| Age | Commit message (Collapse) | Author | Lines |
|---|
|
|
|
This commit updates the `wasi` crate used by the standard library which
is used to implement most of the functionality of libstd on the
`wasm32-wasi` target. This update comes with a brand new crate structure
in the `wasi` crate which caused quite a few changes for the wasi target
here, but it also comes with a significant change to where the
functionality is coming from.
The WASI specification is organized into "snapshots" and a new snapshot
happened recently, so the WASI APIs themselves have changed since the
previous revision. This had only minor impact on the public facing
surface area of libstd, only changing on `u32` to a `u64` in an unstable
API. The actual source for all of these types and such, however, is now
coming from the `wasi_preview_snapshot1` module instead of the
`wasi_unstable` module like before. This means that any implementors
generating binaries will need to ensure that their embedding environment
handles the `wasi_preview_snapshot1` module.
|
|
|
|
Replace .unwrap() with ? in std::os::unix::net
As people like to copy examples, this gives them good habits.
|
|
Atomic as_mut_ptr
I encountered the following pattern a few times: In Rust we use some atomic type like `AtomicI32`, and an FFI interface exposes this as `*mut i32` (or some similar `libc` type).
It was not obvious to me if a just transmuting a pointer to the atomic was acceptable, or if this should use a cast that goes through an `UnsafeCell`. See https://github.com/rust-lang/rust/issues/66136#issuecomment-557802477
Transmuting the pointer directly:
```rust
let atomic = AtomicI32::new(1);
let ptr = &atomic as *const AtomicI32 as *mut i32;
unsafe {
ffi(ptr);
}
```
A dance with `UnsafeCell`:
```rust
let atomic = AtomicI32::new(1);
unsafe {
let ptr = (&*(&atomic as *const AtomicI32 as *const UnsafeCell<i32>)).get();
ffi(ptr);
}
```
Maybe in the end both ways could be valid. But why not expose a direct method to get a pointer from the standard library?
An `as_mut_ptr` method on atomics can be safe, because only the use of the resulting pointer is where things can get unsafe. I documented its use for FFI, and "Doing non-atomic reads and writes on the resulting integer can be a data race."
The standard library could make use this method in a few places in the WASM module.
cc @RalfJung as you answered my original question.
|
|
Rollup of 4 pull requests
Successful merges:
- #66818 (Format libstd/os with rustfmt)
- #66819 (Format libstd/sys with rustfmt)
- #66820 (Format libstd with rustfmt)
- #66847 (Allow any identifier as format arg name)
Failed merges:
r? @ghost
|
|
This commit applies rustfmt with rust-lang/rust's default settings to
files in src/libstd/sys *that are not involved in any currently open PR*
to minimize merge conflicts. THe list of files involved in open PRs was
determined by querying GitHub's GraphQL API with this script:
https://gist.github.com/dtolnay/aa9c34993dc051a4f344d1b10e4487e8
With the list of files from the script in outstanding_files, the
relevant commands were:
$ find src/libstd/sys -name '*.rs' \
| xargs rustfmt --edition=2018 --unstable-features --skip-children
$ rg libstd/sys outstanding_files | xargs git checkout --
Repeating this process several months apart should get us coverage of
most of the rest of the files.
To confirm no funny business:
$ git checkout $THIS_COMMIT^
$ git show --pretty= --name-only $THIS_COMMIT \
| xargs rustfmt --edition=2018 --unstable-features --skip-children
$ git diff $THIS_COMMIT # there should be no difference
|
|
|
|
Fallback to .init_array when no arguments are available on glibc Linux
Linux is one of the only platforms where `std::env::args` doesn't work in a cdylib.
|
|
|
|
Add unix::process::CommandExt::arg0
This allows argv[0] to be overridden on the executable's command-line. This also makes the program
executed independent of argv[0].
Does Fuchsia have the same semantics? I'm assuming so.
Addresses: #66510
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
I'm not entirely sure *why*, but this fixed a problem I was having.
|
|
|
|
remove HermitCore leftovers from sys/unix
HermitCore support is already moved to the directory "sys/hermit". => remove leftovers
|
|
|
|
This allows argv[0] to be overridden on the executable's command-line. This also makes the program
executed independent of argv[0].
Does Fuchsia have the same semantics?
Addresses: #66510
|
|
protect creation of destructors by a mutex
- add on HermitCore an additional lock to protect static data
|
|
Revert #65134
To stop giving people on nightly reasons to `allow(improper_ctypes)` while tweaks to the lint are being prepared.
cc #66220
|
|
davidtwco:issue-19834-improper-ctypes-in-extern-C-fn, r=rkruppe"
This reverts commit 3f0e16473de5ec010f44290a8c3ea1d90e0ad7a2, reversing
changes made to 61a551b4939ec1d5596e585351038b8fbd0124ba.
|
|
rename cfg(rustdoc) into cfg(doc)
Needed by https://github.com/rust-lang/rust/pull/61351
r? @QuietMisdreavus
|
|
|
|
add on HermizCore an additional lock to protect static data
|
|
|
|
r=rkruppe
improper_ctypes: `extern "C"` fns
cc #19834. Fixes #65867.
This pull request implements the change [described in this comment](https://github.com/rust-lang/rust/issues/19834#issuecomment-466671572).
cc @rkruppe @varkor @shepmaster
|
|
Use KERN_ARND syscall for random numbers on NetBSD, same as FreeBSD.
This system call is present on all supported NetBSD versions and provides an endless stream of non-blocking random data from the kernel's ChaCha20-based CSPRNG. It doesn't require a file like `/dev/urandom` to be opened.
The system call is documented here (under kern.arandom):
https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7+NetBSD-7.0
And defined here:
https://nxr.netbsd.org/xref/src/sys/sys/sysctl.h#273
The semantics are the same as FreeBSD so reading 256 bytes per call is fine.
Similar change for getrandom crate: rust-random/getrandom#115
|
|
Implemented the home_dir for VxWorks
Use HOME's value if it is set;
otherwise return NONE.
|
|
Signed-off-by: David Wood <david@davidtw.co>
|
|
[doc] fixes for unix/vxworks `OpenOptionsExt::mode`
|
|
|
|
This system call is present on all supported NetBSD versions and
provides an endless stream of non-blocking random data from the
kernel's ChaCha20-based CSPRNG. It doesn't require a file descriptor
to be opened.
The system call is documented here (under kern.arandom):
https://netbsd.gw.com/cgi-bin/man-cgi?sysctl+7+NetBSD-7.0
And defined here:
https://nxr.netbsd.org/xref/src/sys/sys/sysctl.h#273
The semantics are the same as FreeBSD so reading 256 bytes per call
is fine.
Similar change for getrandom crate: rust-random/getrandom#115
|
|
|
|
vxWorks
|
|
|
|
|
|
Redesign the interface to the unikernel HermitCore
We are developing the unikernel HermitCore, where the kernel is written in Rust and is already part of the Rust Standard Library. The interface between the standard library and the kernel based on a small C library. With this pull request, we remove completely the dependency to C and use lld as linker. Currently, the kernel will be linked to the application as static library, which is published at https://github.com/hermitcore/libhermit-rs.
We don’t longer support the C interface to the kernel. Consequently, we remove this part from the Rust Standard Library.
|
|
SGX: Clear additional flag on enclave entry
An attacker could set both the AC flag in CR0 as in rflags. This causes the enclave to perform an AEX upon a misaligned memory access, and an attacker learns some information about the internal enclave state.
The AC flag in rflags is copied from userspace upon an enclave entry. Upon AEX it is copied and later restored. This patch forces the rflag.AC bit to be reset right after an enter.
|
|
|
|
|
|
|
|
Fix check of `statx` and handle EPERM
Should fix #65662
https://github.com/rust-lang/rust/issues/65662#issuecomment-544593939
> I think a reasonable solution might be to do something like try to stat AT_CWD initially and if that fails with EPERM or ENOSYS we disable the syscall entirely, otherwise it's cached as always good to use.
r? @alexcrichton
|
