Expand description
This crate provides the Flowistry API, a modular information flow analysis for Rust programs. The theory and evaluation of Flowistry is described in the paper “Modular Information Flow through Ownership” (Crichton et al. 2022). See example.rs for an example of how to use the Flowistry API.
Information flow is whether one instruction or variable can affect another during a program’s execution. Information flow can be used to analyze whether secure values can leak to insecure places (“information flow control”), and to analyze which parts of a program are relevant to a given variable (“program slicing”).
This analysis uses the Rust compiler via the
rustc API.
Given a MIR Body,
the function infoflow::compute_flow computes the information flow
within that body.
If you are interested in using Flowistry, please reach out directly to Will Crichton (wcrichto@cs.stanford.edu) or join our Discord. If you use Flowistry in your research, then please cite our paper:
@inproceedings{crichton2022,
author = {Crichton, Will and Patrignani, Marco and Agrawala, Maneesh and Hanrahan, Pat},
title = {Modular Information Flow through Ownership}, year = {2022},
isbn = {9781450392655}, publisher = {Association for Computing Machinery},
address = {New York, NY, USA}, url = {https://doi.org/10.1145/3519939.3523445},
booktitle = {Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation},
pages = {1–14}, numpages = {14}, keywords = {information flow, rust, ownership types},
location = {San Diego, CA, USA}, series = {PLDI 2022}, doi = {10.1145/3519939.3523445},
}
Modules
- Extra features for evaluating / ablating the precision of Flowistry’s algorithm.
- The core information flow analysis.
- Infrastructure for analyzing MIR that supports the information flow analysis.