all lists on lists.proxmox.com
 help / color / mirror / Atom feed
From: Maximiliano Sandoval <m.sandoval@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox 3/9] mark blocks inside unsafe fns unsafe
Date: Tue,  4 Mar 2025 15:40:45 +0100	[thread overview]
Message-ID: <20250304144051.585163-3-m.sandoval@proxmox.com> (raw)
In-Reply-To: <20250304144051.585163-1-m.sandoval@proxmox.com>

In edition 2024 unsafe code inside unsafe functions has to be explicitly
marked as such.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 proxmox-shared-memory/src/lib.rs              |  4 +-
 proxmox-shared-memory/src/raw_shared_mutex.rs | 48 ++++++++++---------
 proxmox-sys/src/fs/read_dir.rs                |  2 +-
 proxmox-sys/src/linux/pid.rs                  |  4 +-
 proxmox-sys/src/mmap.rs                       | 18 +++----
 5 files changed, 40 insertions(+), 36 deletions(-)

diff --git a/proxmox-shared-memory/src/lib.rs b/proxmox-shared-memory/src/lib.rs
index defe678d..4a986b09 100644
--- a/proxmox-shared-memory/src/lib.rs
+++ b/proxmox-shared-memory/src/lib.rs
@@ -201,7 +201,7 @@ impl<T: Sized + Init> SharedMemory<T> {
 /// This calls `Init::initialize`, it is up to the user to ensure this is safe. The value should
 /// not have been initialized at this point.
 pub unsafe fn initialize_subtype<T: Init>(this: &mut T) {
-    let data: &mut MaybeUninit<T> = std::mem::transmute(this);
+    let data: &mut MaybeUninit<T> = unsafe { std::mem::transmute(this) };
     Init::initialize(data);
 }
 
@@ -211,6 +211,6 @@ pub unsafe fn initialize_subtype<T: Init>(this: &mut T) {
 ///
 /// This calls `Init::check_type_magic`, it is up to the user to ensure this is safe.
 pub unsafe fn check_subtype<T: Init>(this: &T) -> Result<(), Error> {
-    let data: &MaybeUninit<T> = std::mem::transmute(this);
+    let data: &MaybeUninit<T> = unsafe { std::mem::transmute(this) };
     Init::check_type_magic(data)
 }
diff --git a/proxmox-shared-memory/src/raw_shared_mutex.rs b/proxmox-shared-memory/src/raw_shared_mutex.rs
index 1b06d5b8..3056299d 100644
--- a/proxmox-shared-memory/src/raw_shared_mutex.rs
+++ b/proxmox-shared-memory/src/raw_shared_mutex.rs
@@ -19,31 +19,33 @@ impl RawSharedMutex {
     #[inline]
     pub unsafe fn init(&mut self) {
         let mut attr = MaybeUninit::<libc::pthread_mutexattr_t>::uninit();
-        cvt_nz(libc::pthread_mutexattr_init(attr.as_mut_ptr())).unwrap();
-        let attr = PthreadMutexAttr(&mut attr);
-        cvt_nz(libc::pthread_mutexattr_settype(
-            attr.0.as_mut_ptr(),
-            libc::PTHREAD_MUTEX_NORMAL,
-        ))
-        .unwrap();
-        cvt_nz(libc::pthread_mutexattr_setpshared(
-            attr.0.as_mut_ptr(),
-            libc::PTHREAD_PROCESS_SHARED,
-        ))
-        .unwrap();
-        cvt_nz(libc::pthread_mutexattr_setrobust(
-            attr.0.as_mut_ptr(),
-            libc::PTHREAD_MUTEX_ROBUST,
-        ))
-        .unwrap();
-        cvt_nz(libc::pthread_mutex_init(self.inner.get(), attr.0.as_ptr())).unwrap();
+        unsafe {
+            cvt_nz(libc::pthread_mutexattr_init(attr.as_mut_ptr())).unwrap();
+            let attr = PthreadMutexAttr(&mut attr);
+            cvt_nz(libc::pthread_mutexattr_settype(
+                attr.0.as_mut_ptr(),
+                libc::PTHREAD_MUTEX_NORMAL,
+            ))
+            .unwrap();
+            cvt_nz(libc::pthread_mutexattr_setpshared(
+                attr.0.as_mut_ptr(),
+                libc::PTHREAD_PROCESS_SHARED,
+            ))
+            .unwrap();
+            cvt_nz(libc::pthread_mutexattr_setrobust(
+                attr.0.as_mut_ptr(),
+                libc::PTHREAD_MUTEX_ROBUST,
+            ))
+            .unwrap();
+            cvt_nz(libc::pthread_mutex_init(self.inner.get(), attr.0.as_ptr())).unwrap();
+        }
     }
 
     #[inline]
     pub unsafe fn lock(&self) {
-        let mut r = libc::pthread_mutex_lock(self.inner.get());
+        let mut r = unsafe { libc::pthread_mutex_lock(self.inner.get()) };
         if r == libc::EOWNERDEAD {
-            r = libc::pthread_mutex_consistent(self.inner.get());
+            r = unsafe { libc::pthread_mutex_consistent(self.inner.get()) };
         }
 
         debug_assert_eq!(r, 0);
@@ -51,15 +53,15 @@ impl RawSharedMutex {
 
     #[inline]
     pub unsafe fn unlock(&self) {
-        let r = libc::pthread_mutex_unlock(self.inner.get());
+        let r = unsafe { libc::pthread_mutex_unlock(self.inner.get()) };
         debug_assert_eq!(r, 0);
     }
 
     #[inline]
     pub unsafe fn try_lock(&self) -> bool {
-        let mut r = libc::pthread_mutex_trylock(self.inner.get());
+        let mut r = unsafe { libc::pthread_mutex_trylock(self.inner.get()) };
         if r == libc::EOWNERDEAD {
-            r = libc::pthread_mutex_consistent(self.inner.get());
+            r = unsafe { libc::pthread_mutex_consistent(self.inner.get()) };
         }
 
         r == 0
diff --git a/proxmox-sys/src/fs/read_dir.rs b/proxmox-sys/src/fs/read_dir.rs
index 3119274b..09dbac3d 100644
--- a/proxmox-sys/src/fs/read_dir.rs
+++ b/proxmox-sys/src/fs/read_dir.rs
@@ -79,7 +79,7 @@ impl ReadDirEntry {
     /// It is up to the user to ensure that the file name is valid utf-8 *before* calling this
     /// method.
     pub unsafe fn file_name_utf8_unchecked(&self) -> &str {
-        std::str::from_utf8_unchecked(self.file_name().to_bytes())
+        unsafe { std::str::from_utf8_unchecked(self.file_name().to_bytes()) }
     }
 }
 
diff --git a/proxmox-sys/src/linux/pid.rs b/proxmox-sys/src/linux/pid.rs
index 7d50ac44..03464551 100644
--- a/proxmox-sys/src/linux/pid.rs
+++ b/proxmox-sys/src/linux/pid.rs
@@ -24,7 +24,7 @@ pub const SYS_pidfd_open: libc::c_long = 434;
 pub const SYS_pidfd_send_signal: libc::c_long = 424;
 
 unsafe fn pidfd_open(pid: libc::pid_t, flags: libc::c_uint) -> libc::c_long {
-    libc::syscall(SYS_pidfd_open, pid, flags)
+    unsafe { libc::syscall(SYS_pidfd_open, pid, flags) }
 }
 
 unsafe fn pidfd_send_signal(
@@ -33,7 +33,7 @@ unsafe fn pidfd_send_signal(
     info: *mut libc::siginfo_t,
     flags: libc::c_uint,
 ) -> libc::c_long {
-    libc::syscall(SYS_pidfd_send_signal, pidfd, sig, info, flags)
+    unsafe { libc::syscall(SYS_pidfd_send_signal, pidfd, sig, info, flags) }
 }
 
 /// File descriptor reference to a process.
diff --git a/proxmox-sys/src/mmap.rs b/proxmox-sys/src/mmap.rs
index 0ba5337b..6110d676 100644
--- a/proxmox-sys/src/mmap.rs
+++ b/proxmox-sys/src/mmap.rs
@@ -38,14 +38,16 @@ impl<T> Mmap<T> {
 
         // libc::size_t vs usize
         #[allow(clippy::useless_conversion)]
-        let data = mman::mmap(
-            None,
-            byte_len,
-            prot,
-            flags,
-            fd,
-            libc::off_t::try_from(ofs).map_err(io::Error::other)?,
-        )
+        let data = unsafe {
+            mman::mmap(
+                None,
+                byte_len,
+                prot,
+                flags,
+                fd,
+                libc::off_t::try_from(ofs).map_err(io::Error::other)?,
+            )
+        }
         .map_err(SysError::into_io_error)?;
 
         Ok(Self {
-- 
2.39.5



_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel


  parent reply	other threads:[~2025-03-04 14:41 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-03-04 14:40 [pbs-devel] [PATCH proxmox 1/9] mark extern C blocks as unsafe Maximiliano Sandoval
2025-03-04 14:40 ` [pbs-devel] [PATCH proxmox 2/9] daemon: set_var is now unsafe Maximiliano Sandoval
2025-03-04 14:40 ` Maximiliano Sandoval [this message]
2025-03-04 14:40 ` [pbs-devel] [PATCH proxmox 4/9] broadcast_future: accommodate to edition 2024 changes to RPIT Maximiliano Sandoval
2025-03-04 14:40 ` [pbs-devel] [PATCH proxmox 5/9] procfs: add variable bindings for std::fs::read Maximiliano Sandoval
2025-03-04 14:40 ` [pbs-devel] [PATCH proxmox 6/9] port to edition 2024 Maximiliano Sandoval
2025-03-04 14:40 ` [pbs-devel] [PATCH proxmox 7/9] run rustfmt with " Maximiliano Sandoval
2025-03-04 14:40 ` [pbs-devel] [PATCH proxmox 8/9] run cargo clippy --fix Maximiliano Sandoval
2025-03-04 14:40 ` [pbs-devel] [PATCH proxmox 9/9] manual clippy fixes Maximiliano Sandoval
2025-03-19 11:34 ` [pbs-devel] partially-applied: [PATCH proxmox 1/9] mark extern C blocks as unsafe Wolfgang Bumiller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250304144051.585163-3-m.sandoval@proxmox.com \
    --to=m.sandoval@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal