Skip to content

Commit

Permalink
Remove uninit_slice_as_mut_ptr.
Browse files Browse the repository at this point in the history
  • Loading branch information
@briansmith
briansmith committed Oct 14, 2022
1 parent b7df3bc commit 033fc76
Show file tree
Hide file tree
Showing 10 changed files with 26 additions and 28 deletions.
4 changes: 2 additions & 2 deletions src/bsd_arandom.rs
View file
Expand Up @@ -34,15 +34,15 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
// getrandom(2) was introduced in FreeBSD 12.0 and NetBSD 10.0
#[cfg(target_os = "freebsd")]
{
use crate::{util::uninit_slice_as_mut_ptr, util_libc::Weak};
use crate::util_libc::Weak;
static GETRANDOM: Weak = unsafe { Weak::new("getrandom\0") };
type GetRandomFn =
unsafe extern "C" fn(*mut u8, libc::size_t, libc::c_uint) -> libc::ssize_t;

if let Some(fptr) = GETRANDOM.ptr() {
let func: GetRandomFn = unsafe { core::mem::transmute(fptr) };
return sys_fill_exact(dest, |buf| unsafe {
func(uninit_slice_as_mut_ptr(buf), buf.len(), 0)
func(buf.as_mut_ptr() as *mut u8, buf.len(), 0)
});
}
}
Expand Down
4 changes: 2 additions & 2 deletions src/fuchsia.rs
View file
Expand Up @@ -7,7 +7,7 @@
// except according to those terms.

//! Implementation for Fuchsia Zircon
use crate::{util::uninit_slice_as_mut_ptr, Error};
use crate::Error;
use core::mem::MaybeUninit;

#[link(name = "zircon")]
Expand All @@ -16,6 +16,6 @@ extern "C" {
}

pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
unsafe { zx_cprng_draw(uninit_slice_as_mut_ptr(dest), dest.len()) }
unsafe { zx_cprng_draw(dest.as_mut_ptr() as *mut u8, dest.len()) }
Ok(())
}
4 changes: 2 additions & 2 deletions src/ios.rs
View file
Expand Up @@ -7,7 +7,7 @@
// except according to those terms.

//! Implementation for iOS
use crate::{util::uninit_slice_as_mut_ptr, Error};
use crate::Error;
use core::{ffi::c_void, mem::MaybeUninit, ptr::null};

#[link(name = "Security", kind = "framework")]
Expand All @@ -17,7 +17,7 @@ extern "C" {

pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
// Apple's documentation guarantees kSecRandomDefault is a synonym for NULL.
let ret = unsafe { SecRandomCopyBytes(null(), dest.len(), uninit_slice_as_mut_ptr(dest)) };
let ret = unsafe { SecRandomCopyBytes(null(), dest.len(), dest.as_mut_ptr() as *mut u8) };
// errSecSuccess (from SecBase.h) is always zero.
if ret != 0 {
Err(Error::IOS_SEC_RANDOM)
Expand Down
7 changes: 2 additions & 5 deletions src/js.rs
View file
Expand Up @@ -5,10 +5,7 @@
// <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
// option. This file may not be copied, modified, or distributed
// except according to those terms.
use crate::{
util::{uninit_slice_as_mut_ptr, uninit_slice_fill_zero},
Error,
};
use crate::{util::uninit_slice_fill_zero, Error};

extern crate std;
use std::{mem::MaybeUninit, thread_local};
Expand Down Expand Up @@ -58,7 +55,7 @@ pub(crate) fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error>
}

// SAFETY: `sub_buf`'s length is the same length as `chunk`
unsafe { sub_buf.raw_copy_to_ptr(uninit_slice_as_mut_ptr(chunk)) };
unsafe { sub_buf.raw_copy_to_ptr(chunk.as_mut_ptr() as *mut u8) };
}
}
};
Expand Down
13 changes: 11 additions & 2 deletions src/lib.rs
View file
Expand Up @@ -205,6 +205,9 @@ pub use crate::error::Error;
//
// These should all provide getrandom_inner with the signature
// `fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error>`.
// The function MUST fully initialize `dest` when `Ok(())` is returned.
// The function MUST NOT ever write uninitialized bytes into `dest`,
// regardless of what value it returns.
cfg_if! {
if #[cfg(any(target_os = "emscripten", target_os = "haiku",
target_os = "redox"))] {
Expand Down Expand Up @@ -290,8 +293,11 @@ cfg_if! {
/// [`rand::thread_rng`](https://docs.rs/rand/*/rand/fn.thread_rng.html).
#[inline]
pub fn getrandom(dest: &mut [u8]) -> Result<(), Error> {
// SAFETY: The `&mut MaybeUninit<_>` reference doesn't escape.
getrandom_uninit_slice(unsafe { slice_as_uninit_mut(dest) }).map(|_| ())
// SAFETY: The `&mut MaybeUninit<_>` reference doesn't escape, and
// `getrandom_uninit_slice` guarantees it will never de-initialize any
// part of `dest`.
getrandom_uninit_slice(unsafe { slice_as_uninit_mut(dest) })?;
Ok(())
}

/// Version of the `getrandom` function which fills `dest` with random bytes
Expand All @@ -302,6 +308,9 @@ pub fn getrandom(dest: &mut [u8]) -> Result<(), Error> {
/// In other words, it's safe to assume that `dest` is initialized after
/// this function has returned `Ok`.
///
/// No part of `dest` will ever be de-initialized at any point, regardless
/// of what is returned.
///
/// # Examples
///
/// ```ignore
Expand Down
3 changes: 1 addition & 2 deletions src/macos.rs
View file
Expand Up @@ -9,7 +9,6 @@
//! Implementation for macOS
use crate::{
use_file,
util::uninit_slice_as_mut_ptr,
util_libc::{last_os_error, Weak},
Error,
};
Expand All @@ -23,7 +22,7 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
if let Some(fptr) = GETENTROPY.ptr() {
let func: GetEntropyFn = unsafe { mem::transmute(fptr) };
for chunk in dest.chunks_mut(256) {
let ret = unsafe { func(uninit_slice_as_mut_ptr(chunk), chunk.len()) };
let ret = unsafe { func(chunk.as_mut_ptr() as *mut u8, chunk.len()) };
if ret != 0 {
return Err(last_os_error());
}
Expand Down
4 changes: 2 additions & 2 deletions src/solid.rs
View file
Expand Up @@ -7,15 +7,15 @@
// except according to those terms.

//! Implementation for SOLID
use crate::{util::uninit_slice_as_mut_ptr, Error};
use crate::Error;
use core::{mem::MaybeUninit, num::NonZeroU32};

extern "C" {
pub fn SOLID_RNG_SampleRandomBytes(buffer: *mut u8, length: usize) -> i32;
}

pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
let ret = unsafe { SOLID_RNG_SampleRandomBytes(uninit_slice_as_mut_ptr(dest), dest.len()) };
let ret = unsafe { SOLID_RNG_SampleRandomBytes(dest.as_mut_ptr() as *mut u8, dest.len()) };
if ret >= 0 {
Ok(())
} else {
Expand Down
7 changes: 0 additions & 7 deletions src/util.rs
View file
Expand Up @@ -75,13 +75,6 @@ pub unsafe fn slice_assume_init_mut<T>(slice: &mut [MaybeUninit<T>]) -> &mut [T]
mem::transmute(slice)
}

/// Polyfill for the unstable `maybe_uninit_slice` feature's
/// `MaybeUninit::slice_as_mut_ptr`.
#[inline(always)]
pub fn uninit_slice_as_mut_ptr<T>(slice: &mut [MaybeUninit<T>]) -> *mut T {
slice.as_mut_ptr() as *mut T
}

#[inline]
pub fn uninit_slice_fill_zero(slice: &mut [MaybeUninit<u8>]) -> &mut [u8] {
slice.iter_mut().for_each(|b| *b = MaybeUninit::zeroed());
Expand Down
4 changes: 2 additions & 2 deletions src/vxworks.rs
View file
Expand Up @@ -7,7 +7,7 @@
// except according to those terms.

//! Implementation for VxWorks
use crate::{util::uninit_slice_as_mut_ptr, util_libc::last_os_error, Error};
use crate::{util_libc::last_os_error, Error};
use core::{
mem::MaybeUninit,
sync::atomic::{AtomicBool, Ordering::Relaxed},
Expand All @@ -28,7 +28,7 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {

// Prevent overflow of i32
for chunk in dest.chunks_mut(i32::max_value() as usize) {
let ret = unsafe { libc::randABytes(uninit_slice_as_mut_ptr(chunk), chunk.len() as i32) };
let ret = unsafe { libc::randABytes(chunk.as_mut_ptr() as *mut u8, chunk.len() as i32) };
if ret != 0 {
return Err(last_os_error());
}
Expand Down
4 changes: 2 additions & 2 deletions src/windows.rs
View file
Expand Up @@ -6,7 +6,7 @@
// option. This file may not be copied, modified, or distributed
// except according to those terms.

use crate::{util::uninit_slice_as_mut_ptr, Error};
use crate::Error;
use core::{ffi::c_void, mem::MaybeUninit, num::NonZeroU32, ptr};

const BCRYPT_USE_SYSTEM_PREFERRED_RNG: u32 = 0x00000002;
Expand All @@ -28,7 +28,7 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
let ret = unsafe {
BCryptGenRandom(
ptr::null_mut(),
uninit_slice_as_mut_ptr(chunk),
chunk.as_mut_ptr() as *mut u8,
chunk.len() as u32,
BCRYPT_USE_SYSTEM_PREFERRED_RNG,
)
Expand Down

0 comments on commit 033fc76

Please sign in to comment.