Commit b6bdfaa

authored

Merge pull request #1585 from rust-osdev/bishop-unsafe-op

uefi: Enable unsafe_op_in_unsafe_fn lint

2 parents 322fa3e + cbff720 commit b6bdfaaCopy full SHA for b6bdfaa

File tree

17 files changed

+151

-115

lines changed

uefi/src
- allocator.rs
- boot.rs
- data_types
  - strs.rs
- helpers
  - logger.rs
- lib.rs
- proto
  - console
    - gop.rs
  - debug
    - mod.rs
  - device_path
    - mod.rs
  - loaded_image.rs
  - media
    - disk.rs
    - file
  - tcg
    - v1.rs
    - v2.rs
- runtime.rs
- util.rs

17 files changed

+151

-115

lines changed

`‎uefi/src/allocator.rs`

Lines changed: 7 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -90,9 +90,11 @@ unsafe impl GlobalAlloc for Allocator {`
`90`	`90`	// write is appropriately aligned for a `*mut u8` pointer because
`91`	`91`	// `align_ptr` is aligned, and alignments are always powers of two
`92`	`92`	// (as enforced by the `Layout` type).
`93`		`- let aligned_ptr = full_alloc_ptr.add(offset);`
`94`		`- (aligned_ptr.cast::<*mut u8>()).sub(1).write(full_alloc_ptr);`
`95`		`- aligned_ptr`
	`93`	`+ unsafe {`
	`94`	`+ let aligned_ptr = full_alloc_ptr.add(offset);`
	`95`	`+ (aligned_ptr.cast::<*mut u8>()).sub(1).write(full_alloc_ptr);`
	`96`	`+ aligned_ptr`
	`97`	`+ }`
`96`	`98`	`} else {`
`97`	`99`	`// The requested alignment is less than or equal to eight, and`
`98`	`100`	// `allocate_pool` always provides eight-byte alignment, so we can
`@@ -108,13 +110,13 @@ unsafe impl GlobalAlloc for Allocator {`
`108`	`110`	`if layout.align() > 8 {`
`109`	`111`	`// Retrieve the pointer to the full allocation that was packed right`
`110`	`112`	// before the aligned allocation in `alloc`.
`111`		`- ptr = (ptr as const mut u8).sub(1).read();`
	`113`	`+ ptr = unsafe{(ptr as const mut u8).sub(1).read()};`
`112`	`114`	`}`
`113`	`115`
`114`	`116`	// OK to unwrap: `ptr` is required to be a valid allocation by the trait API.
`115`	`117`	`let ptr = NonNull::new(ptr).unwrap();`
`116`	`118`
`117`	`119`	`// Warning: this will panic after exiting boot services.`
`118`		`- boot::free_pool(ptr).unwrap();`
	`120`	`+ unsafe{boot::free_pool(ptr)}.unwrap();`
`119`	`121`	`}`
`120`	`122`	`}`

`‎uefi/src/boot.rs`

Lines changed: 57 additions & 44 deletions

Original file line number	Diff line number	Diff line change
`@@ -116,7 +116,7 @@ pub unsafe fn raise_tpl(tpl: Tpl) -> TplGuard {`
`116`	`116`	`let bt = unsafe { bt.as_ref() };`
`117`	`117`
`118`	`118`	`TplGuard {`
`119`		`- old_tpl: (bt.raise_tpl)(tpl),`
	`119`	`+ old_tpl: unsafe{(bt.raise_tpl)(tpl)},`
`120`	`120`	`}`
`121`	`121`	`}`
`122`	`122`
`@@ -381,15 +381,17 @@ pub unsafe fn create_event(`
`381`	`381`
`382`	`382`	`// Safety: the argument types of the function pointers are defined`
`383`	`383`	`// differently, but are compatible and can be safely transmuted.`
`384`		`- let notify_fn: Option<uefi_raw::table::boot::EventNotifyFn> = mem::transmute(notify_fn);`
	`384`	`+ let notify_fn: Option<uefi_raw::table::boot::EventNotifyFn> =`
	`385`	`+ unsafe { mem::transmute(notify_fn) };`
`385`	`386`
`386`	`387`	`let notify_ctx = opt_nonnull_to_ptr(notify_ctx);`
`387`	`388`
`388`	`389`	`// Now we're ready to call UEFI`
`389`		`- (bt.create_event)(event_ty, notify_tpl, notify_fn, notify_ctx, &mut event).to_result_with_val(`
`390`		`- // OK to unwrap: event is non-null for Status::SUCCESS.`
`391`		`- \|\| Event::from_ptr(event).unwrap(),`
`392`		`- )`
	`390`	`+ unsafe { (bt.create_event)(event_ty, notify_tpl, notify_fn, notify_ctx, &mut event) }`
	`391`	`+ .to_result_with_val(`
	`392`	`+ // OK to unwrap: event is non-null for Status::SUCCESS.`
	`393`	`+ \|\| unsafe { Event::from_ptr(event) }.unwrap(),`
	`394`	`+ )`
`393`	`395`	`}`
`394`	`396`
`395`	`397`	`/// Creates an event in an event group.`
`@@ -451,19 +453,22 @@ pub unsafe fn create_event_ex(`
`451`	`453`
`452`	`454`	`// Safety: the argument types of the function pointers are defined`
`453`	`455`	`// differently, but are compatible and can be safely transmuted.`
`454`		`- let notify_fn: Option<uefi_raw::table::boot::EventNotifyFn> = mem::transmute(notify_fn);`
`455`		`-`
`456`		`- (bt.create_event_ex)(`
`457`		`- event_type,`
`458`		`- notify_tpl,`
`459`		`- notify_fn,`
`460`		`- opt_nonnull_to_ptr(notify_ctx),`
`461`		`- opt_nonnull_to_ptr(event_group),`
`462`		`- &mut event,`
`463`		`- )`
	`456`	`+ let notify_fn: Option<uefi_raw::table::boot::EventNotifyFn> =`
	`457`	`+ unsafe { mem::transmute(notify_fn) };`
	`458`	`+`
	`459`	`+ unsafe {`
	`460`	`+ (bt.create_event_ex)(`
	`461`	`+ event_type,`
	`462`	`+ notify_tpl,`
	`463`	`+ notify_fn,`
	`464`	`+ opt_nonnull_to_ptr(notify_ctx),`
	`465`	`+ opt_nonnull_to_ptr(event_group),`
	`466`	`+ &mut event,`
	`467`	`+ )`
	`468`	`+ }`
`464`	`469`	`.to_result_with_val(`
`465`	`470`	`// OK to unwrap: event is non-null for Status::SUCCESS.`
`466`		`- \|\| Event::from_ptr(event).unwrap(),`
	`471`	`+ \|\| unsafe{Event::from_ptr(event)}.unwrap(),`
`467`	`472`	`)`
`468`	`473`	`}`
`469`	`474`
`@@ -696,13 +701,15 @@ pub unsafe fn install_protocol_interface(`
`696`	`701`	`let bt = unsafe { bt.as_ref() };`
`697`	`702`
`698`	`703`	`let mut handle = Handle::opt_to_ptr(handle);`
`699`		`- ((bt.install_protocol_interface)(`
`700`		`- &mut handle,`
`701`		`- protocol,`
`702`		`- InterfaceType::NATIVE_INTERFACE,`
`703`		`- interface,`
`704`		`- ))`
`705`		`- .to_result_with_val(\|\| Handle::from_ptr(handle).unwrap())`
	`704`	`+ unsafe {`
	`705`	`+ (bt.install_protocol_interface)(`
	`706`	`+ &mut handle,`
	`707`	`+ protocol,`
	`708`	`+ InterfaceType::NATIVE_INTERFACE,`
	`709`	`+ interface,`
	`710`	`+ )`
	`711`	`+ }`
	`712`	`+ .to_result_with_val(\|\| unsafe { Handle::from_ptr(handle) }.unwrap())`
`706`	`713`	`}`
`707`	`714`
`708`	`715`	/// Reinstalls a protocol interface on a device handle. `old_interface` is replaced with `new_interface`.
`@@ -730,8 +737,10 @@ pub unsafe fn reinstall_protocol_interface(`
`730`	`737`	`let bt = boot_services_raw_panicking();`
`731`	`738`	`let bt = unsafe { bt.as_ref() };`
`732`	`739`
`733`		`- (bt.reinstall_protocol_interface)(handle.as_ptr(), protocol, old_interface, new_interface)`
`734`		`- .to_result()`
	`740`	`+ unsafe {`
	`741`	`+ (bt.reinstall_protocol_interface)(handle.as_ptr(), protocol, old_interface, new_interface)`
	`742`	`+ }`
	`743`	`+ .to_result()`
`735`	`744`	`}`
`736`	`745`
`737`	`746`	`/// Removes a protocol interface from a device handle.`
`@@ -757,7 +766,7 @@ pub unsafe fn uninstall_protocol_interface(`
`757`	`766`	`let bt = boot_services_raw_panicking();`
`758`	`767`	`let bt = unsafe { bt.as_ref() };`
`759`	`768`
`760`		`- (bt.uninstall_protocol_interface)(handle.as_ptr(), protocol, interface).to_result()`
	`769`	`+ unsafe{(bt.uninstall_protocol_interface)(handle.as_ptr(), protocol, interface).to_result()}`
`761`	`770`	`}`
`762`	`771`
`763`	`772`	/// Registers `event` to be signaled whenever a protocol interface is registered for
`@@ -1035,19 +1044,21 @@ pub unsafe fn open_protocol<P: ProtocolPointer + ?Sized>(`
`1035`	`1044`	`let bt = unsafe { bt.as_ref() };`
`1036`	`1045`
`1037`	`1046`	`let mut interface = ptr::null_mut();`
`1038`		`- (bt.open_protocol)(`
`1039`		`- params.handle.as_ptr(),`
`1040`		`- &P::GUID,`
`1041`		`- &mut interface,`
`1042`		`- params.agent.as_ptr(),`
`1043`		`- Handle::opt_to_ptr(params.controller),`
`1044`		`- attributes as u32,`
`1045`		`- )`
	`1047`	`+ unsafe {`
	`1048`	`+ (bt.open_protocol)(`
	`1049`	`+ params.handle.as_ptr(),`
	`1050`	`+ &P::GUID,`
	`1051`	`+ &mut interface,`
	`1052`	`+ params.agent.as_ptr(),`
	`1053`	`+ Handle::opt_to_ptr(params.controller),`
	`1054`	`+ attributes as u32,`
	`1055`	`+ )`
	`1056`	`+ }`
`1046`	`1057`	`.to_result_with_val(\|\| {`
`1047`	`1058`	`let interface = if interface.is_null() {`
`1048`	`1059`	`None`
`1049`	`1060`	`} else {`
`1050`		`- NonNull::new(P::mut_ptr_from_ffi(interface))`
	`1061`	`+ NonNull::new(unsafe{P::mut_ptr_from_ffi(interface)})`
`1051`	`1062`	`};`
`1052`	`1063`	`ScopedProtocol {`
`1053`	`1064`	`interface,`
`@@ -1220,12 +1231,14 @@ pub unsafe fn exit(`
`1220`	`1231`	`let bt = boot_services_raw_panicking();`
`1221`	`1232`	`let bt = unsafe { bt.as_ref() };`
`1222`	`1233`
`1223`		`- (bt.exit)(`
`1224`		`- image_handle.as_ptr(),`
`1225`		`- exit_status,`
`1226`		`- exit_data_size,`
`1227`		`- exit_data.cast(),`
`1228`		`- )`
	`1234`	`+ unsafe {`
	`1235`	`+ (bt.exit)(`
	`1236`	`+ image_handle.as_ptr(),`
	`1237`	`+ exit_status,`
	`1238`	`+ exit_data_size,`
	`1239`	`+ exit_data.cast(),`
	`1240`	`+ )`
	`1241`	`+ }`
`1229`	`1242`	`}`
`1230`	`1243`
`1231`	`1244`	`/// Get the current memory map and exit boot services.`
`@@ -1241,7 +1254,7 @@ unsafe fn get_memory_map_and_exit_boot_services(buf: &mut [u8]) -> Result<Memory`
`1241`	`1254`	`// what boot services functions can be called. In UEFI 2.8 and earlier,`
`1242`	`1255`	// only `get_memory_map` and `exit_boot_services` are allowed. Starting
`1243`	`1256`	`// in UEFI 2.9 other memory allocation functions may also be called.`
`1244`		`- (bt.exit_boot_services)(image_handle().as_ptr(), memory_map.map_key.0)`
	`1257`	`+ unsafe{(bt.exit_boot_services)(image_handle().as_ptr(), memory_map.map_key.0)}`
`1245`	`1258`	`.to_result_with_val(\|\| memory_map)`
`1246`	`1259`	`}`
`1247`	`1260`
`@@ -1344,7 +1357,7 @@ pub unsafe fn install_configuration_table(`
`1344`	`1357`	`let bt = boot_services_raw_panicking();`
`1345`	`1358`	`let bt = unsafe { bt.as_ref() };`
`1346`	`1359`
`1347`		`- (bt.install_configuration_table)(guid_entry, table_ptr).to_result()`
	`1360`	`+ unsafe{(bt.install_configuration_table)(guid_entry, table_ptr)}.to_result()`
`1348`	`1361`	`}`
`1349`	`1362`
`1350`	`1363`	`/// Sets the watchdog timer.`

`‎uefi/src/data_types/strs.rs`

Lines changed: 7 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -143,11 +143,11 @@ impl CStr8 {`
`143`	`143`	`#[must_use]`
`144`	`144`	`pub unsafe fn from_ptr<'ptr>(ptr: *const Char8) -> &'ptr Self {`
`145`	`145`	`let mut len = 0;`
`146`		`- while *ptr.add(len) != NUL_8 {`
	`146`	`+ while unsafe{*ptr.add(len)} != NUL_8 {`
`147`	`147`	`len += 1`
`148`	`148`	`}`
`149`	`149`	`let ptr = ptr.cast::<u8>();`
`150`		`- Self::from_bytes_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1))`
	`150`	`+ unsafe{Self::from_bytes_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1))}`
`151`	`151`	`}`
`152`	`152`
`153`	`153`	`/// Creates a CStr8 reference from bytes.`
`@@ -171,7 +171,7 @@ impl CStr8 {`
`171`	`171`	`/// null-terminated string, with no interior null bytes.`
`172`	`172`	`#[must_use]`
`173`	`173`	`pub const unsafe fn from_bytes_with_nul_unchecked(chars: &[u8]) -> &Self {`
`174`		`- &(ptr::from_ref(chars) as const Self)`
	`174`	`+ unsafe{&(ptr::from_ref(chars) as const Self)}`
`175`	`175`	`}`
`176`	`176`
`177`	`177`	`/// Returns the inner pointer to this CStr8.`
`@@ -352,11 +352,11 @@ impl CStr16 {`
`352`	`352`	`#[must_use]`
`353`	`353`	`pub unsafe fn from_ptr<'ptr>(ptr: *const Char16) -> &'ptr Self {`
`354`	`354`	`let mut len = 0;`
`355`		`- while *ptr.add(len) != NUL_16 {`
	`355`	`+ while unsafe{*ptr.add(len)} != NUL_16 {`
`356`	`356`	`len += 1`
`357`	`357`	`}`
`358`	`358`	`let ptr = ptr.cast::<u16>();`
`359`		`- Self::from_u16_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1))`
	`359`	`+ unsafe{Self::from_u16_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1))}`
`360`	`360`	`}`
`361`	`361`
`362`	`362`	/// Creates a `&CStr16` from a u16 slice, stopping at the first nul character.
`@@ -405,7 +405,7 @@ impl CStr16 {`
`405`	`405`	`/// null-terminated string, with no interior null characters.`
`406`	`406`	`#[must_use]`
`407`	`407`	`pub const unsafe fn from_u16_with_nul_unchecked(codes: &[u16]) -> &Self {`
`408`		`- &(ptr::from_ref(codes) as const Self)`
	`408`	`+ unsafe{&(ptr::from_ref(codes) as const Self)}`
`409`	`409`	`}`
`410`	`410`
`411`	`411`	/// Creates a `&CStr16` from a [`Char16`] slice, stopping at the first nul character.
`@@ -455,7 +455,7 @@ impl CStr16 {`
`455`	`455`	`#[must_use]`
`456`	`456`	`pub const unsafe fn from_char16_with_nul_unchecked(chars: &[Char16]) -> &Self {`
`457`	`457`	`let ptr: *const [Char16] = chars;`
`458`		`- &(ptr as const Self)`
	`458`	`+ unsafe{&(ptr as const Self)}`
`459`	`459`	`}`
`460`	`460`
`461`	`461`	/// Convert a [`&str`] to a `&CStr16`, backed by a buffer.

`‎uefi/src/helpers/logger.rs`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -29,7 +29,7 @@ static LOGGER: Logger = Logger::new();`
`29`	`29`	`/// disable() on exit from UEFI boot services.`
`30`	`30`	`pub unsafe fn init() {`
`31`	`31`	`// Connect the logger to stdout.`
`32`		`- system::with_stdout(\|stdout\| {`
	`32`	`+ system::with_stdout(\|stdout\| unsafe{`
`33`	`33`	`LOGGER.set_output(stdout);`
`34`	`34`	`});`
`35`	`35`

`‎uefi/src/lib.rs`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -224,6 +224,7 @@`
`224`	`224`	`clippy::use_self,`
`225`	`225`	`missing_debug_implementations,`
`226`	`226`	`missing_docs,`
	`227`	`+ unsafe_op_in_unsafe_fn,`
`227`	`228`	`unused`
`228`	`229`	`)]`
`229`	`230`

`‎uefi/src/proto/console/gop.rs`

Lines changed: 7 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -589,7 +589,7 @@ impl FrameBuffer<'_> {`
`589`	`589`	`#[inline]`
`590`	`590`	`pub unsafe fn write_byte(&mut self, index: usize, value: u8) {`
`591`	`591`	`debug_assert!(index < self.size, "Frame buffer accessed out of bounds");`
`592`		`- self.base.add(index).write_volatile(value)`
	`592`	`+ unsafe{self.base.add(index).write_volatile(value)}`
`593`	`593`	`}`
`594`	`594`
`595`	`595`	`/// Read the i-th byte of the frame buffer`
`@@ -603,7 +603,7 @@ impl FrameBuffer<'_> {`
`603`	`603`	`#[must_use]`
`604`	`604`	`pub unsafe fn read_byte(&self, index: usize) -> u8 {`
`605`	`605`	`debug_assert!(index < self.size, "Frame buffer accessed out of bounds");`
`606`		`- self.base.add(index).read_volatile()`
	`606`	`+ unsafe{self.base.add(index).read_volatile()}`
`607`	`607`	`}`
`608`	`608`
`609`	`609`	`/// Write a value in the frame buffer, starting at the i-th byte`
`@@ -624,8 +624,10 @@ impl FrameBuffer<'_> {`
`624`	`624`	`index.saturating_add(size_of::<T>()) <= self.size,`
`625`	`625`	`"Frame buffer accessed out of bounds"`
`626`	`626`	`);`
`627`		`- let ptr = self.base.add(index).cast::<T>();`
`628`		`- ptr.write_volatile(value)`
	`627`	`+ unsafe {`
	`628`	`+ let ptr = self.base.add(index).cast::<T>();`
	`629`	`+ ptr.write_volatile(value)`
	`630`	`+ }`
`629`	`631`	`}`
`630`	`632`
`631`	`633`	`/// Read a value from the frame buffer, starting at the i-th byte`
`@@ -647,6 +649,6 @@ impl FrameBuffer<'_> {`
`647`	`649`	`index.saturating_add(size_of::<T>()) <= self.size,`
`648`	`650`	`"Frame buffer accessed out of bounds"`
`649`	`651`	`);`
`650`		`- (self.base.add(index) as *const T).read_volatile()`
	`652`	`+ unsafe{(self.base.add(index) as *const T).read_volatile()}`
`651`	`653`	`}`
`652`	`654`	`}`

`‎uefi/src/proto/debug/mod.rs`

Lines changed: 7 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -98,7 +98,7 @@ impl DebugSupport {`
`98`	`98`	`}`
`99`	`99`
`100`	`100`	// Safety: As we've validated the `processor_index`, this should always be safe
`101`		`- (self.register_periodic_callback)(self, processor_index, callback).to_result()`
	`101`	`+ unsafe{(self.register_periodic_callback)(self, processor_index, callback)}.to_result()`
`102`	`102`	`}`
`103`	`103`
`104`	`104`	`/// Registers a function to be called when a given processor exception occurs.`
`@@ -122,8 +122,10 @@ impl DebugSupport {`
`122`	`122`	`}`
`123`	`123`
`124`	`124`	// Safety: As we've validated the `processor_index`, this should always be safe
`125`		`- (self.register_exception_callback)(self, processor_index, callback, exception_type)`
`126`		`- .to_result()`
	`125`	`+ unsafe {`
	`126`	`+ (self.register_exception_callback)(self, processor_index, callback, exception_type)`
	`127`	`+ }`
	`128`	`+ .to_result()`
`127`	`129`	`}`
`128`	`130`
`129`	`131`	/// Invalidates processor instruction cache for a memory range for a given `processor_index`.
`@@ -144,7 +146,8 @@ impl DebugSupport {`
`144`	`146`
`145`	`147`	`// per the UEFI spec, this call should only return EFI_SUCCESS`
`146`	`148`	// Safety: As we've validated the `processor_index`, this should always be safe
`147`		`- (self.invalidate_instruction_cache)(self, processor_index, start, length).to_result()`
	`149`	`+ unsafe { (self.invalidate_instruction_cache)(self, processor_index, start, length) }`
	`150`	`+ .to_result()`
`148`	`151`	`}`
`149`	`152`	`}`
`150`	`153`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit b6bdfaa

File tree

17 files changed

17 files changed

`‎uefi/src/allocator.rs`

`‎uefi/src/boot.rs`

`‎uefi/src/data_types/strs.rs`

`‎uefi/src/helpers/logger.rs`

`‎uefi/src/lib.rs`

`‎uefi/src/proto/console/gop.rs`

`‎uefi/src/proto/debug/mod.rs`

0 commit comments