



DATA  
61



# Program Verification in the Presence of Cached Address Translation

Hira Taqdees Syeda | Gerwin Klein

July 2018

[www.ts.data61.csiro.au](http://www.ts.data61.csiro.au)



**UNSW**  
SYDNEY



# What is Cached Address Translation



# What is Cached Address Translation



- Translation Lookaside Buffer (TLB) is
  - a dedicated cache for page table walks
  - architecture specific
  - managed by hardware and operating system together

# TLB Effects on Program Execution



# TLB Effects on Program Execution



- TLB being cache
  - has *no* functional effects
  - only makes execution faster, *if* maintained correctly
  - is an assumption in formally verified kernels such as seL4

# TLB Effects on Program Execution



- TLB being cache
  - has *no* functional effects
  - only makes execution faster, *if* maintained correctly
  - is an assumption in formally verified kernels such as seL4
- Poorly managed TLB leads to
  - memory operations on the **wrong addresses**
  - **inconsistent translation** → system crash

# TLB Effects on Program Execution



- TLB being cache
  - has *no* functional effects
  - only makes execution faster, *if* maintained correctly
  - is an assumption in formally verified kernels such as seL4
- Poorly managed TLB leads to
  - memory operations on the **wrong addresses**
  - **inconsistent translation** → system crash
- TLB-aware **logic** for program reasoning
  - abstract model for **ARMv7-style MMU**

# Contributions



- TLB-aware program logic in **Isabelle/HOL**
- sound abstraction of ARMv7-style MMU
- language with TLB management primitives
- TLB-aware Hoare logic rules

# Contributions



- TLB-aware program logic in **Isabelle/HOL**
  - sound abstraction of ARMv7-style MMU
  - language with TLB management primitives
  - TLB-aware Hoare logic rules
- Reduction theorems for program verification at
  - user- and kernel-level execution
  - context switch

# Contributions



- TLB-aware program logic in **Isabelle/HOL**
  - sound abstraction of ARMv7-style MMU
  - language with TLB management primitives
  - TLB-aware Hoare logic rules
- Reduction theorems for program verification at
  - user- and kernel-level execution
  - context switch

# ARMv7-style MMU



# ARMv7-style MMU



# ARMv7-style MMU



# ARMv7-style MMU



# ARMv7-style MMU



# ARMv7-style MMU



- TLB **eviction** ( × × )

# ARMv7-style MMU



- TLB **eviction** ( **xx** )
- TLB **incoherency** ( **□** )
  - stale translation entries w.r.t. page table(s)

# ARMv7-style MMU



- TLB **eviction** ( **XX** )
- TLB **incoherency** ( **□** )
  - stale translation entries w.r.t. page table(s)
- TLB **inconsistency** ( **■** )
  - more than one translation entries

# ARMv7-style MMU



- TLB maintenance operations after updating
  - page table(s)
  - root register

# ARMv7-style MMU



- TLB maintenance operations after updating
  - page table(s)
  - root register
- Selective invalidation using Address Space IDentifier - ASID
  - ASID register

# Sound Abstraction of ARMv7-style MMU



# Sound Abstraction of ARMv7-style MMU



- Formalised TLB model
  - hardware details
  - instructions affecting the TLB state

# Sound Abstraction of ARMv7-style MMU



- Formalised TLB model
  - hardware details
  - instructions affecting the TLB state



Stepwise data refinement  
to achieve functional abstraction



# Sound Abstraction of ARMv7-style MMU



- Formalised TLB model
  - hardware details
  - instructions affecting the TLB state



Stepwise data refinement  
to achieve functional abstraction



Functionality of a TLB  
is captured by the record of  
**inconsistent virtual addresses**



# Sound Abstraction of ARMv7-style MMU



processor mode

*active* ASID

*active* root



# Sound Abstraction of ARMv7-style MMU



processor mode

***active*** ASID

***active*** root



# Sound Abstraction of ARMv7-style MMU



processor mode

*active* ASID

*active* root



# Contributions



- TLB-aware program logic in **Isabelle/HOL**
  - sound abstraction of ARMv7-style MMU ✓
  - language with TLB management primitives
  - TLB-aware Hoare logic rules
- Reduction theorems for program verification at
  - user- and kernel-level execution
  - context switch

# Language – Syntax



- Heap language with TLB management primitives
  - arithmetic expressions **aexp**
    - constant, unary and binary operations
    - **HeapLookup**

# Language – Syntax



- Heap language with TLB management primitives
  - arithmetic expressions **aexp**
    - constant, unary and binary operations
    - **HeapLookup**
  - boolean expressions **bexp**
    - negation, comparison and binary operations

# Language – Syntax



- Heap language with TLB management primitives
  - commands
    - skip and sequence
    - if-then-else and while

# Language – Syntax



- Heap language with TLB management primitives
  - commands
    - skip and sequence
    - if-then-else and while
  - assignment      **aexp := aexp**

# Language – Syntax



- Heap language with TLB management primitives
  - commands
    - skip and sequence
    - if-then-else and while
  - assignment      **aexp := aexp**
  - flush
    - **flushALL**, **flushASID**, **flushVA** and **flushASIDVA**

# Language – Syntax



- Heap language with TLB management primitives
  - commands
    - skip and sequence
    - if-then-else and while
    - assignment      **aexp := aexp**
  - flush
    - **flushALL**, **flushASID**, **flushVA** and **flushASIDVA**
  - updateRoot
  - updateASID
  - updateMode
    - **kernel** or **user**

# Contributions



- TLB-aware program logic in **Isabelle/HOL**
  - sound abstraction of ARMv7-style TLB ✓
  - language with TLB management primitives ✓
  - TLB-aware **Hoare logic** rules
  - Reduction theorems for program verification at
    - user- and kernel-level execution
    - context switch



# Program Logic



- Operational semantics
  - **aexp** — partial function from **state** to 32-bit **value**
  - **bexp** — partial function from **state** to **bool**
  - **command** — relation between **state** and **state option**

# Program Logic



- Operational semantics
  - **aexp** — partial function from **state** to 32-bit **value**
  - **bexp** — partial function from **state** to **bool**
  - **command** — relation between **state** and **state option**
- Hoare triple —  $\{P\} \ c \ \{Q\}$ 
  - **soundness** is derived directly from the operational semantics
  - logic rules are in **weakest-precondition** form

# Program Logic — Rules



- assignment
- updateRoot
- updateASID

☆ other rules are in standard Hoare logic form

# Program Logic — Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

l ::= r {P}

# Program Logic – Rules



## - assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

l ::= r {P}

- ✓ successful evaluation of  $l$  to a  $vp$
- ✓ consistency of  $vp$
- ✓ valid address translation of  $vp$  to  $pp$
- ✓ reasoning about **heap** and **incon\_set** update

# Program Logic – Rules



## - assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$
$$l ::= r \{P\}$$

- ✓ successful evaluation of  $l$  to a  $vp$
- ✓ consistency of  $vp$
- ✓ valid address translation of  $vp$  to  $pp$
- ✓ reasoning about **heap** and **incon\_set** update

# Program Logic – Rules



## - assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$
$$l ::= r \{P\}$$

- ✓ successful evaluation of  $l$  to a  $vp$
- ✓ consistency of  $vp$
- ✓ valid address translation of  $vp$  to  $pp$
- ✓ reasoning about **heap** and **incon\_set** update

# Program Logic – Rules



## - assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

`l ::= r {P}`

- ✓ successful evaluation of  $l$  to a  $vp$
- ✓ consistency of  $vp$
- ✓ valid address translation of  $vp$  to  $pp$
- ✓ reasoning about `heap` and `incon_set` update

# Program Logic – Rules



## - assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

`l ::= r {P}`

- ✓ successful evaluation of  $l$  to a  $vp$
- ✓ consistency of  $vp$
- ✓ valid address translation of  $vp$  to  $pp$
- ✓ reasoning about `heap` and `incon_set` update

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

`l ::= r {P}`

✓ `incon_set update`

comparison of the active page table  
before and after the assignment for  
all remapped and unmapped addresses

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

$l ::= r \{P\}$

✓ incon\_set update

before assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  }

$\text{va}_3$  is mapped to  $\text{pa}_3$

$\text{va}_4$  is mapped to  $\text{pa}_4$

after assignment

A vertical dashed green line separates the before and after states.

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

$l ::= r \{P\}$

✓ incon\_set update

before assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  }

$\text{va}_3$  is mapped to  $\text{pa}_3$

$\text{va}_4$  is mapped to  $\text{pa}_4$

after assignment

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

$l ::= r \{P\}$

✓ incon\_set update

before assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  }

$\text{va}_3$  is mapped to  $\text{pa}_3$

$\text{va}_4$  is mapped to  $\text{pa}_4$

after assignment

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

$l ::= r \{P\}$

✓ incon\_set update

before assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  }

$\text{va}_3$  is mapped to  $\text{pa}_3$

$\text{va}_4$  is mapped to  $\text{pa}_4$

after assignment

$\text{va}_3$  is remapped to  $\text{pa}_5$

$\text{va}_4$  is unmapped

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

$l ::= r \{P\}$

✓ incon\_set update

before assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  }

$\text{va}_3$  is mapped to  $\text{pa}_3$

$\text{va}_4$  is mapped to  $\text{pa}_4$

after assignment

$\text{va}_3$  is remapped to  $\text{pa}_5$

$\text{va}_4$  is unmapped

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

$l ::= r \{P\}$

✓ incon\_set update

before assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  }

$\text{va}_3$  is mapped to  $\text{pa}_3$

$\text{va}_4$  is mapped to  $\text{pa}_4$

after assignment

$\text{va}_3$  is remapped to  $\text{pa}_5$

$\text{va}_4$  is unmapped

# Program Logic – Rules



- assignment

$$\models \{\lambda s. \llbracket l \rrbracket s = \lfloor vp \rfloor \wedge \llbracket r \rrbracket s = \lfloor v \rfloor \wedge vp \notin \mathcal{IC} s \wedge \text{Addr } vp \hookrightarrow_s pp \wedge P (\text{heap\_iset\_update}_s (pp \mapsto v))\}$$

$l ::= r \{P\}$

✓ incon\_set update

before assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  }

$\text{va}_3$  is mapped to  $\text{pa}_3$

$\text{va}_4$  is mapped to  $\text{pa}_4$

after assignment

incon\_set : {  $\text{va}_1$  ,  $\text{va}_2$  ,  
 $\text{va}_3$  ,  $\text{va}_4$  }

$\text{va}_3$  is remapped to  $\text{pa}_5$

$\text{va}_4$  is unmapped

# Program Logic — Rules



- assignment ✓
- updateRoot
- updateASID

# Program Logic — Rules



## - updateRoot

$$\models \{\lambda s. \text{kernel } s \wedge \llbracket \text{rte} \rrbracket s = \lfloor \text{rt} \rfloor \wedge P (\text{root\_iset\_update}_s \text{ Addr } \text{rt})\}$$

updateRoot rte {P}

- ✓ available in kernel mode
- ✓ reasoning about `root` and `incon_set` update

# Program Logic — Rules



## - updateRoot

$$\models \{\lambda s. \text{kernel } s \wedge \llbracket \text{rte} \rrbracket s = \lfloor \text{rt} \rfloor \wedge P (\text{root\_iset\_update}_s \text{ Addr } \text{rt})\}$$

updateRoot rte {P}

- ✓ available in kernel mode
- ✓ reasoning about `root` and `incon_set` update

# Program Logic – Rules



## - updateRoot

$$\models \{\lambda s. \text{kernel } s \wedge \llbracket \text{rte} \rrbracket s = \lfloor \text{rt} \rfloor \wedge P (\text{root\_iset\_update}_s \text{ Addr } \text{rt})\}$$

updateRoot rte {P}

- ✓ available in kernel mode
- ✓ reasoning about `root` and `incon_set` update

# Program Logic – Rules



## - updateRoot

$$\models \{\lambda s. \text{kernel } s \wedge \llbracket \text{rte} \rrbracket s = \lfloor \text{rt} \rfloor \wedge P (\text{root\_iset\_update}_s \text{ Addr } \text{rt})\}$$

updateRoot rte {P}

- ✓ available in kernel mode
- ✓ reasoning about `root` and `incon_set` update

`incon_set` update:

comparison of the two page tables  
before and after updating root for  
all remapped and unmapped addresses

# Program Logic — Rules



- assignment ✓
- updateRoot ✓
- updateASID

# Program Logic — Rules



## - updateASID

$\{\lambda s. \text{kernel } s \wedge P \ (\text{asid\_pt\_snapshot\_update}_s \ a)\} \text{ updateASID } a \ \{P\}$

- ✓ available in kernel mode
- ✓ reasoning about `asid`, `incon_set` and `pt_snapshot` update

# Program Logic — Rules



## - updateASID

$\{\lambda s. \text{kernel } s \wedge P \text{ (asid\_pt\_snapshot\_update}_s \text{ a)}\} \text{ updateASID a } \{P\}$

- ✓ available in kernel mode
- ✓ reasoning about `asid`, `incon_set` and `pt_snapshot` update

# Program Logic — Rules



## - updateASID

$\{\lambda s. \text{kernel } s \wedge P \text{ (asid\_pt\_snapshot\_update}_s \text{ a)}\} \text{ updateASID a } \{P\}$

- ✓ available in kernel mode
- ✓ reasoning about `asid`, `incon_set` and `pt_snapshot` update

# Program Logic — Rules



- updateASID

$$\{\lambda s. \text{kernel } s \wedge P \text{ (asid\_pt\_snapshot\_update}_s \text{ a)}\} \text{ updateASID a } \{P\}$$

**Steps:**

# Program Logic – Rules



## - updateASID

```
{λs. kernel s ∧ P (asid_pt_snapshot_updates a)} updateASID a {P}
```

### Steps:

1

store the `incon_set` and the  
`page table` of the active ASID to  
the `pt_snapshot`

# Program Logic – Rules



## - updateASID

```
{λs. kernel s ∧ P (asid_pt_snapshot_updates a)} updateASID a {P}
```

### Steps:

1

store the `incon_set` and the  
page table of the active ASID to  
the `pt_snapshot`

2

update the ASID

# Program Logic – Rules



## - updateASID

```
{λs. kernel s ∧ P (asid_pt_snapshot_updates a)} updateASID a {P}
```

### Steps:

1

store the `incon_set` and the  
page table of the active ASID to  
the `pt_snapshot`

2

update the ASID

3

compute new `incon_set` from the  
`pt_snapshot` and the `active page table`

# Program Logic – Rules



## - updateASID

$$\{\lambda s. \text{kernel } s \wedge P (\text{asid\_pt\_snapshot\_update}_s a)\} \text{ updateASID } a \{P\}$$

**Steps:** switching from  $a_1$  to  $a_2$

| <u>before updateASID</u>                                                                                                                                                                          | <u>after updateASID</u> |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|
| active_ASID : $a_1$                                                                                                                                                                               | active_ASID :           |
| incon_set : { $va_3$ , $va_7$ }                                                                                                                                                                   | incon_set : { , }       |
| pt_snapshot: $a_1, va_3 \Rightarrow \text{unmap}$<br>$a_1, va_7 \Rightarrow pa_1$<br>$a_1, va_6 \Rightarrow \text{unmap}$<br>$a_2, va_1 \Rightarrow \text{Incon}$<br>$a_2, va_6 \Rightarrow pa_2$ | pt_snapshot:            |
| page table: $va_6 \Rightarrow pa_7$                                                                                                                                                               |                         |

# Program Logic – Rules



## - updateASID

$$\{\lambda s. \text{kernel } s \wedge P (\text{asid\_pt\_snapshot\_update}_s a)\} \text{ updateASID } a \{P\}$$

**Steps:** switching from  $a_1$  to  $a_2$

| <u>before updateASID</u> |                                                                                                                                                                                      | <u>after updateASID</u> |                                                                                                              |
|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|--------------------------------------------------------------------------------------------------------------|
| active_ASID :            | $a_1$                                                                                                                                                                                | active_ASID :           |                                                                                                              |
| incon_set :              | { $va_3$ , $va_7$ }                                                                                                                                                                  | incon_set :             | { , }                                                                                                        |
| pt_snapshot:             | $a_1, va_3 \Rightarrow \text{unmap}$<br>$a_1, va_7 \Rightarrow pa_1$<br>$a_1, va_6 \Rightarrow \text{unmap}$<br>$a_2, va_1 \Rightarrow \text{Incon}$<br>$a_2, va_6 \Rightarrow pa_2$ | pt_snapshot:            | $a_1, va_3 \Rightarrow \text{Incon}$<br>$a_1, va_7 \Rightarrow \text{Incon}$<br>$a_1, va_6 \Rightarrow pa_7$ |
| page table:              | $va_6 \Rightarrow pa_7$                                                                                                                                                              |                         | 1                                                                                                            |

# Program Logic – Rules



## - updateASID

$$\{\lambda s. \text{kernel } s \wedge P (\text{asid\_pt\_snapshot\_update}_s a)\} \text{ updateASID } a \{P\}$$

**Steps:** switching from  $a_1$  to  $a_2$

| <u>before updateASID</u> |                                                                                                                                                                                      | <u>after updateASID</u> |                                                                                                              |
|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|--------------------------------------------------------------------------------------------------------------|
| active_ASID :            | $a_1$                                                                                                                                                                                | active_ASID :           | $a_2$ <b>2</b>                                                                                               |
| incon_set :              | { $va_3$ , $va_7$ }                                                                                                                                                                  | incon_set :             | { , }                                                                                                        |
| pt_snapshot:             | $a_1, va_3 \Rightarrow \text{unmap}$<br>$a_1, va_7 \Rightarrow pa_1$<br>$a_1, va_6 \Rightarrow \text{unmap}$<br>$a_2, va_1 \Rightarrow \text{Incon}$<br>$a_2, va_6 \Rightarrow pa_2$ | pt_snapshot:            | $a_1, va_3 \Rightarrow \text{Incon}$<br>$a_1, va_7 \Rightarrow \text{Incon}$<br>$a_1, va_6 \Rightarrow pa_7$ |
| page table:              | $va_6 \Rightarrow pa_7$                                                                                                                                                              |                         |                                                                                                              |

# Program Logic – Rules



## - updateASID

$$\{\lambda s. \text{kernel } s \wedge P (\text{asid\_pt\_snapshot\_update}_s a)\} \text{ updateASID } a \{P\}$$

**Steps:** switching from  $a_1$  to  $a_2$

| <u>before updateASID</u> |                                                                                                                                                                                      | <u>after updateASID</u> |                                                                                                              |
|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------|--------------------------------------------------------------------------------------------------------------|
| active_ASID :            | $a_1$                                                                                                                                                                                | active_ASID :           | $a_2$                                                                                                        |
| incon_set :              | { $va_3$ , $va_7$ }                                                                                                                                                                  | incon_set :             | { $va_1$ , $va_6$ } <b>3</b>                                                                                 |
| pt_snapshot:             | $a_1, va_3 \Rightarrow \text{unmap}$<br>$a_1, va_7 \Rightarrow pa_1$<br>$a_1, va_6 \Rightarrow \text{unmap}$<br>$a_2, va_1 \Rightarrow \text{Incon}$<br>$a_2, va_6 \Rightarrow pa_2$ | pt_snapshot:            | $a_1, va_3 \Rightarrow \text{Incon}$<br>$a_1, va_7 \Rightarrow \text{Incon}$<br>$a_1, va_6 \Rightarrow pa_7$ |
| page table:              | $va_6 \Rightarrow pa_7$                                                                                                                                                              |                         |                                                                                                              |

# Program Logic — Rules



- assignment ✓
- updateRoot ✓
- updateASID ✓

## Take-away:



TLB has been reduced to consistency check

Inconsistency is recomputed after every instruction

# Contributions



- TLB-aware program logic in Isabelle/HOL
  - sound abstraction of ARMv7-style MMU
  - language with TLB management primitives
  - TLB-aware Hoare logic rules
- **Reduction theorems** for program verification at
  - user- and kernel-level execution
  - context switch

# Program Verification



- Address space management
  - inspired by seL4

# Program Verification



- Address space management
  - inspired by seL4



# Program Verification



- Address space management
  - inspired by seL4



# Program Verification



- Address space management
  - inspired by seL4



# Program Verification



- Address space management
  - inspired by seL4



# Reduction Theorems



- User-level assignment
  - user cannot update page table,  
hence cannot affect TLB consistency

```
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧ Addr vp ↣s p}  
lval ::= rval  
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧ heap s p = [v]}
```

# Reduction Theorems



- User-level assignment
  - user cannot update page table,  
hence cannot affect TLB consistency

```
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧ Addr vp ↪s p}  
lval ::= rval  
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧ heap s p = [v]}
```

# Reduction Theorems



- User-level assignment
  - user cannot update page table,  
hence cannot affect TLB consistency

```
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧ Addr vp ↪s p}  
lval ::= rval  
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧ heap s p = [v]}
```

# Reduction Theorems



- User-level assignment
  - user cannot update page table,  
hence cannot affect TLB consistency

```
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧ Addr vp ↪s p}  
lval ::= rval  
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧ heap s p = [v]}
```

# Reduction Theorems



- User-level assignment
  - user cannot update page table,  
hence cannot affect TLB consistency

```
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧  
    [[lval]] s = [vp] ∧ [[rval]] s = [v] ∧ Addr vp ↦s p}  
lval ::= rval  
{λs. mmu_layout s ∧ mode s = User ∧ IC s = ∅ ∧ heap s p = [v]}
```



user-level reasoning has been reduced to  
standard Hoare logic rule with address translation

# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**



# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**



- ✓ TLB remains consistent
- ✓ reduction to standard Hoare logic

# Reduction Theorems



- Kernel-level assignment
  - that **does modify page table**



# Reduction Theorems



- Kernel-level assignment
  - that **does modify page table**



- ✓ TLB consistency is regained by flushing the entries
- ✓ logic correctly identifies when the flush is due

# Contributions



- TLB-aware program logic in Isabelle/HOL
- sound abstraction of ARMv7-style MMU
- language with TLB management primitives
- TLB-aware Hoare logic rules
- **Reduction theorems** for program verification at
  - user- and kernel-level execution
  - context switch



# Context Switch



- Operations — updating the
  - root register, then updating the
  - ASID register

# Context Switch



- Operations — updating the
  - root register, then updating the
  - ASID register
- ARM's recommended sequence to avoid TLB flush



# Context Switch



- Operations — updating the
  - root register, then updating the
  - ASID register
- ARM's recommended sequence to avoid TLB flush



logic can prove that  
assigned ASIDs remain consistent

# Taken Together



# Taken Together



- simplicity of the logic and memory model
- reduction to Hoare logic for most use-cases

# Taken Together



- simplicity of the logic and memory model
- reduction to Hoare logic for most use-cases



more in the paper:  
details of the [reduction theorems](#)

# Taken Together



- simplicity of the logic and memory model
- reduction to Hoare logic for most use-cases



more in the paper:  
details of the [reduction theorems](#)



theories available on github:  
[SEL4PROJ/tlb](#)

# Taken Together



- simplicity of the logic and memory model
- reduction to Hoare logic for most use-cases



more in the paper:  
details of the [reduction theorems](#)



theories available on github:  
[SEL4PROJ/tlb](#)



Questions

# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**

# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**

```
{λs. mmu_layout s ∧ mode s = Kernel ∧ asids_consistent s ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧  
    Addr vp ∈ kernel_safe s ∧ k_phy_ad vp ∉ kernel_data_area s ∧  
    safe_set (kernel_safe s) s }
```

```
lval ::= rval
```

# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**

$$\{\lambda s. \text{mmu\_layout } s \wedge \text{mode } s = \text{Kernel} \wedge \text{asids\_consistent } s \wedge \\ [[lval]] \ s = [vp] \wedge [[rval]] \ s = [v] \wedge \\ \text{Addr } vp \in \text{kernel\_safe } s \wedge k_{\text{phy\_ad}} \ vp \notin \text{kernel\_data\_area } s \wedge \\ \text{safe\_set } (\text{kernel\_safe } s) \ s\}$$

**lval ::= rval**

$$\{\lambda s. \text{mmu\_layout } s \wedge \text{mode } s = \text{Kernel} \wedge \text{safe\_set } (\text{kernel\_safe } s) \ s \wedge \\ \text{asids\_consistent } s \wedge \text{heap } s \ (k_{\text{phy\_ad}} \ vp) = [v]\}$$

# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**

```
{λs. mmu_layout s ∧ mode s = Kernel ∧ asids_consistent s ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧  
    Addr vp ∈ kernel_safe s ∧ k_phy_ad vp ≠ kernel_data_area s ∧  
    safe_set (kernel_safe s) s }  
  
lval ::= rval
```

```
{λs. mmu_layout s ∧ mode s = Kernel ∧ safe_set (kernel_safe s) s ∧  
    asids_consistent s ∧ heap s (k_phy_ad vp) = [v]}
```

# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**

```
{λs. mmu_layout s ∧ mode s = Kernel ∧ asids_consistent s ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧  
    Addr vp ∈ kernel_safe s ∧ k_phy_ad vp ≠ kernel_data_area s ∧  
    safe_set (kernel_safe s) s }  
  
lval ::= rval
```

```
{λs. mmu_layout s ∧ mode s = Kernel ∧ safe_set (kernel_safe s) s ∧  
    asids_consistent s ∧ heap s (k_phy_ad vp) = [v]}
```

# Reduction Theorems



- Kernel-level assignment
  - that **doesn't modify page table**

```
{λs. mmu_layout s ∧ mode s = Kernel ∧ asids_consistent s ∧  
    [lval] s = [vp] ∧ [rval] s = [v] ∧  
    Addr vp ∈ kernel_safe s ∧ k_phys_ad vp ≠ kernel_data_area s ∧  
    safe_set (kernel_safe s) s }  
  
lval ::= rval
```

```
{λs. mmu_layout s ∧ mode s = Kernel ∧ safe_set (kernel_safe s) s ∧  
    asids_consistent s ∧ heap s (k_phys_ad vp) = [v]}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{\lambda s. mmu_layout s \wedge asids_consistent s \wedge mode s = Kernel \wedge
    IC s = \emptyset \wedge 0 \notin ran (root_map s) \wedge root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{\lambda s. mmu_layout s \wedge IC s = \emptyset \wedge mode s = User \wedge asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```

# Context Switch



- Operations —
  - update root register to `root r`, then
  - update ASID register to `ASID a`
- ARMv7-A manual's recommended sequence

```
{λs. mmu_layout s ∧ asids_consistent s ∧ mode s = Kernel ∧
    IC s = ∅ ∧ 0 ∉ ran (root_map s) ∧ root_map s (Addr r) = [a]}
UpdateASID 0;; updateRoot (Const r);; UpdateASID a;; SetMode User
{λs. mmu_layout s ∧ IC s = ∅ ∧ mode s = User ∧ asids_consistent s}
```