about summary refs log tree commit diff
path: root/library/std/src/sys/pal
AgeCommit message (Collapse)AuthorLines
2024-07-20Inject win arm32 shims into metadata generationChris Denton-41/+26
2024-07-20Rollup merge of #123196 - Ayush1325:uefi-process, r=joboetMatthias Krüger-3/+886
Add Process support for UEFI UEFI does not have an actual process. However, it does provide methods to launch and execute another UEFI image. Having process support is important since it is possible to run rust test suit using `Command::output` and is the first step towards being able to run it for UEFI. Here is an overview of how the support is implemented. - We create a copy of the SystemTable. This is required since at least OVMF seems to crash if the original system table is modified. - Stdout and Stderr pipe works by registering a new `simple_text_output` Protocol and pointing the child system table to use those. - `Stdio::Inherit` just points the console to the current running image console which seems to work with even 3 levels of process. - `spawn` is left unimplemented since it does not make sense for UEFI architecture. Additionally, since https://github.com/rust-lang/rust/pull/105458 was merged, the `spawn` and `output` implementations are completely independent.
2024-07-19kmc-solid: forbid(unsafe_op_in_unsafe_fn)Jubilee Young-1/+1
2024-07-19Rollup merge of #112328 - juliusl:pr/windows-add-change-time, r=ChrisDentonMatthias Krüger-0/+11
Feat. adding ext that returns change_time Addresses #112327
2024-07-19uefi: process: Fixes from PRAyush Singh-151/+230
- Update system table crc32 - Fix unsound use of Box - Free exit data - Code improvements - Introduce OwnedTable - Update r-efi to latest version - Use extended_varargs_abi_support for install_multiple_protocol_interfaces and uninstall_multiple_protocol_interfaces - Fix comments - Stub out args implementation Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: process: Final TouchupsAyush Singh-19/+19
Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: process: Add CommandArgs supportAyush Singh-14/+26
Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: process: Add support for argsAyush Singh-21/+55
Also fix stdio inherit Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: process Implement inheritAyush Singh-20/+37
Only tested in 2 levels right now. Need args support for 3 levels Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: process: Add null protocolAyush Singh-38/+100
Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: process: Add stderr supportAyush Singh-2/+34
Implement stderr support in similar fashion. Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: process: Add support to capture stdoutAyush Singh-8/+258
Use a custom simple_text_output protocol to capture output. Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-19uefi: Add processAyush Singh-2/+399
Signed-off-by: Ayush Singh <ayushdevel1325@gmail.com>
2024-07-18unix: acquire-load NEED_ALTSTACKJubilee-1/+1
Co-authored-by: Jonas Böttiger <jonasboettiger@icloud.com>
2024-07-18unix: Unsafe-wrap stack_overflow::{drop,make}_handlerJubilee Young-10/+27
Note that current_guard is probably not unsafe for future work.
2024-07-18unix: Unsafe-wrap stack_overflow::cleanupJubilee Young-1/+6
Editorialize on the wisdom of this as we do.
2024-07-18unix: lift init of sigaltstack before sigactionJubilee Young-9/+17
This is technically "not necessary", as we will "just" segfault instead if we e.g. arrive inside the handler fn with the null altstack. However, it seems incorrect to go about this hoping that segfaulting is okay, seeing as how our purpose here is to mitigate stack overflow problems. Make sure NEED_ALTSTACK syncs with PAGE_SIZE when we do. Co-authored-by: Jonas Böttiger <jonasboettiger@icloud.com>
2024-07-18unix: Unsafe-wrap stack_overflow::signal_handlerJubilee Young-3/+10
sometimes a safety comment is a prayer. avoid fuzzy provenance casts after deref. Co-authored-by: Jonas Böttiger <jonasboettiger@icloud.com>
2024-07-17Rollup merge of #127845 - ↵Trevor Gross-90/+119
workingjubilee:actually-break-up-big-ass-stack-overflow-fn, r=joboet unix: break `stack_overflow::install_main_guard` into smaller fn This was one big deeply-indented function for no reason. This made it hard to reason about the boundaries of its safety. Or just, y'know, read. Simplify it by splitting it into platform-specific functions, but which are still asked to keep compiling (a desirable property, since all of these OS use a similar API). This is mostly a whitespace change, so I suggest reviewing it only after setting Files changed -> (the options gear) -> [x] Hide whitespace as that will make it easier to see how the code was actually broken up instead of raw line diffs.
2024-07-17feat: adding ext that returns change_time for WindowsJulius Liu-0/+11
2024-07-17Rollup merge of #127813 - ChrisDenton:win-futex, r=joboetTrevor Gross-4/+7
Prevent double reference in generic futex In the Windows futex implementation we were a little lax at allowing references to references (i.e. `&&`) which can lead to deadlocks due to reading the wrong memory address. This uses a trait to tighten the constraints and ensure this doesn't happen. r? libs
2024-07-17Rollup merge of #127763 - ChrisDenton:safe-unsafe-unsafe, r=tgross35Trevor Gross-87/+107
Make more Windows functions `#![deny(unsafe_op_in_unsafe_fn)]` As part of #127747, I've evaluated some more Windows functions and added `unsafe` blocks where necessary. Some are just trivial wrappers that "inherit" the full unsafety of their function, but for others I've added some safety comments. A few functions weren't actually unsafe at all. I think they were just using `unsafe fn` to avoid an `unsafe {}` block. I'm not touching `c.rs` yet because that is partially being addressed by another PR and also I have plans to further reduce the number of wrapper functions we have in there. r? libs
2024-07-17unix: unsafe-wrap install_main_guard_defaultJubilee Young-9/+12
2024-07-17unix: clean up install_main_guard_freebsdJubilee Young-13/+12
This just was a mess.
2024-07-16unix: stack_start_aligned is a safe fnJubilee Young-7/+9
This function is purely informative, answering where a stack starts. This is a safe operation, even if an answer requires unsafe code, and even if the result is some unsafe code decides to trust the answer. It also doesn't need to fetch the PAGE_SIZE when its caller just did so! Let's complicate its signature and in doing so simplify its operation. This allows sprinkling around #[forbid(unsafe_op_in_unsafe_fn)]
2024-07-16unix: split stack_overflow::install_main_guard by osJubilee Young-90/+115
2024-07-17Prevent double reference in generic futexChris Denton-4/+7
2024-07-17Narrow the scope of the ReadFile unsafe blockChris Denton-11/+12
2024-07-16Rollup merge of #127836 - workingjubilee:forbid-unsafe-ops-in-xous-uefi, ↵Trevor Gross-1/+2
r=tgross35 std: Forbid unwrapped unsafe ops in xous and uefi modules
2024-07-16Rollup merge of #127833 - risc0:erik/zkvm-deny-unsafe, r=workingjubileeTrevor Gross-1/+2
zkvm: add `#[forbid(unsafe_op_in_unsafe_fn)]` in `stdlib` This also adds an additional `unsafe` block to address compiler errors. This PR is intended to address https://github.com/rust-lang/rust/issues/127747 for the zkvm target.
2024-07-16Rollup merge of #127807 - ChrisDenton:win-parking, r=joboetTrevor Gross-0/+20
Use futex.rs for Windows thread parking If I'm not overlooking anything then the Windows 10+ thread parking implementation is practically the same as the futex.rs implementation. So we may as well use the same implementation for both. The old version is still kept around for Windows 7 support. r? ````@joboet```` if you wouldn't mind double checking I've not missed something
2024-07-16Rollup merge of #126776 - nnethercote:rustfmt-use-pre-cleanups-2, r=cuviperTrevor Gross-6/+12
Clean up more comments near use declarations #125443 will reformat all use declarations in the repository. There are a few edge cases involving comments on use declarations that require care. This PR fixes them up so #125443 can go ahead with a simple `x fmt --all`. A follow-up to #126717. r? ``@cuviper``
2024-07-16uefi: Forbid unwrapped unsafe in platform modulesJubilee Young-0/+1
2024-07-16xous: Forbid unwrapped unsafe in platform modulesJubilee Young-1/+1
2024-07-16zkvm: add `#[forbid(unsafe_op_in_unsafe_fn)]` in `stdlib`Erik Kaneda-1/+2
This also adds an additional `unsafe` block to address compiler errors.
2024-07-17Avoid comments that describe multiple `use` items.Nicholas Nethercote-6/+12
There are some comments describing multiple subsequent `use` items. When the big `use` reformatting happens some of these `use` items will be reordered, possibly moving them away from the comment. With this additional level of formatting it's not really feasible to have comments of this type. This commit removes them in various ways: - merging separate `use` items when appropriate; - inserting blank lines between the comment and the first `use` item; - outright deletion (for comments that are relatively low-value); - adding a separate "top-level" comment. We also entirely skip formatting for four library files that contain nothing but `pub use` re-exports, where reordering would be painful.
2024-07-16Add unsafe blocks in unsafe Thread::newChris Denton-13/+17
2024-07-16Remove `slice_to_end`Chris Denton-18/+13
2024-07-16Use futex.rs for Windows thread parkingChris Denton-0/+20
2024-07-16deny unsafe_op_in_unsafe_fn for teeos袁浩----天命剑主-0/+1
2024-07-16clean unsafe op in unsafe fn袁浩----天命剑主-13/+15
2024-07-16clean unsafe op in unsafe fn袁浩----天命剑主-9/+9
2024-07-16delete #![allow(unsafe_op_in_unsafe_fn)]袁浩----天命剑主-1/+0
this is redundant, so we can just delete it.
2024-07-15lib: replace some `mem::forget`'s with `ManuallyDrop`Pavel Grigorenko-43/+24
2024-07-15allow(unsafe_op_in_unsafe_fn) on some functionsChris Denton-3/+6
These need to get their safety story straight
2024-07-15Some Windows functions are safeChris Denton-23/+25
2024-07-15Deny more windows unsafe_op_in_unsafe_fnChris Denton-45/+60
2024-07-15Windows: move BSD socket shims to netcChris Denton-109/+109
2024-07-15Rollup merge of #127750 - ChrisDenton:safe-unsafe-unsafe, r=workingjubileeJubilee-10/+25
Make os/windows and pal/windows default to `#![deny(unsafe_op_in_unsafe_fn)]` This is to prevent regressions in modules that currently pass. I did also fix up a few trivial places where the module contained only one or two simple wrappers. In more complex cases we should try to ensure the `unsafe` blocks are appropriately scoped and have any appropriate safety comments. This does not fix the windows bits of #127747 but it should help prevent regressions until that is done and also make it more obvious specifically which modules need attention.
2024-07-15Rollup merge of #127712 - ChrisDenton:raw-types, r=workingjubileeJubilee-178/+146
Windows: Remove some unnecessary type aliases Back in the olden days, C did not have fixed-width types so these type aliases were at least potentially useful. Nowadays, and especially in Rust, we don't need the aliases and they don't help with anything. Notably the windows bindings we use also don't bother with the aliases. And even when we have used aliases they're often only used once then forgotten about. The only one that gives me pause is `DWORD` because it's used a fair bit. But it's still used inconsistently and we implicitly assume it's a `u32` anyway (e.g. `as` casting from an `i32`).