lio- Labeled IO Information Flow Control Library

Safe HaskellTrustworthy



This module exports exception types thrown in response to label failures. In addition, it provides withContext, a function that annotates any exceptions in the AnyLabelError hierarchy that are thrown within a given scope. These annotations should be used to add function names to exceptions, so as to make it easier to pinpoint the cause of a label error.



class Annotatable e where Source #

Class of error messages that can be annotated with context.

Minimal complete definition



annotate :: String -> e -> e Source #

withContext :: String -> LIO l a -> LIO l a Source #

Executes an action with a context string, which will be added to any label exception thrown.

Note: this function wraps an action with a catch, and thus may incur a small runtime cost (though it is well under 100 ns on machines we benchmarked).

lerrToException :: (Exception e, Annotatable e) => e -> SomeException Source #

Definition of toException for children of AnyLabelError in the exception hierarchy.

lerrFromException :: Exception e => SomeException -> Maybe e Source #

Definition of fromException for children of AnyLabelError in the exception hierarchy.

data GenericPrivDesc l Source #

A generic privilege description for recording relevant privileges in exceptions.


PrivDesc l p => GenericPrivDesc p 

data LabelError l Source #

Main error type thrown by label failures in the LIO monad.




labelError Source #


:: Label l 
=> String

Function that failed.

-> [l]

Labels involved in error.

-> LIO l a 

Throw a label-error exception.

labelErrorP Source #


:: (Label l, PrivDesc l p) 
=> String

Function that failed.

-> Priv p

Privileges involved.

-> [l]

Labels involved.

-> LIO l a 

Throw a label-error exception.

data InsufficientPrivs Source #

Error indicating insufficient privileges (independent of the current label). This exception is thrown by delegate, and should also be thrown by gates that receive insufficient privilege descriptions (see LIO.Delegate).

insufficientPrivs Source #


:: SpeaksFor p 
=> String

Function in which error occurs

-> p

Description of privileges supplied

-> p

Description of privileges needed

-> a 

Raise InsufficientPrivs error.