unknown(info)); } // There is a very strange bug in Microsoft.CodeAnalysis whereby // target.Kind throws System.InvalidOperationException for Discard symbols. // So, short-circuit that test here. // Ideally this would be another case in the switch statement below. if (target is IDiscardSymbol) { return(new Discard(info)); } switch (target.Kind) { case SymbolKind.TypeParameter: case SymbolKind.NamedType: case SymbolKind.DynamicType: return(TypeAccess.Create(info)); case SymbolKind.Property: case SymbolKind.Field: case SymbolKind.Event: case SymbolKind.Method: return(Access.Create(info, target, true, info.Context.CreateEntity(target))); case SymbolKind.Local: case SymbolKind.RangeVariable: return(Access.Create(info, target, false, LocalVariable.Create(info.Context, target))); case SymbolKind.Parameter: return(Access.Create(info, target, false, Parameter.Create(info.Context, (IParameterSymbol)target))); case SymbolKind.Namespace: return(Access.Create(info, target, false, Namespace.Create(info.Context, (INamespaceSymbol)target))); default: throw new InternalError(info.Node, $"Unhandled identifier kind '{target.Kind}'"); } }
public void ReachabilityMatrix_OneDirectionOnly() { Zen <Pod>[] pods = new Zen <Pod>[] { Pod.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k0")), Pod.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")), }; Zen <Namespace>[] namespaces = new Zen <Namespace>[] { Namespace.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k0")), Namespace.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")) }; Zen <Policy>[] policies = new Zen <Policy>[] { // only one side allows ingress traffic Policy.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyDict <string, string>(), EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k0"), EmptyList <string>(), EmptyList <string>().AddBack("k1")), Policy.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyDict <string, string>(), EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1"), EmptyList <string>(), EmptyList <string>().AddBack("k1"), False(), False()), }; var output = Algorithms.CreateReachMatrix(pods, policies, namespaces).ingressMatrix; var r0 = EmptyList <bool>().AddBack(true).AddBack(false); var r1 = EmptyList <bool>().AddBack(false).AddBack(true); TestHelper.AssertMatrixEqual(output, new Zen <IList <bool> >[] { r0, r1 }, "Reachability Matrix, one direction only"); }
public void PolicyShadowTest() { Zen <Pod>[] pods = new Zen <Pod>[] { Pod.Create("default", EmptyDict <string, string>().Add("k0", "v0").Add("k1", "v1"), EmptyList <string>().AddBack("k0").AddBack("k1")), Pod.Create("default", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")), Pod.Create("ns1", EmptyDict <string, string>().Add("k2", "v2"), EmptyList <string>().AddBack("k2")), Pod.Create("ns1", EmptyDict <string, string>().Add("k3", "v3"), EmptyList <string>().AddBack("k3")) }; Zen <Namespace>[] namespaces = new Zen <Namespace>[] { Namespace.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k0")), Namespace.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")) }; Zen <Policy>[] policies = new Zen <Policy>[] { Policy.Create("default", EmptyDict <string, string>().Add("k0", "v0").Add("k1", "v1"), EmptyDict <string, string>().Add("k2", "v2"), EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k0").AddBack("k1"), EmptyList <string>().AddBack("k2"), EmptyList <string>().AddBack("k1")), Policy.Create("default", EmptyDict <string, string>().Add("k1", "v1"), EmptyDict <string, string>(), EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1"), EmptyList <string>(), EmptyList <string>().AddBack("k1")), Policy.Create("ns1", EmptyDict <string, string>().Add("k3", "v3"), EmptyDict <string, string>().Add("k2", "v2"), EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k3"), EmptyList <string>().AddBack("k2"), EmptyList <string>().AddBack("k0")), }; var podPolMx = Algorithms.CreateReachMatrix(pods, policies, namespaces).podPolMatrix; var r0 = EmptyList <bool>().AddBack(true).AddBack(true).AddBack(false); var r1 = EmptyList <bool>().AddBack(false).AddBack(true).AddBack(false); var r2 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(false); var r3 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(true); TestHelper.AssertMatrixEqual(podPolMx, new Zen <IList <bool> >[] { r0, r1, r2, r3 }, "PolicyShadowTest: PodPolMatrix"); var polPodAllowedMx = Algorithms.CreateReachMatrix(pods, policies, namespaces).polPodAllowedMatrix; r0 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(true).AddBack(false); r1 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(true).AddBack(true); r2 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(false).AddBack(false); TestHelper.AssertMatrixEqual(polPodAllowedMx, new Zen <IList <bool> >[] { r0, r1, r2 }, "PolicyShadowTest: PolPodAllowedMatrix"); var polPodSelectedMx = Algorithms.CreateReachMatrix(pods, policies, namespaces).polPodSelectedMatrix; r0 = EmptyList <bool>().AddBack(true).AddBack(false).AddBack(false).AddBack(false); r1 = EmptyList <bool>().AddBack(true).AddBack(true).AddBack(false).AddBack(false); r2 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(false).AddBack(true); TestHelper.AssertMatrixEqual(polPodSelectedMx, new Zen <IList <bool> >[] { r0, r1, r2 }, "PolicyShadowTest: PolPodSelectedMatrix"); var shadowedPair = Verifier.PolicyShadowCheck(podPolMx, polPodAllowedMx, polPodSelectedMx); Assert.IsTrue(shadowedPair.Length().EqualToNumber(1)); var expected = EmptyList <Tuple <int, int> >().AddBack(Tuple <int, int>(1, 0)); Assert.IsTrue(shadowedPair.ToString().Equals(expected.ToString()), "PolicyShadowTest: shadow pairs are not correct.\nExpected: {0}\nGot: {1}", expected.ToString(), shadowedPair.ToString()); }
public void ReachabilityMatrix_NSAndPod() { Zen <Pod>[] pods = new Zen <Pod>[] { Pod.Create("default", EmptyDict <string, string>().Add("k0", "v0").Add("k1", "v1"), EmptyList <string>().AddBack("k0").AddBack("k1")), Pod.Create("default", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")), Pod.Create("ns1", EmptyDict <string, string>().Add("k2", "v2"), EmptyList <string>().AddBack("k2")), Pod.Create("ns1", EmptyDict <string, string>().Add("k3", "v3"), EmptyList <string>().AddBack("k3")), Pod.Create("ns1", EmptyDict <string, string>().Add("k4", "v4"), EmptyList <string>().AddBack("k4")) }; Zen <Namespace>[] namespaces = new Zen <Namespace>[] { Namespace.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k0")), Namespace.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")) }; Zen <Policy>[] policies = new Zen <Policy>[] { Policy.Create("default", EmptyDict <string, string>().Add("k0", "v0").Add("k1", "v1"), EmptyDict <string, string>().Add("k4", "v4"), EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k0").AddBack("k1"), EmptyList <string>().AddBack("k4"), EmptyList <string>().AddBack("k1")), Policy.Create("default", EmptyDict <string, string>().Add("k1", "v1"), EmptyDict <string, string>().Add("k2", "v2"), EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1"), EmptyList <string>().AddBack("k2"), EmptyList <string>().AddBack("k1"), False(), False()), Policy.Create("ns1", EmptyDict <string, string>().Add("k3", "v3"), EmptyDict <string, string>().Add("k2", "v2"), EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k3"), EmptyList <string>().AddBack("k2"), EmptyList <string>().AddBack("k0")), }; var ingress = Algorithms.CreateReachMatrix(pods, policies, namespaces).ingressMatrix; var r0 = EmptyList <bool>().AddBack(true).AddBack(false).AddBack(false).AddBack(false).AddBack(true); var r1 = EmptyList <bool>().AddBack(false).AddBack(true).AddBack(false).AddBack(false).AddBack(false); var r2 = EmptyList <bool>().AddBack(true).AddBack(true).AddBack(true).AddBack(false).AddBack(true); var r3 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(false).AddBack(true).AddBack(false); var r4 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(true).AddBack(false).AddBack(true); TestHelper.AssertMatrixEqual(ingress, new Zen <IList <bool> >[] { r0, r1, r2, r3, r4 }, "Reachability_Matrix_Test_NS_Pods(ingress matrix)"); var egress = Algorithms.CreateReachMatrix(pods, policies, namespaces).egressMatrix; r0 = EmptyList <bool>().AddBack(true).AddBack(false).AddBack(true).AddBack(false).AddBack(false); r1 = EmptyList <bool>().AddBack(false).AddBack(true).AddBack(true).AddBack(false).AddBack(false); r2 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(true).AddBack(false).AddBack(true); r3 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(false).AddBack(true).AddBack(false); r4 = EmptyList <bool>().AddBack(true).AddBack(false).AddBack(true).AddBack(false).AddBack(true); TestHelper.AssertMatrixEqual(egress, new Zen <IList <bool> >[] { r0, r1, r2, r3, r4 }, "Reachability_Matrix_Test_NS_Pods(egress matrix)"); }
public void NSLabelTest() { Zen <IDictionary <string, string> > l1 = EmptyDict <string, string>().Add("k1", "v1"); Zen <IDictionary <string, string> > l2 = EmptyDict <string, string>().Add("k2", "v1"); Zen <IDictionary <string, string> > l3 = EmptyDict <string, string>().Add("k3", "v1"); Zen <IList <string> > k1 = EmptyList <string>().AddBack("k1"); Zen <IList <string> > k2 = EmptyList <string>().AddBack("k2"); Zen <IList <string> > k3 = EmptyList <string>().AddBack("k3"); var ns1 = Namespace.Create("defaul", l1, k1); var ns2 = Namespace.Create("defaul", l2, k2); var ns3 = Namespace.Create("defaul", l3, k3); Zen <Namespace>[] namespaces = new Zen <Namespace>[] { ns1, ns2, ns3 }; var output = Algorithms.CreateNSLabelMatrix(namespaces); var r1 = EmptyList <bool>().AddBack(true).AddBack(false).AddBack(false); var r2 = EmptyList <bool>().AddBack(false).AddBack(true).AddBack(false); var r3 = EmptyList <bool>().AddBack(false).AddBack(false).AddBack(true); Assert.IsTrue(output.Get(k1.At(0).Value().GetHashCode()).Value().ToString().Equals(r1.ToString())); Assert.IsTrue(output.Get(k2.At(0).Value().GetHashCode()).Value().ToString().Equals(r2.ToString())); Assert.IsTrue(output.Get(k3.At(0).Value().GetHashCode()).Value().ToString().Equals(r3.ToString())); }
public void ReachabilityMatrix_TwoDirection() { Zen <Pod>[] pods = new Zen <Pod>[] { Pod.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k0")), Pod.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")), }; Zen <Namespace>[] namespaces = new Zen <Namespace>[] { Namespace.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k0")), Namespace.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k1")) }; Zen <Policy>[] policies = new Zen <Policy>[] { // only ingress is allowed Policy.Create("default", EmptyDict <string, string>().Add("k0", "v0"), EmptyDict <string, string>(), EmptyDict <string, string>().Add("k1", "v1"), EmptyList <string>().AddBack("k0"), EmptyList <string>(), EmptyList <string>().AddBack("k1")), // only egress is allowed Policy.Create("ns1", EmptyDict <string, string>().Add("k1", "v1"), EmptyDict <string, string>(), EmptyDict <string, string>().Add("k0", "v0"), EmptyList <string>().AddBack("k1"), EmptyList <string>(), EmptyList <string>().AddBack("k0"), False(), False()), }; var ingress = Algorithms.CreateReachMatrix(pods, policies, namespaces).ingressMatrix; var r0 = EmptyList <bool>().AddBack(true).AddBack(true); var r1 = EmptyList <bool>().AddBack(false).AddBack(true); TestHelper.AssertMatrixEqual(ingress, new Zen <IList <bool> >[] { r0, r1 }, "Happy path(ingress matrix)"); var egress = Algorithms.CreateReachMatrix(pods, policies, namespaces).egressMatrix; r0 = EmptyList <bool>().AddBack(true).AddBack(false); r1 = EmptyList <bool>().AddBack(true).AddBack(true); TestHelper.AssertMatrixEqual(egress, new Zen <IList <bool> >[] { r0, r1 }, "Happy path(egress matrix)"); }
public override void Populate(TextWriter trapFile) { trapFile.types(this, Kinds.TypeKind.ARGLIST, "__arglist"); trapFile.parent_namespace(this, Namespace.Create(Context, Context.Compilation.GlobalNamespace)); Modifier.HasModifier(Context, trapFile, this, "public"); }
public override IEntity VisitNamespace(INamespaceSymbol ns) => Namespace.Create(cx, ns);
public override void Populate() { Context.Emit(Tuples.types(this, Kinds.TypeKind.ARGLIST, "__arglist")); Context.Emit(Tuples.parent_namespace(this, Namespace.Create(Context, Context.Compilation.GlobalNamespace))); Modifier.HasModifier(Context, this, "public"); }
static void BuildNamespace(this INamespaceSymbol ns, Context cx, TextWriter trapFile) { trapFile.WriteSubId(Namespace.Create(cx, ns)); trapFile.Write('.'); }