| Safe Haskell | Unsafe |
|---|
LIO.LIORef.TCB
Description
This module implements labeled IORefs. The interface is analogous to Data.IORef, but the operations take place in the LIO monad.
- data LIORef l a
- newLIORef :: LabelState l p s => l -> a -> LIO l p s (LIORef l a)
- labelOfLIORef :: Label l => LIORef l a -> l
- readLIORef :: LabelState l p s => LIORef l a -> LIO l p s a
- writeLIORef :: LabelState l p s => LIORef l a -> a -> LIO l p s ()
- modifyLIORef :: LabelState l p s => LIORef l a -> (a -> a) -> LIO l p s ()
- atomicModifyLIORef :: LabelState l p s => LIORef l a -> (a -> (a, b)) -> LIO l p s b
- newLIORefP :: LabelState l p s => p -> l -> a -> LIO l p s (LIORef l a)
- readLIORefP :: LabelState l p s => p -> LIORef l a -> LIO l p s a
- writeLIORefP :: LabelState l p s => p -> LIORef l a -> a -> LIO l p s ()
- modifyLIORefP :: LabelState l p s => p -> LIORef l a -> (a -> a) -> LIO l p s ()
- atomicModifyLIORefP :: LabelState l p s => p -> LIORef l a -> (a -> (a, b)) -> LIO l p s b
- newLIORefTCB :: LabelState l p s => l -> a -> LIO l p s (LIORef l a)
- readLIORefTCB :: LabelState l p s => LIORef l a -> LIO l p s a
- writeLIORefTCB :: LabelState l p s => LIORef l a -> a -> LIO l p s ()
- modifyLIORefTCB :: LabelState l p s => LIORef l a -> (a -> a) -> LIO l p s ()
- atomicModifyLIORefTCB :: LabelState l p s => LIORef l a -> (a -> (a, b)) -> LIO l p s b
Basic Functions
An LIORef is an IORef with an associated, static label.
The restriction of an immutable label come from the fact that it
is possible to leak information through the label itself.
Hence, LIO is flow-insensitive. Of course, you can create an
LIORef of Labeled to get a limited form of flow-sensitivity.
Arguments
| :: LabelState l p s | |
| => l | Label of reference |
| -> a | Initial value |
| -> LIO l p s (LIORef l a) | Mutable reference |
To create a new reference the label of the reference must be below the thread's current clearance and above the current label. If this is the case, the reference is built.
labelOfLIORef :: Label l => LIORef l a -> lSource
Get the label of a reference.
readLIORef :: LabelState l p s => LIORef l a -> LIO l p s aSource
Read the value of a labeled refernce. A read succeeds only if the
label of the reference is below the current clearance. Moreover,
the current label is raised to the join of the current label and
the reference label. To avoid failures use labelOfLIORef to check
that a read will suceed.
writeLIORef :: LabelState l p s => LIORef l a -> a -> LIO l p s ()Source
Write a new value into a labeled reference. A write succeeds if the current label can-flow-to the label of the reference, and the label of the reference can-flow-to the current clearance.
Arguments
| :: LabelState l p s | |
| => LIORef l a | Labeled reference |
| -> (a -> a) | Modifier |
| -> LIO l p s () |
Mutate the contents of a labeled reference. For the mutation to succeed it must be that the current label can-flow-to the label of the reference, and the label of the reference can-flow-to the current clearance. Note that because a modifer is provided, the reference contents are not observable by the outer computation and so it is not required that the current label be raised.
atomicModifyLIORef :: LabelState l p s => LIORef l a -> (a -> (a, b)) -> LIO l p s bSource
Atomically modifies the contents of an LIORef. It is required
that the label of the reference be above the current label, but
below the current clearance.
Privileged Functions
newLIORefP :: LabelState l p s => p -> l -> a -> LIO l p s (LIORef l a)Source
Same as newLIORef except newLIORefP takes a set of
privileges which are accounted for in comparing the label of
the reference to the current label and clearance.
readLIORefP :: LabelState l p s => p -> LIORef l a -> LIO l p s aSource
Same as readLIORef except readLIORefP takes a privilege object
which is used when the current label is raised.
writeLIORefP :: LabelState l p s => p -> LIORef l a -> a -> LIO l p s ()Source
Same as writeLIORef except writeLIORefP takes a set of
privileges which are accounted for in comparing the label of
the reference to the current label and clearance.
modifyLIORefP :: LabelState l p s => p -> LIORef l a -> (a -> a) -> LIO l p s ()Source
Same as modifyLIORef except modifyLIORefP takes a set of
privileges which are accounted for in comparing the label of
the reference to the current label and clearance.
atomicModifyLIORefP :: LabelState l p s => p -> LIORef l a -> (a -> (a, b)) -> LIO l p s bSource
Same as atomicModifyLIORef except atomicModifyLIORefP takes
a set of privileges which are accounted for in label comparisons.
Unsafe (TCB) Functions
newLIORefTCB :: LabelState l p s => l -> a -> LIO l p s (LIORef l a)Source
Trusted constructor that creates labeled references.
readLIORefTCB :: LabelState l p s => LIORef l a -> LIO l p s aSource
Trusted function used to read the value of a reference without raising the current label.
writeLIORefTCB :: LabelState l p s => LIORef l a -> a -> LIO l p s ()Source
Trusted function used to write a new value into a labeled reference, ignoring IFC.
modifyLIORefTCB :: LabelState l p s => LIORef l a -> (a -> a) -> LIO l p s ()Source
Trusted function that mutates the contents on an LIORef,
ignoring IFC.
atomicModifyLIORefTCB :: LabelState l p s => LIORef l a -> (a -> (a, b)) -> LIO l p s bSource
Trusted function used to atomically modify the contents of a labeled reference, ignoring IFC.