Expand description

This crate provides the Flowistry API, a modular information flow analysis for Rust programs. The theory and evaluation of Flowistry is described in the paper “Modular Information Flow through Ownership” (Crichton et al. 2022). See example.rs for an example of how to use the Flowistry API.

Information flow is whether one instruction or variable can affect another during a program’s execution. Information flow can be used to analyze whether secure values can leak to insecure places (“information flow control”), and to analyze which parts of a program are relevant to a given variable (“program slicing”).

This analysis uses the Rust compiler via the rustc API. Given a MIR body, the function infoflow::compute_flow computes the information flow within that body. Check out those docs for more information on the specific data structure that is computed.

If you are interested in using Flowistry, please reach out directly to Will Crichton (wcrichto@cs.stanford.edu) or join our Discord. If you use Flowistry in your research, then please cite our paper:

@inproceedings{crichton2022,
  author = {Crichton, Will and Patrignani, Marco and Agrawala, Maneesh and Hanrahan, Pat},
  title = {Modular Information Flow through Ownership}, year = {2022},
  isbn = {9781450392655}, publisher = {Association for Computing Machinery},
  address = {New York, NY, USA}, url = {https://doi.org/10.1145/3519939.3523445},
  booktitle = {Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation},
  pages = {1–14}, numpages = {14}, keywords = {information flow, rust, ownership types},
  location = {San Diego, CA, USA}, series = {PLDI 2022}, doi = {10.1145/3519939.3523445},
}

Modules

Data structure for memoizing computations.

Extra features for evaluating / ablating the precision of Flowistry’s algorithm.

APIs for efficiently representing values with an fixed-size domain via bit-sets.

The core information flow analysis.

Infrastructure for analyzing MIR that supports the information flow analysis.

Mapping MIR instructions to source code.

Running rustc and Flowistry in tests.

Macros

Implements ToIndex for the index of an indexed type.