From b52666868ffd88a52bf1471f567505ab950da383 Mon Sep 17 00:00:00 2001 From: Jethro Beekman Date: Fri, 28 Feb 2025 13:33:05 +0100 Subject: Copy from userspace to MaybeUninit Co-authored-by: Thalia Archibald --- library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs | 45 ++++++++++++++++++++-- 1 file changed, 42 insertions(+), 3 deletions(-) (limited to 'library/std/src/sys') diff --git a/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs b/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs index 301e3299c05..0132c1bd3f2 100644 --- a/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs +++ b/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs @@ -6,7 +6,7 @@ use super::super::mem::{is_enclave_range, is_user_range}; use crate::arch::asm; use crate::cell::UnsafeCell; use crate::convert::TryInto; -use crate::mem::{self, ManuallyDrop}; +use crate::mem::{self, ManuallyDrop, MaybeUninit}; use crate::ops::{CoerceUnsized, Deref, DerefMut, Index, IndexMut}; use crate::pin::PinCoerceUnsized; use crate::ptr::{self, NonNull}; @@ -209,6 +209,45 @@ impl NewUserRef> for NonNull> { } } +/// A type which can a destination for safely copying from userspace. +/// +/// # Safety +/// +/// Requires that `T` and `Self` have identical layouts. +#[unstable(feature = "sgx_platform", issue = "56975")] +pub unsafe trait UserSafeCopyDestination { + /// Returns a pointer for writing to the value. + fn as_mut_ptr(&mut self) -> *mut T; +} + +#[unstable(feature = "sgx_platform", issue = "56975")] +unsafe impl UserSafeCopyDestination for T { + fn as_mut_ptr(&mut self) -> *mut T { + self as _ + } +} + +#[unstable(feature = "sgx_platform", issue = "56975")] +unsafe impl UserSafeCopyDestination<[T]> for [T] { + fn as_mut_ptr(&mut self) -> *mut [T] { + self as _ + } +} + +#[unstable(feature = "sgx_platform", issue = "56975")] +unsafe impl UserSafeCopyDestination for MaybeUninit { + fn as_mut_ptr(&mut self) -> *mut T { + self as *mut Self as _ + } +} + +#[unstable(feature = "sgx_platform", issue = "56975")] +unsafe impl UserSafeCopyDestination<[T]> for [MaybeUninit] { + fn as_mut_ptr(&mut self) -> *mut [T] { + self as *mut Self as _ + } +} + #[unstable(feature = "sgx_platform", issue = "56975")] impl User where @@ -544,12 +583,12 @@ where /// # Panics /// This function panics if the destination doesn't have the same size as /// the source. This can happen for dynamically-sized types such as slices. - pub fn copy_to_enclave(&self, dest: &mut T) { + pub fn copy_to_enclave>(&self, dest: &mut U) { unsafe { assert_eq!(size_of_val(dest), size_of_val(&*self.0.get())); copy_from_userspace( self.0.get() as *const T as *const u8, - dest as *mut T as *mut u8, + dest.as_mut_ptr() as *mut u8, size_of_val(dest), ); } -- cgit 1.4.1-3-g733a5 From 8c7a94e4cdd9ad70550b19ca2bf6f16046d59506 Mon Sep 17 00:00:00 2001 From: Thalia Archibald Date: Fri, 7 Feb 2025 15:02:08 -0800 Subject: Implement read_buf and vectored read/write for SGX stdio --- library/std/src/sys/pal/sgx/abi/usercalls/mod.rs | 17 +++++++++++- library/std/src/sys/pal/sgx/fd.rs | 2 +- library/std/src/sys/stdio/sgx.rs | 33 +++++++++++++++++++++++- 3 files changed, 49 insertions(+), 3 deletions(-) (limited to 'library/std/src/sys') diff --git a/library/std/src/sys/pal/sgx/abi/usercalls/mod.rs b/library/std/src/sys/pal/sgx/abi/usercalls/mod.rs index 90b9b59471a..cbdaf439b28 100644 --- a/library/std/src/sys/pal/sgx/abi/usercalls/mod.rs +++ b/library/std/src/sys/pal/sgx/abi/usercalls/mod.rs @@ -1,5 +1,7 @@ use crate::cmp; -use crate::io::{Error as IoError, ErrorKind, IoSlice, IoSliceMut, Result as IoResult}; +use crate::io::{ + BorrowedCursor, Error as IoError, ErrorKind, IoSlice, IoSliceMut, Result as IoResult, +}; use crate::random::{DefaultRandomSource, Random}; use crate::time::{Duration, Instant}; @@ -36,6 +38,19 @@ pub fn read(fd: Fd, bufs: &mut [IoSliceMut<'_>]) -> IoResult { } } +/// Usercall `read` with an uninitialized buffer. See the ABI documentation for +/// more information. +#[unstable(feature = "sgx_platform", issue = "56975")] +pub fn read_buf(fd: Fd, mut buf: BorrowedCursor<'_>) -> IoResult<()> { + unsafe { + let mut userbuf = alloc::User::<[u8]>::uninitialized(buf.capacity()); + let len = raw::read(fd, userbuf.as_mut_ptr().cast(), userbuf.len()).from_sgx_result()?; + userbuf[..len].copy_to_enclave(&mut buf.as_mut()[..len]); + buf.advance_unchecked(len); + Ok(()) + } +} + /// Usercall `read_alloc`. See the ABI documentation for more information. #[unstable(feature = "sgx_platform", issue = "56975")] pub fn read_alloc(fd: Fd) -> IoResult> { diff --git a/library/std/src/sys/pal/sgx/fd.rs b/library/std/src/sys/pal/sgx/fd.rs index 3bb3189a1d1..399f6a16489 100644 --- a/library/std/src/sys/pal/sgx/fd.rs +++ b/library/std/src/sys/pal/sgx/fd.rs @@ -29,7 +29,7 @@ impl FileDesc { } pub fn read_buf(&self, buf: BorrowedCursor<'_>) -> io::Result<()> { - crate::io::default_read_buf(|b| self.read(b), buf) + usercalls::read_buf(self.fd, buf) } pub fn read_vectored(&self, bufs: &mut [IoSliceMut<'_>]) -> io::Result { diff --git a/library/std/src/sys/stdio/sgx.rs b/library/std/src/sys/stdio/sgx.rs index 03d754cb217..1894c098d18 100644 --- a/library/std/src/sys/stdio/sgx.rs +++ b/library/std/src/sys/stdio/sgx.rs @@ -1,6 +1,6 @@ use fortanix_sgx_abi as abi; -use crate::io; +use crate::io::{self, BorrowedCursor, IoSlice, IoSliceMut}; use crate::sys::fd::FileDesc; pub struct Stdin(()); @@ -24,6 +24,19 @@ impl io::Read for Stdin { fn read(&mut self, buf: &mut [u8]) -> io::Result { with_std_fd(abi::FD_STDIN, |fd| fd.read(buf)) } + + fn read_buf(&mut self, buf: BorrowedCursor<'_>) -> io::Result<()> { + with_std_fd(abi::FD_STDIN, |fd| fd.read_buf(buf)) + } + + fn read_vectored(&mut self, bufs: &mut [IoSliceMut<'_>]) -> io::Result { + with_std_fd(abi::FD_STDIN, |fd| fd.read_vectored(bufs)) + } + + #[inline] + fn is_read_vectored(&self) -> bool { + true + } } impl Stdout { @@ -40,6 +53,15 @@ impl io::Write for Stdout { fn flush(&mut self) -> io::Result<()> { with_std_fd(abi::FD_STDOUT, |fd| fd.flush()) } + + fn write_vectored(&mut self, bufs: &[IoSlice<'_>]) -> io::Result { + with_std_fd(abi::FD_STDOUT, |fd| fd.write_vectored(bufs)) + } + + #[inline] + fn is_write_vectored(&self) -> bool { + true + } } impl Stderr { @@ -56,6 +78,15 @@ impl io::Write for Stderr { fn flush(&mut self) -> io::Result<()> { with_std_fd(abi::FD_STDERR, |fd| fd.flush()) } + + fn write_vectored(&mut self, bufs: &[IoSlice<'_>]) -> io::Result { + with_std_fd(abi::FD_STDERR, |fd| fd.write_vectored(bufs)) + } + + #[inline] + fn is_write_vectored(&self) -> bool { + true + } } pub const STDIN_BUF_SIZE: usize = crate::sys::io::DEFAULT_BUF_SIZE; -- cgit 1.4.1-3-g733a5 From 87ca2dbb0054256a675e18ddb7098406db4e42ed Mon Sep 17 00:00:00 2001 From: Nicole LeGare Date: Tue, 4 Feb 2025 21:59:22 +0000 Subject: Apply rustc-0023-Add-Trusty-OS-support-to-Rust-std.patch --- library/std/build.rs | 1 + library/std/src/sys/alloc/mod.rs | 1 + library/std/src/sys/pal/mod.rs | 3 + library/std/src/sys/pal/trusty/mod.rs | 28 +++++++++ library/std/src/sys/pal/trusty/stdio.rs | 82 ++++++++++++++++++++++++++ library/std/src/sys/random/mod.rs | 3 + library/std/src/sys/random/trusty.rs | 7 +++ library/std/src/sys/thread_local/key/trusty.rs | 30 ++++++++++ library/std/src/sys/thread_local/mod.rs | 9 +++ 9 files changed, 164 insertions(+) create mode 100644 library/std/src/sys/pal/trusty/mod.rs create mode 100644 library/std/src/sys/pal/trusty/stdio.rs create mode 100644 library/std/src/sys/random/trusty.rs create mode 100644 library/std/src/sys/thread_local/key/trusty.rs (limited to 'library/std/src/sys') diff --git a/library/std/build.rs b/library/std/build.rs index cedfd7406a1..20373aab689 100644 --- a/library/std/build.rs +++ b/library/std/build.rs @@ -42,6 +42,7 @@ fn main() { || target_os == "fuchsia" || (target_vendor == "fortanix" && target_env == "sgx") || target_os == "hermit" + || target_os == ("trusty") || target_os == "l4re" || target_os == "redox" || target_os == "haiku" diff --git a/library/std/src/sys/alloc/mod.rs b/library/std/src/sys/alloc/mod.rs index 2c0b533a570..8489e17c971 100644 --- a/library/std/src/sys/alloc/mod.rs +++ b/library/std/src/sys/alloc/mod.rs @@ -72,6 +72,7 @@ cfg_if::cfg_if! { target_family = "unix", target_os = "wasi", target_os = "teeos", + target_os = "trusty", ))] { mod unix; } else if #[cfg(target_os = "windows")] { diff --git a/library/std/src/sys/pal/mod.rs b/library/std/src/sys/pal/mod.rs index 9be018c8a53..fbefc62ac88 100644 --- a/library/std/src/sys/pal/mod.rs +++ b/library/std/src/sys/pal/mod.rs @@ -37,6 +37,9 @@ cfg_if::cfg_if! { } else if #[cfg(target_os = "hermit")] { mod hermit; pub use self::hermit::*; + } else if #[cfg(target_os = "trusty")] { + mod trusty; + pub use self::trusty::*; } else if #[cfg(all(target_os = "wasi", target_env = "p2"))] { mod wasip2; pub use self::wasip2::*; diff --git a/library/std/src/sys/pal/trusty/mod.rs b/library/std/src/sys/pal/trusty/mod.rs new file mode 100644 index 00000000000..41005205c83 --- /dev/null +++ b/library/std/src/sys/pal/trusty/mod.rs @@ -0,0 +1,28 @@ +//! System bindings for the Trusty OS. + +#[path = "../unsupported/args.rs"] +pub mod args; +#[path = "../unsupported/env.rs"] +pub mod env; +#[path = "../unsupported/fs.rs"] +pub mod fs; +#[path = "../unsupported/io.rs"] +pub mod io; +#[path = "../unsupported/net.rs"] +pub mod net; +#[path = "../unsupported/os.rs"] +pub mod os; +#[path = "../unsupported/pipe.rs"] +pub mod pipe; +#[path = "../unsupported/process.rs"] +pub mod process; +pub mod stdio; +#[path = "../unsupported/time.rs"] +pub mod time; +#[path = "../unsupported/thread.rs"] +pub mod thread; +#[path = "../unsupported/common.rs"] +#[deny(unsafe_op_in_unsafe_fn)] +mod common; + +pub use common::*; diff --git a/library/std/src/sys/pal/trusty/stdio.rs b/library/std/src/sys/pal/trusty/stdio.rs new file mode 100644 index 00000000000..3f7c9f76e71 --- /dev/null +++ b/library/std/src/sys/pal/trusty/stdio.rs @@ -0,0 +1,82 @@ +use crate::io; + +pub struct Stdin; +pub struct Stdout; +pub struct Stderr; + +impl Stdin { + pub const fn new() -> Stdin { + Stdin + } +} + +impl io::Read for Stdin { + fn read(&mut self, _buf: &mut [u8]) -> io::Result { + Ok(0) + } +} + +impl Stdout { + pub const fn new() -> Stdout { + Stdout + } +} + +impl io::Write for Stdout { + fn write(&mut self, buf: &[u8]) -> io::Result { + _write(libc::STDOUT_FILENO, buf) + } + + fn flush(&mut self) -> io::Result<()> { + Ok(()) + } +} + +impl Stderr { + pub const fn new() -> Stderr { + Stderr + } +} + +impl io::Write for Stderr { + fn write(&mut self, buf: &[u8]) -> io::Result { + _write(libc::STDERR_FILENO, buf) + } + + fn flush(&mut self) -> io::Result<()> { + Ok(()) + } +} + +pub const STDIN_BUF_SIZE: usize = 0; + +pub fn is_ebadf(_err: &io::Error) -> bool { + true +} + +pub fn panic_output() -> Option { + Some(Stderr) +} + +fn _write(fd: i32, message: &[u8]) -> io::Result { + let mut iov = + libc::iovec { iov_base: message.as_ptr() as *mut _, iov_len: message.len() }; + loop { + // SAFETY: syscall, safe arguments. + let ret = unsafe { libc::writev(fd, &iov, 1) }; + if ret < 0 { + return Err(io::Error::last_os_error()); + } + let ret = ret as usize; + if ret > iov.iov_len { + return Err(io::Error::last_os_error()); + } + if ret == iov.iov_len { + return Ok(message.len()); + } + // SAFETY: ret has been checked to be less than the length of + // the buffer + iov.iov_base = unsafe { iov.iov_base.add(ret) }; + iov.iov_len -= ret; + } +} diff --git a/library/std/src/sys/random/mod.rs b/library/std/src/sys/random/mod.rs index f42351deb92..870039602bc 100644 --- a/library/std/src/sys/random/mod.rs +++ b/library/std/src/sys/random/mod.rs @@ -60,6 +60,9 @@ cfg_if::cfg_if! { } else if #[cfg(target_os = "teeos")] { mod teeos; pub use teeos::fill_bytes; + } else if #[cfg(target_os = "trusty")] { + mod trusty; + pub use trusty::fill_bytes; } else if #[cfg(target_os = "uefi")] { mod uefi; pub use uefi::fill_bytes; diff --git a/library/std/src/sys/random/trusty.rs b/library/std/src/sys/random/trusty.rs new file mode 100644 index 00000000000..da6ca3eea24 --- /dev/null +++ b/library/std/src/sys/random/trusty.rs @@ -0,0 +1,7 @@ +extern "C" { + fn trusty_rng_secure_rand(randomBuffer: *mut core::ffi::c_void, randomBufferLen: libc::size_t); +} + +pub fn fill_bytes(bytes: &mut [u8]) { + unsafe { trusty_rng_secure_rand(bytes.as_mut_ptr().cast(), bytes.len()) } +} diff --git a/library/std/src/sys/thread_local/key/trusty.rs b/library/std/src/sys/thread_local/key/trusty.rs new file mode 100644 index 00000000000..894091d2d81 --- /dev/null +++ b/library/std/src/sys/thread_local/key/trusty.rs @@ -0,0 +1,30 @@ +use crate::ptr; + +pub type Key = usize; +type Dtor = unsafe extern "C" fn(*mut u8); + +static mut STORAGE: crate::vec::Vec<(*mut u8, Option)> = Vec::new(); + +#[inline] +pub fn create(dtor: Option) -> Key { + unsafe { + #[allow(static_mut_refs)] + let key = STORAGE.len(); + #[allow(static_mut_refs)] + STORAGE.push((ptr::null_mut(), dtor)); + key + } +} + +#[inline] +pub unsafe fn set(key: Key, value: *mut u8) { + unsafe { STORAGE[key].0 = value }; +} + +#[inline] +pub unsafe fn get(key: Key) -> *mut u8 { + unsafe { STORAGE[key].0 } +} + +#[inline] +pub fn destroy(_key: Key) {} diff --git a/library/std/src/sys/thread_local/mod.rs b/library/std/src/sys/thread_local/mod.rs index f0a13323ec9..827f464e860 100644 --- a/library/std/src/sys/thread_local/mod.rs +++ b/library/std/src/sys/thread_local/mod.rs @@ -170,6 +170,15 @@ pub(crate) mod key { pub(crate) use xous::destroy_tls; pub(super) use xous::{Key, get, set}; use xous::{create, destroy}; + } else if #[cfg(target_os = "trusty")] { + #[allow(unused_unsafe)] + mod racy; + #[cfg(test)] + mod tests; + mod trusty; + pub(super) use racy::LazyKey; + pub(super) use trusty::{Key, get, set}; + use trusty::{create, destroy}; } } } -- cgit 1.4.1-3-g733a5 From d633d8e074512fde1b1e7507ae758c8a7f96639b Mon Sep 17 00:00:00 2001 From: Nicole LeGare Date: Tue, 4 Feb 2025 22:18:53 +0000 Subject: Format after patches have been applied --- library/std/src/os/fd/owned.rs | 11 ++++++++--- library/std/src/os/fd/raw.rs | 6 +++--- library/std/src/sys/pal/trusty/mod.rs | 10 +++++----- library/std/src/sys/pal/trusty/stdio.rs | 3 +-- 4 files changed, 17 insertions(+), 13 deletions(-) (limited to 'library/std/src/sys') diff --git a/library/std/src/os/fd/owned.rs b/library/std/src/os/fd/owned.rs index 9743da96197..701cf823357 100644 --- a/library/std/src/os/fd/owned.rs +++ b/library/std/src/os/fd/owned.rs @@ -4,15 +4,20 @@ #![deny(unsafe_op_in_unsafe_fn)] use super::raw::{AsRawFd, FromRawFd, IntoRawFd, RawFd}; +#[cfg(not(target_os = "trusty"))] +use crate::fs; use crate::marker::PhantomData; use crate::mem::ManuallyDrop; -#[cfg(not(any(target_arch = "wasm32", target_env = "sgx", target_os = "hermit", target_os = "trusty")))] +#[cfg(not(any( + target_arch = "wasm32", + target_env = "sgx", + target_os = "hermit", + target_os = "trusty" +)))] use crate::sys::cvt; #[cfg(not(target_os = "trusty"))] use crate::sys_common::{AsInner, FromInner, IntoInner}; use crate::{fmt, io}; -#[cfg(not(target_os = "trusty"))] -use crate::fs; type ValidRawFd = core::num::niche_types::NotAllOnes; diff --git a/library/std/src/os/fd/raw.rs b/library/std/src/os/fd/raw.rs index 8cbed7d9686..083ac6e3fe6 100644 --- a/library/std/src/os/fd/raw.rs +++ b/library/std/src/os/fd/raw.rs @@ -5,6 +5,9 @@ #[cfg(target_os = "hermit")] use hermit_abi as libc; +#[cfg(not(target_os = "trusty"))] +use crate::fs; +use crate::io; #[cfg(target_os = "hermit")] use crate::os::hermit::io::OwnedFd; #[cfg(not(target_os = "hermit"))] @@ -17,9 +20,6 @@ use crate::os::unix::io::OwnedFd; use crate::os::wasi::io::OwnedFd; #[cfg(not(target_os = "trusty"))] use crate::sys_common::{AsInner, IntoInner}; -#[cfg(not(target_os = "trusty"))] -use crate::fs; -use crate::io; /// Raw file descriptors. #[stable(feature = "rust1", since = "1.0.0")] diff --git a/library/std/src/sys/pal/trusty/mod.rs b/library/std/src/sys/pal/trusty/mod.rs index 41005205c83..2b2774119e1 100644 --- a/library/std/src/sys/pal/trusty/mod.rs +++ b/library/std/src/sys/pal/trusty/mod.rs @@ -2,6 +2,9 @@ #[path = "../unsupported/args.rs"] pub mod args; +#[path = "../unsupported/common.rs"] +#[deny(unsafe_op_in_unsafe_fn)] +mod common; #[path = "../unsupported/env.rs"] pub mod env; #[path = "../unsupported/fs.rs"] @@ -17,12 +20,9 @@ pub mod pipe; #[path = "../unsupported/process.rs"] pub mod process; pub mod stdio; -#[path = "../unsupported/time.rs"] -pub mod time; #[path = "../unsupported/thread.rs"] pub mod thread; -#[path = "../unsupported/common.rs"] -#[deny(unsafe_op_in_unsafe_fn)] -mod common; +#[path = "../unsupported/time.rs"] +pub mod time; pub use common::*; diff --git a/library/std/src/sys/pal/trusty/stdio.rs b/library/std/src/sys/pal/trusty/stdio.rs index 3f7c9f76e71..d393e95394d 100644 --- a/library/std/src/sys/pal/trusty/stdio.rs +++ b/library/std/src/sys/pal/trusty/stdio.rs @@ -59,8 +59,7 @@ pub fn panic_output() -> Option { } fn _write(fd: i32, message: &[u8]) -> io::Result { - let mut iov = - libc::iovec { iov_base: message.as_ptr() as *mut _, iov_len: message.len() }; + let mut iov = libc::iovec { iov_base: message.as_ptr() as *mut _, iov_len: message.len() }; loop { // SAFETY: syscall, safe arguments. let ret = unsafe { libc::writev(fd, &iov, 1) }; -- cgit 1.4.1-3-g733a5 From 0b1a7ab3393e59f59a0d53e66cccb195dadc378e Mon Sep 17 00:00:00 2001 From: Nicole LeGare Date: Wed, 19 Feb 2025 11:55:28 -0800 Subject: Remove custom TLS implementation for Trusty targets --- library/std/src/sys/thread_local/key/trusty.rs | 30 -------------------------- library/std/src/sys/thread_local/mod.rs | 11 ++-------- 2 files changed, 2 insertions(+), 39 deletions(-) delete mode 100644 library/std/src/sys/thread_local/key/trusty.rs (limited to 'library/std/src/sys') diff --git a/library/std/src/sys/thread_local/key/trusty.rs b/library/std/src/sys/thread_local/key/trusty.rs deleted file mode 100644 index 894091d2d81..00000000000 --- a/library/std/src/sys/thread_local/key/trusty.rs +++ /dev/null @@ -1,30 +0,0 @@ -use crate::ptr; - -pub type Key = usize; -type Dtor = unsafe extern "C" fn(*mut u8); - -static mut STORAGE: crate::vec::Vec<(*mut u8, Option)> = Vec::new(); - -#[inline] -pub fn create(dtor: Option) -> Key { - unsafe { - #[allow(static_mut_refs)] - let key = STORAGE.len(); - #[allow(static_mut_refs)] - STORAGE.push((ptr::null_mut(), dtor)); - key - } -} - -#[inline] -pub unsafe fn set(key: Key, value: *mut u8) { - unsafe { STORAGE[key].0 = value }; -} - -#[inline] -pub unsafe fn get(key: Key) -> *mut u8 { - unsafe { STORAGE[key].0 } -} - -#[inline] -pub fn destroy(_key: Key) {} diff --git a/library/std/src/sys/thread_local/mod.rs b/library/std/src/sys/thread_local/mod.rs index 827f464e860..1ff13154b7b 100644 --- a/library/std/src/sys/thread_local/mod.rs +++ b/library/std/src/sys/thread_local/mod.rs @@ -28,6 +28,7 @@ cfg_if::cfg_if! { all(target_family = "wasm", not(target_feature = "atomics")), target_os = "uefi", target_os = "zkvm", + target_os = "trusty", ))] { mod statik; pub use statik::{EagerStorage, LazyStorage, thread_local_inner}; @@ -91,6 +92,7 @@ pub(crate) mod guard { )), target_os = "uefi", target_os = "zkvm", + target_os = "trusty", ))] { pub(crate) fn enable() { // FIXME: Right now there is no concept of "thread exit" on @@ -170,15 +172,6 @@ pub(crate) mod key { pub(crate) use xous::destroy_tls; pub(super) use xous::{Key, get, set}; use xous::{create, destroy}; - } else if #[cfg(target_os = "trusty")] { - #[allow(unused_unsafe)] - mod racy; - #[cfg(test)] - mod tests; - mod trusty; - pub(super) use racy::LazyKey; - pub(super) use trusty::{Key, get, set}; - use trusty::{create, destroy}; } } } -- cgit 1.4.1-3-g733a5 From f5dd3d13fc4685b2846f130f5e5b633c50cefc55 Mon Sep 17 00:00:00 2001 From: Nicole L Date: Mon, 10 Mar 2025 12:54:59 -0700 Subject: Update Trusty support to account for recent libstd reorganization --- library/std/src/sys/pal/trusty/mod.rs | 7 --- library/std/src/sys/pal/trusty/stdio.rs | 81 --------------------------------- library/std/src/sys/stdio/mod.rs | 3 ++ library/std/src/sys/stdio/trusty.rs | 81 +++++++++++++++++++++++++++++++++ 4 files changed, 84 insertions(+), 88 deletions(-) delete mode 100644 library/std/src/sys/pal/trusty/stdio.rs create mode 100644 library/std/src/sys/stdio/trusty.rs (limited to 'library/std/src/sys') diff --git a/library/std/src/sys/pal/trusty/mod.rs b/library/std/src/sys/pal/trusty/mod.rs index 2b2774119e1..7034b643d8e 100644 --- a/library/std/src/sys/pal/trusty/mod.rs +++ b/library/std/src/sys/pal/trusty/mod.rs @@ -7,19 +7,12 @@ pub mod args; mod common; #[path = "../unsupported/env.rs"] pub mod env; -#[path = "../unsupported/fs.rs"] -pub mod fs; -#[path = "../unsupported/io.rs"] -pub mod io; -#[path = "../unsupported/net.rs"] -pub mod net; #[path = "../unsupported/os.rs"] pub mod os; #[path = "../unsupported/pipe.rs"] pub mod pipe; #[path = "../unsupported/process.rs"] pub mod process; -pub mod stdio; #[path = "../unsupported/thread.rs"] pub mod thread; #[path = "../unsupported/time.rs"] diff --git a/library/std/src/sys/pal/trusty/stdio.rs b/library/std/src/sys/pal/trusty/stdio.rs deleted file mode 100644 index d393e95394d..00000000000 --- a/library/std/src/sys/pal/trusty/stdio.rs +++ /dev/null @@ -1,81 +0,0 @@ -use crate::io; - -pub struct Stdin; -pub struct Stdout; -pub struct Stderr; - -impl Stdin { - pub const fn new() -> Stdin { - Stdin - } -} - -impl io::Read for Stdin { - fn read(&mut self, _buf: &mut [u8]) -> io::Result { - Ok(0) - } -} - -impl Stdout { - pub const fn new() -> Stdout { - Stdout - } -} - -impl io::Write for Stdout { - fn write(&mut self, buf: &[u8]) -> io::Result { - _write(libc::STDOUT_FILENO, buf) - } - - fn flush(&mut self) -> io::Result<()> { - Ok(()) - } -} - -impl Stderr { - pub const fn new() -> Stderr { - Stderr - } -} - -impl io::Write for Stderr { - fn write(&mut self, buf: &[u8]) -> io::Result { - _write(libc::STDERR_FILENO, buf) - } - - fn flush(&mut self) -> io::Result<()> { - Ok(()) - } -} - -pub const STDIN_BUF_SIZE: usize = 0; - -pub fn is_ebadf(_err: &io::Error) -> bool { - true -} - -pub fn panic_output() -> Option { - Some(Stderr) -} - -fn _write(fd: i32, message: &[u8]) -> io::Result { - let mut iov = libc::iovec { iov_base: message.as_ptr() as *mut _, iov_len: message.len() }; - loop { - // SAFETY: syscall, safe arguments. - let ret = unsafe { libc::writev(fd, &iov, 1) }; - if ret < 0 { - return Err(io::Error::last_os_error()); - } - let ret = ret as usize; - if ret > iov.iov_len { - return Err(io::Error::last_os_error()); - } - if ret == iov.iov_len { - return Ok(message.len()); - } - // SAFETY: ret has been checked to be less than the length of - // the buffer - iov.iov_base = unsafe { iov.iov_base.add(ret) }; - iov.iov_len -= ret; - } -} diff --git a/library/std/src/sys/stdio/mod.rs b/library/std/src/sys/stdio/mod.rs index 2a9167bfe96..336d4c8527d 100644 --- a/library/std/src/sys/stdio/mod.rs +++ b/library/std/src/sys/stdio/mod.rs @@ -19,6 +19,9 @@ cfg_if::cfg_if! { } else if #[cfg(target_os = "teeos")] { mod teeos; pub use teeos::*; + } else if #[cfg(target_os = "trusty")] { + mod trusty; + pub use trusty::*; } else if #[cfg(target_os = "uefi")] { mod uefi; pub use uefi::*; diff --git a/library/std/src/sys/stdio/trusty.rs b/library/std/src/sys/stdio/trusty.rs new file mode 100644 index 00000000000..d393e95394d --- /dev/null +++ b/library/std/src/sys/stdio/trusty.rs @@ -0,0 +1,81 @@ +use crate::io; + +pub struct Stdin; +pub struct Stdout; +pub struct Stderr; + +impl Stdin { + pub const fn new() -> Stdin { + Stdin + } +} + +impl io::Read for Stdin { + fn read(&mut self, _buf: &mut [u8]) -> io::Result { + Ok(0) + } +} + +impl Stdout { + pub const fn new() -> Stdout { + Stdout + } +} + +impl io::Write for Stdout { + fn write(&mut self, buf: &[u8]) -> io::Result { + _write(libc::STDOUT_FILENO, buf) + } + + fn flush(&mut self) -> io::Result<()> { + Ok(()) + } +} + +impl Stderr { + pub const fn new() -> Stderr { + Stderr + } +} + +impl io::Write for Stderr { + fn write(&mut self, buf: &[u8]) -> io::Result { + _write(libc::STDERR_FILENO, buf) + } + + fn flush(&mut self) -> io::Result<()> { + Ok(()) + } +} + +pub const STDIN_BUF_SIZE: usize = 0; + +pub fn is_ebadf(_err: &io::Error) -> bool { + true +} + +pub fn panic_output() -> Option { + Some(Stderr) +} + +fn _write(fd: i32, message: &[u8]) -> io::Result { + let mut iov = libc::iovec { iov_base: message.as_ptr() as *mut _, iov_len: message.len() }; + loop { + // SAFETY: syscall, safe arguments. + let ret = unsafe { libc::writev(fd, &iov, 1) }; + if ret < 0 { + return Err(io::Error::last_os_error()); + } + let ret = ret as usize; + if ret > iov.iov_len { + return Err(io::Error::last_os_error()); + } + if ret == iov.iov_len { + return Ok(message.len()); + } + // SAFETY: ret has been checked to be less than the length of + // the buffer + iov.iov_base = unsafe { iov.iov_base.add(ret) }; + iov.iov_len -= ret; + } +} -- cgit 1.4.1-3-g733a5 From c62aa0baa1a8228d5bfbb3e810db4c7ee77eb3a1 Mon Sep 17 00:00:00 2001 From: Thalia Archibald Date: Wed, 26 Feb 2025 11:51:28 -0800 Subject: Fix `UserRef<[T]>::copy_to_enclave_vec` It reinterprets uninitialized memory as initialized and does not drop existing elements of the Vec. Fix that. Additionally, make it more general by appending, instead of overwriting existing elements, and rename it to `append_to_enclave_vec`. A caller can simply call `.clear()` before, for the old behavior. --- library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) (limited to 'library/std/src/sys') diff --git a/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs b/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs index 0132c1bd3f2..3fe6dee3d6f 100644 --- a/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs +++ b/library/std/src/sys/pal/sgx/abi/usercalls/alloc.rs @@ -678,25 +678,18 @@ where unsafe { (*self.0.get()).len() } } - /// Copies the value from user memory and place it into `dest`. Afterwards, - /// `dest` will contain exactly `self.len()` elements. - /// - /// # Panics - /// This function panics if the destination doesn't have the same size as - /// the source. This can happen for dynamically-sized types such as slices. - pub fn copy_to_enclave_vec(&self, dest: &mut Vec) { - if let Some(missing) = self.len().checked_sub(dest.capacity()) { - dest.reserve(missing) - } + /// Copies the value from user memory and appends it to `dest`. + pub fn append_to_enclave_vec(&self, dest: &mut Vec) { + dest.reserve(self.len()); + self.copy_to_enclave(&mut dest.spare_capacity_mut()[..self.len()]); // SAFETY: We reserve enough space above. - unsafe { dest.set_len(self.len()) }; - self.copy_to_enclave(&mut dest[..]); + unsafe { dest.set_len(dest.len() + self.len()) }; } /// Copies the value from user memory into a vector in enclave memory. pub fn to_enclave(&self) -> Vec { let mut ret = Vec::with_capacity(self.len()); - self.copy_to_enclave_vec(&mut ret); + self.append_to_enclave_vec(&mut ret); ret } -- cgit 1.4.1-3-g733a5