From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <pbs-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
by lore.proxmox.com (Postfix) with ESMTPS id 0A2C41FF168
for <inbox@lore.proxmox.com>; Tue, 4 Mar 2025 15:41:37 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id 21D011DA1;
Tue, 4 Mar 2025 15:41:27 +0100 (CET)
From: Maximiliano Sandoval <m.sandoval@proxmox.com>
To: pbs-devel@lists.proxmox.com
Date: Tue, 4 Mar 2025 15:40:45 +0100
Message-Id: <20250304144051.585163-3-m.sandoval@proxmox.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250304144051.585163-1-m.sandoval@proxmox.com>
References: <20250304144051.585163-1-m.sandoval@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.101 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DMARC_MISSING 0.1 Missing DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
Subject: [pbs-devel] [PATCH proxmox 3/9] mark blocks inside unsafe fns unsafe
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
<pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pbs-devel-bounces@lists.proxmox.com
Sender: "pbs-devel" <pbs-devel-bounces@lists.proxmox.com>
In edition 2024 unsafe code inside unsafe functions has to be explicitly
marked as such.
Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
proxmox-shared-memory/src/lib.rs | 4 +-
proxmox-shared-memory/src/raw_shared_mutex.rs | 48 ++++++++++---------
proxmox-sys/src/fs/read_dir.rs | 2 +-
proxmox-sys/src/linux/pid.rs | 4 +-
proxmox-sys/src/mmap.rs | 18 +++----
5 files changed, 40 insertions(+), 36 deletions(-)
diff --git a/proxmox-shared-memory/src/lib.rs b/proxmox-shared-memory/src/lib.rs
index defe678d..4a986b09 100644
--- a/proxmox-shared-memory/src/lib.rs
+++ b/proxmox-shared-memory/src/lib.rs
@@ -201,7 +201,7 @@ impl<T: Sized + Init> SharedMemory<T> {
/// This calls `Init::initialize`, it is up to the user to ensure this is safe. The value should
/// not have been initialized at this point.
pub unsafe fn initialize_subtype<T: Init>(this: &mut T) {
- let data: &mut MaybeUninit<T> = std::mem::transmute(this);
+ let data: &mut MaybeUninit<T> = unsafe { std::mem::transmute(this) };
Init::initialize(data);
}
@@ -211,6 +211,6 @@ pub unsafe fn initialize_subtype<T: Init>(this: &mut T) {
///
/// This calls `Init::check_type_magic`, it is up to the user to ensure this is safe.
pub unsafe fn check_subtype<T: Init>(this: &T) -> Result<(), Error> {
- let data: &MaybeUninit<T> = std::mem::transmute(this);
+ let data: &MaybeUninit<T> = unsafe { std::mem::transmute(this) };
Init::check_type_magic(data)
}
diff --git a/proxmox-shared-memory/src/raw_shared_mutex.rs b/proxmox-shared-memory/src/raw_shared_mutex.rs
index 1b06d5b8..3056299d 100644
--- a/proxmox-shared-memory/src/raw_shared_mutex.rs
+++ b/proxmox-shared-memory/src/raw_shared_mutex.rs
@@ -19,31 +19,33 @@ impl RawSharedMutex {
#[inline]
pub unsafe fn init(&mut self) {
let mut attr = MaybeUninit::<libc::pthread_mutexattr_t>::uninit();
- cvt_nz(libc::pthread_mutexattr_init(attr.as_mut_ptr())).unwrap();
- let attr = PthreadMutexAttr(&mut attr);
- cvt_nz(libc::pthread_mutexattr_settype(
- attr.0.as_mut_ptr(),
- libc::PTHREAD_MUTEX_NORMAL,
- ))
- .unwrap();
- cvt_nz(libc::pthread_mutexattr_setpshared(
- attr.0.as_mut_ptr(),
- libc::PTHREAD_PROCESS_SHARED,
- ))
- .unwrap();
- cvt_nz(libc::pthread_mutexattr_setrobust(
- attr.0.as_mut_ptr(),
- libc::PTHREAD_MUTEX_ROBUST,
- ))
- .unwrap();
- cvt_nz(libc::pthread_mutex_init(self.inner.get(), attr.0.as_ptr())).unwrap();
+ unsafe {
+ cvt_nz(libc::pthread_mutexattr_init(attr.as_mut_ptr())).unwrap();
+ let attr = PthreadMutexAttr(&mut attr);
+ cvt_nz(libc::pthread_mutexattr_settype(
+ attr.0.as_mut_ptr(),
+ libc::PTHREAD_MUTEX_NORMAL,
+ ))
+ .unwrap();
+ cvt_nz(libc::pthread_mutexattr_setpshared(
+ attr.0.as_mut_ptr(),
+ libc::PTHREAD_PROCESS_SHARED,
+ ))
+ .unwrap();
+ cvt_nz(libc::pthread_mutexattr_setrobust(
+ attr.0.as_mut_ptr(),
+ libc::PTHREAD_MUTEX_ROBUST,
+ ))
+ .unwrap();
+ cvt_nz(libc::pthread_mutex_init(self.inner.get(), attr.0.as_ptr())).unwrap();
+ }
}
#[inline]
pub unsafe fn lock(&self) {
- let mut r = libc::pthread_mutex_lock(self.inner.get());
+ let mut r = unsafe { libc::pthread_mutex_lock(self.inner.get()) };
if r == libc::EOWNERDEAD {
- r = libc::pthread_mutex_consistent(self.inner.get());
+ r = unsafe { libc::pthread_mutex_consistent(self.inner.get()) };
}
debug_assert_eq!(r, 0);
@@ -51,15 +53,15 @@ impl RawSharedMutex {
#[inline]
pub unsafe fn unlock(&self) {
- let r = libc::pthread_mutex_unlock(self.inner.get());
+ let r = unsafe { libc::pthread_mutex_unlock(self.inner.get()) };
debug_assert_eq!(r, 0);
}
#[inline]
pub unsafe fn try_lock(&self) -> bool {
- let mut r = libc::pthread_mutex_trylock(self.inner.get());
+ let mut r = unsafe { libc::pthread_mutex_trylock(self.inner.get()) };
if r == libc::EOWNERDEAD {
- r = libc::pthread_mutex_consistent(self.inner.get());
+ r = unsafe { libc::pthread_mutex_consistent(self.inner.get()) };
}
r == 0
diff --git a/proxmox-sys/src/fs/read_dir.rs b/proxmox-sys/src/fs/read_dir.rs
index 3119274b..09dbac3d 100644
--- a/proxmox-sys/src/fs/read_dir.rs
+++ b/proxmox-sys/src/fs/read_dir.rs
@@ -79,7 +79,7 @@ impl ReadDirEntry {
/// It is up to the user to ensure that the file name is valid utf-8 *before* calling this
/// method.
pub unsafe fn file_name_utf8_unchecked(&self) -> &str {
- std::str::from_utf8_unchecked(self.file_name().to_bytes())
+ unsafe { std::str::from_utf8_unchecked(self.file_name().to_bytes()) }
}
}
diff --git a/proxmox-sys/src/linux/pid.rs b/proxmox-sys/src/linux/pid.rs
index 7d50ac44..03464551 100644
--- a/proxmox-sys/src/linux/pid.rs
+++ b/proxmox-sys/src/linux/pid.rs
@@ -24,7 +24,7 @@ pub const SYS_pidfd_open: libc::c_long = 434;
pub const SYS_pidfd_send_signal: libc::c_long = 424;
unsafe fn pidfd_open(pid: libc::pid_t, flags: libc::c_uint) -> libc::c_long {
- libc::syscall(SYS_pidfd_open, pid, flags)
+ unsafe { libc::syscall(SYS_pidfd_open, pid, flags) }
}
unsafe fn pidfd_send_signal(
@@ -33,7 +33,7 @@ unsafe fn pidfd_send_signal(
info: *mut libc::siginfo_t,
flags: libc::c_uint,
) -> libc::c_long {
- libc::syscall(SYS_pidfd_send_signal, pidfd, sig, info, flags)
+ unsafe { libc::syscall(SYS_pidfd_send_signal, pidfd, sig, info, flags) }
}
/// File descriptor reference to a process.
diff --git a/proxmox-sys/src/mmap.rs b/proxmox-sys/src/mmap.rs
index 0ba5337b..6110d676 100644
--- a/proxmox-sys/src/mmap.rs
+++ b/proxmox-sys/src/mmap.rs
@@ -38,14 +38,16 @@ impl<T> Mmap<T> {
// libc::size_t vs usize
#[allow(clippy::useless_conversion)]
- let data = mman::mmap(
- None,
- byte_len,
- prot,
- flags,
- fd,
- libc::off_t::try_from(ofs).map_err(io::Error::other)?,
- )
+ let data = unsafe {
+ mman::mmap(
+ None,
+ byte_len,
+ prot,
+ flags,
+ fd,
+ libc::off_t::try_from(ofs).map_err(io::Error::other)?,
+ )
+ }
.map_err(SysError::into_io_error)?;
Ok(Self {
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel