yanguangshaonian
/
aya
mirror of https://github.com/aya-rs/aya
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lints: enable unsafe_op_in_unsafe_fn

Browse Source
reviewable/pr1377/r1
Tamir Duberstein 3 days ago
parent d9704be77d
commit 778b447e3b
No known key found for this signature in database
3 changed files with 70 additions and 49 deletions
Show Stats Download Patch File Download Diff File

2
Cargo.toml
Unescape Escape View File

@ -150,7 +150,7 @@ noop_method_call = "warn"
single_use_lifetimes = "warn" single_use_lifetimes = "warn"
trivial_numeric_casts = "warn" trivial_numeric_casts = "warn"
unreachable_pub = "warn" unreachable_pub = "warn"
#unsafe_op_in_unsafe_fn = "warn" unsafe_op_in_unsafe_fn = "warn"
unstable_features = "warn" unstable_features = "warn"
unused_crate_dependencies = "warn" unused_crate_dependencies = "warn"
unused_extern_crates = "warn" unused_extern_crates = "warn"

77
ebpf/aya-ebpf/src/helpers.rs
Unescape Escape View File

@ -52,13 +52,15 @@ use crate::{
#[inline] #[inline]
pub unsafe fn bpf_probe_read<T>(src: *const T) -> Result<T, c_long> { pub unsafe fn bpf_probe_read<T>(src: *const T) -> Result<T, c_long> {
let mut v: MaybeUninit<T> = MaybeUninit::uninit(); let mut v: MaybeUninit<T> = MaybeUninit::uninit();
let ret = generated::bpf_probe_read( let ret = unsafe {
generated::bpf_probe_read(
v.as_mut_ptr().cast(), v.as_mut_ptr().cast(),
mem::size_of::<T>() as u32, mem::size_of::<T>() as u32,
src.cast(), src.cast(),
); )
};
if ret == 0 { if ret == 0 {
Ok(v.assume_init()) Ok(unsafe { v.assume_init() })
} else { } else {
Err(ret) Err(ret)
} }
@ -88,7 +90,8 @@ pub unsafe fn bpf_probe_read<T>(src: *const T) -> Result<T, c_long> {
/// On failure, this function returns a negative value wrapped in an `Err`. /// On failure, this function returns a negative value wrapped in an `Err`.
#[inline] #[inline]
pub unsafe fn bpf_probe_read_buf(src: *const u8, dst: &mut [u8]) -> Result<(), c_long> { pub unsafe fn bpf_probe_read_buf(src: *const u8, dst: &mut [u8]) -> Result<(), c_long> {
let ret = generated::bpf_probe_read(dst.as_mut_ptr().cast(), dst.len() as u32, src.cast()); let ret =
unsafe { generated::bpf_probe_read(dst.as_mut_ptr().cast(), dst.len() as u32, src.cast()) };
if ret == 0 { Ok(()) } else { Err(ret) } if ret == 0 { Ok(()) } else { Err(ret) }
} }
@ -117,13 +120,15 @@ pub unsafe fn bpf_probe_read_buf(src: *const u8, dst: &mut [u8]) -> Result<(), c
#[inline] #[inline]
pub unsafe fn bpf_probe_read_user<T>(src: *const T) -> Result<T, c_long> { pub unsafe fn bpf_probe_read_user<T>(src: *const T) -> Result<T, c_long> {
let mut v: MaybeUninit<T> = MaybeUninit::uninit(); let mut v: MaybeUninit<T> = MaybeUninit::uninit();
let ret = generated::bpf_probe_read_user( let ret = unsafe {
generated::bpf_probe_read_user(
v.as_mut_ptr().cast(), v.as_mut_ptr().cast(),
mem::size_of::<T>() as u32, mem::size_of::<T>() as u32,
src.cast(), src.cast(),
); )
};
if ret == 0 { if ret == 0 {
Ok(v.assume_init()) Ok(unsafe { v.assume_init() })
} else { } else {
Err(ret) Err(ret)
} }
@ -151,7 +156,9 @@ pub unsafe fn bpf_probe_read_user<T>(src: *const T) -> Result<T, c_long> {
/// On failure, this function returns a negative value wrapped in an `Err`. /// On failure, this function returns a negative value wrapped in an `Err`.
#[inline] #[inline]
pub unsafe fn bpf_probe_read_user_buf(src: *const u8, dst: &mut [u8]) -> Result<(), c_long> { pub unsafe fn bpf_probe_read_user_buf(src: *const u8, dst: &mut [u8]) -> Result<(), c_long> {
let ret = generated::bpf_probe_read_user(dst.as_mut_ptr().cast(), dst.len() as u32, src.cast()); let ret = unsafe {
generated::bpf_probe_read_user(dst.as_mut_ptr().cast(), dst.len() as u32, src.cast())
};
if ret == 0 { Ok(()) } else { Err(ret) } if ret == 0 { Ok(()) } else { Err(ret) }
} }
@ -180,13 +187,15 @@ pub unsafe fn bpf_probe_read_user_buf(src: *const u8, dst: &mut [u8]) -> Result<
#[inline] #[inline]
pub unsafe fn bpf_probe_read_kernel<T>(src: *const T) -> Result<T, c_long> { pub unsafe fn bpf_probe_read_kernel<T>(src: *const T) -> Result<T, c_long> {
let mut v: MaybeUninit<T> = MaybeUninit::uninit(); let mut v: MaybeUninit<T> = MaybeUninit::uninit();
let ret = generated::bpf_probe_read_kernel( let ret = unsafe {
generated::bpf_probe_read_kernel(
v.as_mut_ptr().cast(), v.as_mut_ptr().cast(),
mem::size_of::<T>() as u32, mem::size_of::<T>() as u32,
src.cast(), src.cast(),
); )
};
if ret == 0 { if ret == 0 {
Ok(v.assume_init()) Ok(unsafe { v.assume_init() })
} else { } else {
Err(ret) Err(ret)
} }
@ -214,8 +223,9 @@ pub unsafe fn bpf_probe_read_kernel<T>(src: *const T) -> Result<T, c_long> {
/// On failure, this function returns a negative value wrapped in an `Err`. /// On failure, this function returns a negative value wrapped in an `Err`.
#[inline] #[inline]
pub unsafe fn bpf_probe_read_kernel_buf(src: *const u8, dst: &mut [u8]) -> Result<(), c_long> { pub unsafe fn bpf_probe_read_kernel_buf(src: *const u8, dst: &mut [u8]) -> Result<(), c_long> {
let ret = let ret = unsafe {
generated::bpf_probe_read_kernel(dst.as_mut_ptr().cast(), dst.len() as u32, src.cast()); generated::bpf_probe_read_kernel(dst.as_mut_ptr().cast(), dst.len() as u32, src.cast())
};
if ret == 0 { Ok(()) } else { Err(ret) } if ret == 0 { Ok(()) } else { Err(ret) }
} }
@ -250,8 +260,9 @@ pub unsafe fn bpf_probe_read_kernel_buf(src: *const u8, dst: &mut [u8]) -> Resul
)] )]
#[inline] #[inline]
pub unsafe fn bpf_probe_read_str(src: *const u8, dest: &mut [u8]) -> Result<usize, c_long> { pub unsafe fn bpf_probe_read_str(src: *const u8, dest: &mut [u8]) -> Result<usize, c_long> {
let len = let len = unsafe {
generated::bpf_probe_read_str(dest.as_mut_ptr().cast(), dest.len() as u32, src.cast()); generated::bpf_probe_read_str(dest.as_mut_ptr().cast(), dest.len() as u32, src.cast())
};
let len = usize::try_from(len).map_err(|core::num::TryFromIntError { .. }| -1)?; let len = usize::try_from(len).map_err(|core::num::TryFromIntError { .. }| -1)?;
// this can never happen, it's needed to tell the verifier that len is bounded. // this can never happen, it's needed to tell the verifier that len is bounded.
Ok(len.min(dest.len())) Ok(len.min(dest.len()))
@ -283,8 +294,9 @@ pub unsafe fn bpf_probe_read_str(src: *const u8, dest: &mut [u8]) -> Result<usiz
#[deprecated(note = "Use `bpf_probe_read_user_str_bytes` instead")] #[deprecated(note = "Use `bpf_probe_read_user_str_bytes` instead")]
#[inline] #[inline]
pub unsafe fn bpf_probe_read_user_str(src: *const u8, dest: &mut [u8]) -> Result<usize, c_long> { pub unsafe fn bpf_probe_read_user_str(src: *const u8, dest: &mut [u8]) -> Result<usize, c_long> {
let len = let len = unsafe {
generated::bpf_probe_read_user_str(dest.as_mut_ptr().cast(), dest.len() as u32, src.cast()); generated::bpf_probe_read_user_str(dest.as_mut_ptr().cast(), dest.len() as u32, src.cast())
};
let len = usize::try_from(len).map_err(|core::num::TryFromIntError { .. }| -1)?; let len = usize::try_from(len).map_err(|core::num::TryFromIntError { .. }| -1)?;
// this can never happen, it's needed to tell the verifier that len is bounded. // this can never happen, it's needed to tell the verifier that len is bounded.
Ok(len.min(dest.len())) Ok(len.min(dest.len()))
@ -377,8 +389,9 @@ pub unsafe fn bpf_probe_read_user_str_bytes(
src: *const u8, src: *const u8,
dest: &mut [u8], dest: &mut [u8],
) -> Result<&[u8], c_long> { ) -> Result<&[u8], c_long> {
let len = let len = unsafe {
generated::bpf_probe_read_user_str(dest.as_mut_ptr().cast(), dest.len() as u32, src.cast()); generated::bpf_probe_read_user_str(dest.as_mut_ptr().cast(), dest.len() as u32, src.cast())
};
read_str_bytes(len, dest) read_str_bytes(len, dest)
} }
@ -426,11 +439,13 @@ fn read_str_bytes(len: i64, dest: &[u8]) -> Result<&[u8], c_long> {
#[deprecated(note = "Use bpf_probe_read_kernel_str_bytes instead")] #[deprecated(note = "Use bpf_probe_read_kernel_str_bytes instead")]
#[inline] #[inline]
pub unsafe fn bpf_probe_read_kernel_str(src: *const u8, dest: &mut [u8]) -> Result<usize, c_long> { pub unsafe fn bpf_probe_read_kernel_str(src: *const u8, dest: &mut [u8]) -> Result<usize, c_long> {
let len = generated::bpf_probe_read_kernel_str( let len = unsafe {
generated::bpf_probe_read_kernel_str(
dest.as_mut_ptr().cast(), dest.as_mut_ptr().cast(),
dest.len() as u32, dest.len() as u32,
src.cast(), src.cast(),
); )
};
let len = usize::try_from(len).map_err(|core::num::TryFromIntError { .. }| -1)?; let len = usize::try_from(len).map_err(|core::num::TryFromIntError { .. }| -1)?;
// this can never happen, it's needed to tell the verifier that len is bounded. // this can never happen, it's needed to tell the verifier that len is bounded.
Ok(len.min(dest.len())) Ok(len.min(dest.len()))
@ -523,11 +538,13 @@ pub unsafe fn bpf_probe_read_kernel_str_bytes(
src: *const u8, src: *const u8,
dest: &mut [u8], dest: &mut [u8],
) -> Result<&[u8], c_long> { ) -> Result<&[u8], c_long> {
let len = generated::bpf_probe_read_kernel_str( let len = unsafe {
generated::bpf_probe_read_kernel_str(
dest.as_mut_ptr().cast(), dest.as_mut_ptr().cast(),
dest.len() as u32, dest.len() as u32,
src.cast(), src.cast(),
); )
};
read_str_bytes(len, dest) read_str_bytes(len, dest)
} }
@ -558,7 +575,9 @@ pub unsafe fn bpf_probe_read_kernel_str_bytes(
/// On failure, this function returns a negative value wrapped in an `Err`. /// On failure, this function returns a negative value wrapped in an `Err`.
#[inline] #[inline]
pub unsafe fn bpf_probe_write_user<T>(dst: *mut T, src: *const T) -> Result<(), c_long> { pub unsafe fn bpf_probe_write_user<T>(dst: *mut T, src: *const T) -> Result<(), c_long> {
let ret = generated::bpf_probe_write_user(dst.cast(), src.cast(), mem::size_of::<T>() as u32); let ret = unsafe {
generated::bpf_probe_write_user(dst.cast(), src.cast(), mem::size_of::<T>() as u32)
};
if ret == 0 { Ok(()) } else { Err(ret) } if ret == 0 { Ok(()) } else { Err(ret) }
} }
@ -784,8 +803,8 @@ pub unsafe fn bpf_printk_impl<const FMT_LEN: usize, const NUM_ARGS: usize>(
// arguments. We also can't turn the definitions in `helpers.rs` into // arguments. We also can't turn the definitions in `helpers.rs` into
// `const`s because MIRI believes casting arbitrary integers to function // `const`s because MIRI believes casting arbitrary integers to function
// pointers to be an error. // pointers to be an error.
let printk: unsafe extern "C" fn(fmt: *const c_char, fmt_size: u32, ...) -> c_long = let printk: extern "C" fn(fmt: *const c_char, fmt_size: u32, ...) -> c_long =
mem::transmute(6usize); unsafe { mem::transmute(6usize) };
let fmt_ptr = fmt.as_ptr().cast(); let fmt_ptr = fmt.as_ptr().cast();
let fmt_size = fmt.len() as u32; let fmt_size = fmt.len() as u32;
@ -795,12 +814,14 @@ pub unsafe fn bpf_printk_impl<const FMT_LEN: usize, const NUM_ARGS: usize>(
1 => printk(fmt_ptr, fmt_size, args[0]), 1 => printk(fmt_ptr, fmt_size, args[0]),
2 => printk(fmt_ptr, fmt_size, args[0], args[1]), 2 => printk(fmt_ptr, fmt_size, args[0], args[1]),
3 => printk(fmt_ptr, fmt_size, args[0], args[1], args[2]), 3 => printk(fmt_ptr, fmt_size, args[0], args[1], args[2]),
_ => generated::bpf_trace_vprintk( _ => unsafe {
generated::bpf_trace_vprintk(
fmt_ptr, fmt_ptr,
fmt_size, fmt_size,
args.as_ptr().cast(), args.as_ptr().cast(),
(NUM_ARGS * 8) as _, (NUM_ARGS * 8) as _,
), )
},
} }
} }

2
ebpf/aya-ebpf/src/lib.rs
Unescape Escape View File

@ -28,7 +28,7 @@ pub use aya_ebpf_bindings::bindings;
mod args; mod args;
pub use args::Argument; pub use args::Argument;
pub mod btf_maps; pub mod btf_maps;
#[expect(clippy::missing_safety_doc, unsafe_op_in_unsafe_fn)] #[expect(clippy::missing_safety_doc)]
pub mod helpers; pub mod helpers;
pub mod maps; pub mod maps;
pub mod programs; pub mod programs;

Write Preview
Loading…
Cancel
Save