From 4cdc1415db9ef6be111aaaffda7b0cf26c89a62b Mon Sep 17 00:00:00 2001 From: TheNumbat Date: Fri, 10 Jan 2025 15:24:35 -0500 Subject: [PATCH] delete protected --- otherlibs/stdlib_alpha/capsule.ml | 30 -------- otherlibs/stdlib_alpha/capsule.mli | 37 ++-------- testsuite/tests/capsule-api/data.ml | 104 +--------------------------- 3 files changed, 8 insertions(+), 163 deletions(-) diff --git a/otherlibs/stdlib_alpha/capsule.ml b/otherlibs/stdlib_alpha/capsule.ml index b2e8c4c08a..2e095abcd1 100644 --- a/otherlibs/stdlib_alpha/capsule.ml +++ b/otherlibs/stdlib_alpha/capsule.ml @@ -441,34 +441,6 @@ let create_with_rwlock () = let (P name) = Name.make () in Rwlock.P { name; rwlock = Rw.create (); poisoned = false } -exception Protected : 'k Mutex.t * (exn, 'k) Data.t -> exn - -let reraise_protected name data = - let backtrace = get_raw_backtrace () in - let exn = (Protected ({ name; mutex = M.create (); poisoned = false }, data)) in - raise_with_backtrace exn backtrace -;; - -let protect_local f = exclave_ - let (P name) = Name.make () in - let password = Password.unsafe_mk name in - try f (Password.P password) with - | Encapsulated (inner, data) as exn -> - (match Name.equality_witness name inner with - | Some Equal -> reraise_protected name data - | None -> reraise exn) - | exn -> reraise exn - -let protect_portable_local f = exclave_ - let (P name) = Name.make () in - let password = Password.unsafe_mk name in - try f (Password.P password) with - | Encapsulated (inner, data) as exn -> - (match Name.equality_witness name inner with - | Some Equal -> reraise_protected name data - | None -> reraise_protected name (Data.unsafe_mk exn)) - | exn -> reraise_protected name (Data.unsafe_mk exn) - let with_password_local f = exclave_ let (P name) = Name.make () in let password = Password.unsafe_mk name in @@ -479,6 +451,4 @@ let with_password_local f = exclave_ | None -> reraise exn) | exn -> reraise exn -let protect f = (protect_local (fun password -> { global = f password })).global -let protect_portable f = (protect_portable_local (fun password -> { global = f password })).global let with_password f = (with_password_local (fun password -> { global = f password })).global diff --git a/otherlibs/stdlib_alpha/capsule.mli b/otherlibs/stdlib_alpha/capsule.mli index 025b612f23..31cdfbebf6 100644 --- a/otherlibs/stdlib_alpha/capsule.mli +++ b/otherlibs/stdlib_alpha/capsule.mli @@ -563,37 +563,14 @@ exception Encapsulated : 'k Name.t * (exn, 'k) Data.t -> exn the data. The [Name.t] can be used to associate the [Data.t] with a particular [Password.t] or [Mutex.t]. *) -(* CR-soon mslater: ['k Key.t] instead of ['k Mutex.t]. *) -exception Protected : 'k Mutex.t * (exn, 'k) Data.t -> exn -(** If a function passed to [protect] raises an exception, it is wrapped - in [Protected] to avoid leaking access to the data. The [Mutex.t] can - be used to access the [Data.t]. *) - -val protect : (Password.packed @ local -> 'a) @ local -> 'a @@ portable -(** [protect f] runs [f password] in a fresh capsule represented by [password]. - If [f] raises an [Encapsulated] exception in the capsule represented by [password], - [protect] unwraps the exception and re-raises it as [Protected]. - If [f] raises any other exception or returns normally, [protect] merges - the capsule into the caller's capsule. *) - -val protect_portable : (Password.packed @ local -> 'a) @ local portable -> 'a @@ portable -(** [protect_portable f] runs [f password] in a fresh capsule represented by [password]. - If [f] returns normally, [protect_portable] merges the capsule into the caller's capsule. - If [f] raises an [Encapsulated] exception in the capsule represented by [password], - [protect_portable] unwraps the exception and re-raises it as [Protected]. - If [f] raises any other exception, [protect_portable] re-raises it as [Protected]. *) - val with_password : (Password.packed @ local -> 'a) @ local -> 'a @@ portable -(** [with_password f] runs [f password] in a fresh capsule represented by [password]. - If [f] returns normally, [with_password] merges the capsule into the caller's capsule. - If [f] raises an [Encapsulated] exception in the capsule represented by [password], - [with_password] unwraps the exception and re-raises it directly. *) - -val protect_local : (Password.packed @ local -> 'a @ local) @ local -> 'a @ local @@ portable -(** See [protect]. *) +(** [with_password f] creates a fresh capsule and applies [f] with the associated [password]. -val protect_portable_local : (Password.packed @ local -> 'a @ local) @ local portable -> 'a @ local @@ portable -(** See [protect_portable]. *) + If [f] raises an [Encapsulated] exception in the capsule represented by [password], + [with_password] destroys the capsule, unwraps the exception, and re-raises it directly. *) val with_password_local : (Password.packed @ local -> 'a @ local) @ local -> 'a @ local @@ portable -(** See [with_password]. *) +(** See [with_password]. + + If [f] returns normally, note that the capsule is not destroyed, and locality still enforces + that the password cannot escape. *) diff --git a/testsuite/tests/capsule-api/data.ml b/testsuite/tests/capsule-api/data.ml index 258790e634..9cfeac2f9c 100644 --- a/testsuite/tests/capsule-api/data.ml +++ b/testsuite/tests/capsule-api/data.ml @@ -176,111 +176,9 @@ let () = assert (Capsule.Data.project ptr' = 111) ;; -(* [protect_portable]. *) +(* [with_password]. *) exception Exn of string -let () = - match Capsule.protect_portable (fun _password -> "ok") with - | s -> assert (s = "ok") - | exception _ -> assert false -;; - -let () = - match Capsule.protect_portable (fun _password -> Exn "ok") with - | Exn s -> assert (s = "ok") - | _ -> assert false -;; - -let () = - match Capsule.protect_portable (fun _password -> reraise (Exn "fail")) with - | exception (Capsule.Protected (mut, exn)) -> - let s = Capsule.Mutex.with_lock mut (fun password -> - Capsule.Data.extract password (fun exn -> - match exn with - | Exn s -> s - | _ -> assert false) exn) in - assert (s = "fail") - | _ -> assert false -;; - -let () = - match Capsule.protect_portable (fun (Capsule.Password.P password) -> - let data = Capsule.Data.create (fun () -> "fail") in - let msg = Capsule.Data.extract password (fun s : string -> s) data in - reraise (Exn msg)) - with - | exception (Capsule.Protected (mut, exn)) -> - let s = Capsule.Mutex.with_lock mut (fun password -> - Capsule.Data.extract password (fun exn -> - match exn with - | Exn s -> s - | _ -> assert false) exn) in - assert (s = "fail") - | _ -> assert false -;; - -let () = - match Capsule.protect_portable (fun (Capsule.Password.P password) -> - let data = Capsule.Data.create (fun () -> "fail") in - let () = Capsule.Data.extract password (fun s -> reraise (Exn s)) data in - ()) - with - | exception (Capsule.Protected (mut, exn)) -> - let s = Capsule.Mutex.with_lock mut (fun password -> - Capsule.Data.extract password (fun exn -> - match exn with - | Exn s -> s - | _ -> assert false) exn) in - assert (s = "fail") - | _ -> assert false -;; - -(* [protect]. *) -let () = - match Capsule.protect (fun _password -> "ok") with - | s -> assert (s = "ok") - | exception _ -> assert false -;; - -let () = - match Capsule.protect (fun _password -> Exn "ok") with - | Exn s -> assert (s = "ok") - | _ -> assert false -;; - -let () = - match Capsule.protect (fun _password -> reraise (Exn "fail")) with - | exception Exn s -> assert (s = "fail") - | _ -> assert false -;; - -let () = - match Capsule.protect (fun (Capsule.Password.P password) -> - let data = Capsule.Data.create (fun () -> "fail") in - let msg = Capsule.Data.extract password (fun s : string -> s) data in - reraise (Exn msg)) - with - | exception Exn s -> assert (s = "fail") - | _ -> assert false -;; - -let () = - match Capsule.protect (fun (Capsule.Password.P password) -> - let data = Capsule.Data.create (fun () -> "fail") in - let () = Capsule.Data.extract password (fun s -> reraise (Exn s)) data in - ()) - with - | exception (Capsule.Protected (mut, exn)) -> - let s = Capsule.Mutex.with_lock mut (fun password -> - Capsule.Data.extract password (fun exn -> - match exn with - | Exn s -> s - | _ -> assert false) exn) in - assert (s = "fail") - | _ -> assert false -;; - -(* [with_password]. *) let () = match Capsule.with_password (fun _password -> "ok") with | s -> assert (s = "ok")