From 86b83f1db10f2ad524fc6095248472e2f0f9360c Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 09:56:16 +0100 Subject: [PATCH 01/12] Update to Rust 1.85 and edition 2024 Signed-off-by: Simon Davies --- .devcontainer/Dockerfile | 2 +- .github/workflows/Benchmarks.yml | 2 +- .github/workflows/CargoAudit.yml | 2 +- .github/workflows/CargoPublish.yml | 2 +- .github/workflows/CreateDevcontainerImage.yml | 2 +- .github/workflows/CreateRelease.yml | 6 +++--- .github/workflows/copilot-setup-steps.yml | 2 +- .github/workflows/dep_build_guest_binaries.yml | 2 +- .github/workflows/dep_fuzzing.yml | 2 +- .github/workflows/dep_rust.yml | 2 +- Cargo.toml | 4 ++-- README.md | 2 +- hack/rust-dependabot-patch.Dockerfile | 2 +- rust-toolchain.toml | 2 +- 14 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 37b8e7d64..6442e420d 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -52,7 +52,7 @@ RUN SNIPPET="export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhisto USER $USER -ARG RUST_TOOLCHAIN=1.81.0 +ARG RUST_TOOLCHAIN=1.85 # Install rust RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \ diff --git a/.github/workflows/Benchmarks.yml b/.github/workflows/Benchmarks.yml index ce28d4e73..221c4790e 100644 --- a/.github/workflows/Benchmarks.yml +++ b/.github/workflows/Benchmarks.yml @@ -30,7 +30,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/CargoAudit.yml b/.github/workflows/CargoAudit.yml index 015436c51..00cf41515 100644 --- a/.github/workflows/CargoAudit.yml +++ b/.github/workflows/CargoAudit.yml @@ -19,7 +19,7 @@ jobs: # TODO: Once the runner image is updated to include the necessary tools (without downloading), we can switch to the common workflow. - uses: dtolnay/rust-toolchain@master with: - toolchain: "1.81.0" + toolchain: "1.85" - uses: rustsec/audit-check@v2.0.0 with: diff --git a/.github/workflows/CargoPublish.yml b/.github/workflows/CargoPublish.yml index 9448dd4a4..9f32cc7cc 100644 --- a/.github/workflows/CargoPublish.yml +++ b/.github/workflows/CargoPublish.yml @@ -34,7 +34,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" - name: Check crate versions shell: bash diff --git a/.github/workflows/CreateDevcontainerImage.yml b/.github/workflows/CreateDevcontainerImage.yml index eb676ed28..81e0a9cb5 100644 --- a/.github/workflows/CreateDevcontainerImage.yml +++ b/.github/workflows/CreateDevcontainerImage.yml @@ -16,7 +16,7 @@ env: USER: vscode GROUP: vscode LLVM_VERSION: 17 - RUST_TOOLCHAIN_DEFAULT: 1.81.0 + RUST_TOOLCHAIN_DEFAULT: 1.85 RUST_TOOLCHAIN_FILE: rust-toolchain.toml # There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. diff --git a/.github/workflows/CreateRelease.yml b/.github/workflows/CreateRelease.yml index 9c79cd48f..0ee0a82a8 100644 --- a/.github/workflows/CreateRelease.yml +++ b/.github/workflows/CreateRelease.yml @@ -23,7 +23,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -43,7 +43,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -102,7 +102,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index e88870d36..e349a6a2a 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -28,6 +28,6 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dep_build_guest_binaries.yml b/.github/workflows/dep_build_guest_binaries.yml index f446d14d0..20e400a60 100644 --- a/.github/workflows/dep_build_guest_binaries.yml +++ b/.github/workflows/dep_build_guest_binaries.yml @@ -33,7 +33,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dep_fuzzing.yml b/.github/workflows/dep_fuzzing.yml index 59e5d8111..29edc50c1 100644 --- a/.github/workflows/dep_fuzzing.yml +++ b/.github/workflows/dep_fuzzing.yml @@ -34,7 +34,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dep_rust.yml b/.github/workflows/dep_rust.yml index 884bbb8e8..c182971ce 100644 --- a/.github/workflows/dep_rust.yml +++ b/.github/workflows/dep_rust.yml @@ -56,7 +56,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.4.0 with: - rust-toolchain: "1.81.0" + rust-toolchain: "1.85" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Cargo.toml b/Cargo.toml index dc7900170..300ae2a26 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,8 +22,8 @@ exclude = [ [workspace.package] version = "0.5.0" -edition = "2021" -rust-version = "1.81.0" +edition = "2024" +rust-version = "1.85" license = "Apache-2.0" homepage = "https://github.com/hyperlight-dev/hyperlight" repository = "https://github.com/hyperlight-dev/hyperlight" diff --git a/README.md b/README.md index e026e67f3..b24f24aab 100644 --- a/README.md +++ b/README.md @@ -175,7 +175,7 @@ After having an environment with a hypervisor setup, running the example has the 1. On Linux or WSL, you'll most likely need build essential. For Ubuntu, run `sudo apt install build-essential`. For Azure Linux, run `sudo dnf install build-essential`. -2. [Rust](https://www.rust-lang.org/tools/install). Install toolchain v1.81 or later. +2. [Rust](https://www.rust-lang.org/tools/install). Install toolchain v1.85 or later. Also, install the `x86_64-unknown-none` target, it is needed to build the test guest binaries. diff --git a/hack/rust-dependabot-patch.Dockerfile b/hack/rust-dependabot-patch.Dockerfile index bf305c082..31c285ef9 100644 --- a/hack/rust-dependabot-patch.Dockerfile +++ b/hack/rust-dependabot-patch.Dockerfile @@ -1,2 +1,2 @@ FROM dependabot/dependabot-script -RUN rustup toolchain install 1.81.0 && rustup default 1.81.0 +RUN rustup toolchain install 1.85 && rustup default 1.85 diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 3cf2110e7..c5794a6b8 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,2 +1,2 @@ [toolchain] -channel = "1.81.0" \ No newline at end of file +channel = "1.85" From c917eee12990a601f346b3394a41173d23d7fce9 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 10:48:40 +0100 Subject: [PATCH 02/12] These changes were created by running `cargo fix --edition` NOTE: I attempted to run flatc to re-generate the flatbuffer generated files but it did not do the updates for 2024 edition. Updated manually for review feedback Signed-off-by: Simon Davies --- .../hyperlight/generated/error_code_generated.rs | 10 +++++++--- .../hyperlight/generated/function_call_generated.rs | 10 ++++++---- .../generated/function_call_result_generated.rs | 10 ++++++---- .../generated/function_call_type_generated.rs | 10 +++++++--- .../hyperlight/generated/guest_error_generated.rs | 10 ++++++---- .../hyperlight/generated/guest_log_data_generated.rs | 10 ++++++---- .../hyperlight/generated/hlbool_generated.rs | 6 ++++-- .../hyperlight/generated/hldouble_generated.rs | 6 ++++-- .../hyperlight/generated/hlfloat_generated.rs | 6 ++++-- .../hyperlight/generated/hlint_generated.rs | 6 ++++-- .../hyperlight/generated/hllong_generated.rs | 6 ++++-- .../generated/hlsizeprefixedbuffer_generated.rs | 6 ++++-- .../hyperlight/generated/hlstring_generated.rs | 6 ++++-- .../hyperlight/generated/hluint_generated.rs | 6 ++++-- .../hyperlight/generated/hlulong_generated.rs | 6 ++++-- .../hyperlight/generated/hlvecbytes_generated.rs | 6 ++++-- .../hyperlight/generated/hlvoid_generated.rs | 6 ++++-- .../hyperlight/generated/log_level_generated.rs | 10 +++++++--- .../hyperlight/generated/parameter_generated.rs | 6 ++++-- .../hyperlight/generated/parameter_type_generated.rs | 10 +++++++--- .../generated/parameter_value_generated.rs | 10 +++++++--- .../hyperlight/generated/return_type_generated.rs | 10 +++++++--- .../hyperlight/generated/return_value_generated.rs | 10 +++++++--- src/hyperlight_host/src/mem/ptr_offset.rs | 6 +++--- .../src/signal_handlers/sigsys_signal_handler.rs | 1 + src/hyperlight_host/tests/integration_test.rs | 12 ++++++++---- 26 files changed, 133 insertions(+), 68 deletions(-) diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs index dba1ed055..7190bf56e 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs @@ -124,8 +124,10 @@ impl<'a> flatbuffers::Follow<'a> for ErrorCode { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); - Self(b) + unsafe { + let b = flatbuffers::read_scalar_at::(buf, loc); + Self(b) + } } } @@ -133,7 +135,9 @@ impl flatbuffers::Push for ErrorCode { type Output = ErrorCode; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs index 17d31fa9f..b02b0cc3e 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for FunctionCall<'a> { type Inner = FunctionCall<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } @@ -290,14 +292,14 @@ pub fn size_prefixed_root_as_function_call_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `FunctionCall`. pub unsafe fn root_as_function_call_unchecked(buf: &[u8]) -> FunctionCall { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed FunctionCall and returns it. /// # Safety /// Callers must trust the given bytes do indeed contain a valid size prefixed `FunctionCall`. pub unsafe fn size_prefixed_root_as_function_call_unchecked(buf: &[u8]) -> FunctionCall { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_function_call_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs index 8ff674e6c..42393b377 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for FunctionCallResult<'a> { type Inner = FunctionCallResult<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } @@ -513,7 +515,7 @@ pub fn size_prefixed_root_as_function_call_result_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `FunctionCallResult`. pub unsafe fn root_as_function_call_result_unchecked(buf: &[u8]) -> FunctionCallResult { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed FunctionCallResult and returns it. @@ -522,7 +524,7 @@ pub unsafe fn root_as_function_call_result_unchecked(buf: &[u8]) -> FunctionCall pub unsafe fn size_prefixed_root_as_function_call_result_unchecked( buf: &[u8], ) -> FunctionCallResult { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_function_call_result_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs index 67edacdf9..abd07b6b8 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs @@ -66,8 +66,10 @@ impl<'a> flatbuffers::Follow<'a> for FunctionCallType { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); - Self(b) + unsafe { + let b = flatbuffers::read_scalar_at::(buf, loc); + Self(b) + } } } @@ -75,7 +77,9 @@ impl flatbuffers::Push for FunctionCallType { type Output = FunctionCallType; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs index 57887a31b..7189b13c6 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for GuestError<'a> { type Inner = GuestError<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } @@ -192,14 +194,14 @@ pub fn size_prefixed_root_as_guest_error_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `GuestError`. pub unsafe fn root_as_guest_error_unchecked(buf: &[u8]) -> GuestError { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed GuestError and returns it. /// # Safety /// Callers must trust the given bytes do indeed contain a valid size prefixed `GuestError`. pub unsafe fn size_prefixed_root_as_guest_error_unchecked(buf: &[u8]) -> GuestError { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_guest_error_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs index 8deec7cad..b7938f11a 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for GuestLogData<'a> { type Inner = GuestLogData<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } @@ -288,14 +290,14 @@ pub fn size_prefixed_root_as_guest_log_data_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `GuestLogData`. pub unsafe fn root_as_guest_log_data_unchecked(buf: &[u8]) -> GuestLogData { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed GuestLogData and returns it. /// # Safety /// Callers must trust the given bytes do indeed contain a valid size prefixed `GuestLogData`. pub unsafe fn size_prefixed_root_as_guest_log_data_unchecked(buf: &[u8]) -> GuestLogData { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_guest_log_data_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs index d2005e5a5..5c3b30536 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlbool<'a> { type Inner = hlbool<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs index 5c71c2c9e..3527275a6 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hldouble<'a> { type Inner = hldouble<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs index 93673efe1..aa03ee930 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlfloat<'a> { type Inner = hlfloat<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs index a162f6eec..7ebb3c462 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlint<'a> { type Inner = hlint<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs index 690afaa26..a3815898a 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hllong<'a> { type Inner = hllong<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs index ed1e74b37..22907adf7 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlsizeprefixedbuffer<'a> { type Inner = hlsizeprefixedbuffer<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs index ba8c2eb7f..827498527 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlstring<'a> { type Inner = hlstring<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs index e10699658..d6388bc02 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hluint<'a> { type Inner = hluint<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs index db83b936d..18a22f7ed 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlulong<'a> { type Inner = hlulong<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs index e673cd425..18437cecb 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlvecbytes<'a> { type Inner = hlvecbytes<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs index 76e0e9f97..6f169ffcc 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for hlvoid<'a> { type Inner = hlvoid<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs index a47458489..0b8076f8a 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs @@ -86,8 +86,10 @@ impl<'a> flatbuffers::Follow<'a> for LogLevel { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); - Self(b) + unsafe { + let b = flatbuffers::read_scalar_at::(buf, loc); + Self(b) + } } } @@ -95,7 +97,9 @@ impl flatbuffers::Push for LogLevel { type Output = LogLevel; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs index 41e80c4ac..44ee4df58 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs @@ -21,8 +21,10 @@ impl<'a> flatbuffers::Follow<'a> for Parameter<'a> { type Inner = Parameter<'a>; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - Self { - _tab: flatbuffers::Table::new(buf, loc), + unsafe { + Self { + _tab: flatbuffers::Table::new(buf, loc), + } } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs index 5ef4b56e1..404a4fa5a 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs @@ -94,8 +94,10 @@ impl<'a> flatbuffers::Follow<'a> for ParameterType { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); - Self(b) + unsafe { + let b = flatbuffers::read_scalar_at::(buf, loc); + Self(b) + } } } @@ -103,7 +105,9 @@ impl flatbuffers::Push for ParameterType { type Output = ParameterType; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs index 91d51b456..ea701a73d 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs @@ -98,8 +98,10 @@ impl<'a> flatbuffers::Follow<'a> for ParameterValue { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); - Self(b) + unsafe { + let b = flatbuffers::read_scalar_at::(buf, loc); + Self(b) + } } } @@ -107,7 +109,9 @@ impl flatbuffers::Push for ParameterValue { type Output = ParameterValue; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs index 0610cdd55..a11af8c07 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs @@ -98,8 +98,10 @@ impl<'a> flatbuffers::Follow<'a> for ReturnType { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); - Self(b) + unsafe { + let b = flatbuffers::read_scalar_at::(buf, loc); + Self(b) + } } } @@ -107,7 +109,9 @@ impl flatbuffers::Push for ReturnType { type Output = ReturnType; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs index 2c9f94872..f86a941bc 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs @@ -102,8 +102,10 @@ impl<'a> flatbuffers::Follow<'a> for ReturnValue { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); - Self(b) + unsafe { + let b = flatbuffers::read_scalar_at::(buf, loc); + Self(b) + } } } @@ -111,7 +113,9 @@ impl flatbuffers::Push for ReturnValue { type Output = ReturnValue; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_host/src/mem/ptr_offset.rs b/src/hyperlight_host/src/mem/ptr_offset.rs index 3e4654b9a..bf9daf92f 100644 --- a/src/hyperlight_host/src/mem/ptr_offset.rs +++ b/src/hyperlight_host/src/mem/ptr_offset.rs @@ -201,11 +201,11 @@ impl Sub for u64 { impl PartialEq for Offset { #[instrument(skip_all, parent = Span::current(), level= "Trace")] fn eq(&self, other: &usize) -> bool { - if let Ok(offset_usize) = usize::try_from(self) { + match usize::try_from(self) { Ok(offset_usize) => { offset_usize == *other - } else { + } _ => { false - } + }} } } diff --git a/src/hyperlight_host/src/signal_handlers/sigsys_signal_handler.rs b/src/hyperlight_host/src/signal_handlers/sigsys_signal_handler.rs index 9e9bb42fc..db5f10489 100644 --- a/src/hyperlight_host/src/signal_handlers/sigsys_signal_handler.rs +++ b/src/hyperlight_host/src/signal_handlers/sigsys_signal_handler.rs @@ -102,6 +102,7 @@ pub(super) extern "C" fn handle_sigsys( } extern "C-unwind" fn after_syscall_violation() { + #[allow(clippy::panic)] std::panic::panic_any(crate::HyperlightError::DisallowedSyscall); } diff --git a/src/hyperlight_host/tests/integration_test.rs b/src/hyperlight_host/tests/integration_test.rs index 2df993070..55f95ce1c 100644 --- a/src/hyperlight_host/tests/integration_test.rs +++ b/src/hyperlight_host/tests/integration_test.rs @@ -478,19 +478,23 @@ fn log_message() { assert_eq!(expected, LOGGER.num_log_calls()); // Set the log level via env var - std::env::set_var("RUST_LOG", format!("hyperlight_guest={}", level)); + // TODO: Audit that the environment access only happens in single-threaded code. + unsafe { std::env::set_var("RUST_LOG", format!("hyperlight_guest={}", level)) }; log_test_messages(None); assert_eq!(expected, LOGGER.num_log_calls()); - std::env::set_var("RUST_LOG", format!("hyperlight_host={}", level)); + // TODO: Audit that the environment access only happens in single-threaded code. + unsafe { std::env::set_var("RUST_LOG", format!("hyperlight_host={}", level)) }; log_test_messages(None); assert_eq!(expected, LOGGER.num_log_calls()); - std::env::set_var("RUST_LOG", format!("{}", level)); + // TODO: Audit that the environment access only happens in single-threaded code. + unsafe { std::env::set_var("RUST_LOG", format!("{}", level)) }; log_test_messages(None); assert_eq!(expected, LOGGER.num_log_calls()); - std::env::remove_var("RUST_LOG"); + // TODO: Audit that the environment access only happens in single-threaded code. + unsafe { std::env::remove_var("RUST_LOG") }; } // Test that if no log level is set, the default is error From e9e7434c790773ededf7d738b587745f5a8534c9 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 10:55:46 +0100 Subject: [PATCH 03/12] Allow mutable reference to mutable static in test logger Signed-off-by: Simon Davies --- src/hyperlight_testing/src/simplelogger.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/hyperlight_testing/src/simplelogger.rs b/src/hyperlight_testing/src/simplelogger.rs index 5e99f0110..e8363a556 100644 --- a/src/hyperlight_testing/src/simplelogger.rs +++ b/src/hyperlight_testing/src/simplelogger.rs @@ -13,7 +13,7 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ - +#![allow(static_mut_refs)] // this is a non threadsafe logger for testing purposes, to test the log messages emitted by the guest. // it will only log messages from the hyperlight_guest target. It will not log messages from other targets. // this target is only used when handling an outb log request from the guest, so this logger will only capture those messages. From 0e7b68837b3e7f6ee5314704b2c675ad6432db1a Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 10:57:59 +0100 Subject: [PATCH 04/12] Add missing unsafe scopes to hyperlight-guest build.rs Signed-off-by: Simon Davies --- src/hyperlight_guest/build.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/hyperlight_guest/build.rs b/src/hyperlight_guest/build.rs index d854cb18c..aa031a266 100644 --- a/src/hyperlight_guest/build.rs +++ b/src/hyperlight_guest/build.rs @@ -104,9 +104,9 @@ fn cargo_main() { } if cfg!(windows) { - env::set_var("AR_x86_64_unknown_none", "llvm-ar"); + unsafe {env::set_var("AR_x86_64_unknown_none", "llvm-ar")}; } else { - env::set_var("AR_x86_64_pc_windows_msvc", "llvm-lib"); + unsafe {env::set_var("AR_x86_64_pc_windows_msvc", "llvm-lib")}; } cfg.compile("hyperlight_guest"); From 1960afae6d1c1ba20e26c81e104f41757ff77ae6 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 11:12:02 +0100 Subject: [PATCH 05/12] These changes to hyperlight-guest were created by running `cargo fix --edition` Signed-off-by: Simon Davies --- src/hyperlight_guest/src/entrypoint.rs | 10 +++++----- src/hyperlight_guest/src/exceptions/gdt.rs | 4 ++-- .../src/exceptions/handlers.rs | 2 +- src/hyperlight_guest/src/exceptions/idtr.rs | 8 ++++---- .../src/exceptions/interrupt_entry.rs | 2 +- src/hyperlight_guest/src/guest_error.rs | 2 +- .../src/guest_function_call.rs | 4 ++-- .../src/host_function_call.rs | 4 ++-- src/hyperlight_guest/src/memory.rs | 20 +++++++++---------- src/hyperlight_guest/src/print.rs | 6 +++--- 10 files changed, 31 insertions(+), 31 deletions(-) diff --git a/src/hyperlight_guest/src/entrypoint.rs b/src/hyperlight_guest/src/entrypoint.rs index 891f3da59..2221ad4a0 100644 --- a/src/hyperlight_guest/src/entrypoint.rs +++ b/src/hyperlight_guest/src/entrypoint.rs @@ -34,7 +34,7 @@ pub fn halt() { unsafe { asm!("hlt", options(nostack)) } } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn abort() -> ! { abort_with_code(&[0, 0xFF]) } @@ -49,7 +49,7 @@ pub fn abort_with_code(code: &[u8]) -> ! { /// /// # Safety /// This function is unsafe because it dereferences a raw pointer. -pub unsafe fn abort_with_code_and_message(code: &[u8], message_ptr: *const c_char) -> ! { +pub unsafe fn abort_with_code_and_message(code: &[u8], message_ptr: *const c_char) -> ! { unsafe { // Step 1: Send abort code (typically 1 byte, but `code` allows flexibility) outb(OutBAction::Abort as u16, code); @@ -64,16 +64,16 @@ pub unsafe fn abort_with_code_and_message(code: &[u8], message_ptr: *const c_cha // This function never returns unreachable!() -} +}} -extern "C" { +unsafe extern "C" { fn hyperlight_main(); fn srand(seed: u32); } static INIT: Once = Once::new(); -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn entrypoint(peb_address: u64, seed: u64, ops: u64, max_log_level: u64) { if peb_address == 0 { panic!("PEB address is null"); diff --git a/src/hyperlight_guest/src/exceptions/gdt.rs b/src/hyperlight_guest/src/exceptions/gdt.rs index 62f70e44c..77e3e3ac3 100644 --- a/src/hyperlight_guest/src/exceptions/gdt.rs +++ b/src/hyperlight_guest/src/exceptions/gdt.rs @@ -72,7 +72,7 @@ struct GdtPointer { } /// Load the GDT -pub unsafe fn load_gdt() { +pub unsafe fn load_gdt() { unsafe { let gdt_ptr = GdtPointer { size: (core::mem::size_of::<[GdtEntry; 3]>() - 1) as u16, base: addr_of!(GDT) as *const _ as u64, @@ -94,4 +94,4 @@ pub unsafe fn load_gdt() { in(reg) &gdt_ptr, options(nostack, preserves_flags) ); -} +}} diff --git a/src/hyperlight_guest/src/exceptions/handlers.rs b/src/hyperlight_guest/src/exceptions/handlers.rs index c2c6950a2..114d046eb 100644 --- a/src/hyperlight_guest/src/exceptions/handlers.rs +++ b/src/hyperlight_guest/src/exceptions/handlers.rs @@ -23,7 +23,7 @@ use hyperlight_common::outb::Exception; use crate::entrypoint::abort_with_code_and_message; /// Exception handler -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_exception_handler( stack_pointer: u64, exception_number: u64, diff --git a/src/hyperlight_guest/src/exceptions/idtr.rs b/src/hyperlight_guest/src/exceptions/idtr.rs index 26bc634a9..73339ea45 100644 --- a/src/hyperlight_guest/src/exceptions/idtr.rs +++ b/src/hyperlight_guest/src/exceptions/idtr.rs @@ -16,12 +16,12 @@ impl Idtr { self.base = base; } - pub unsafe fn load(&self) { + pub unsafe fn load(&self) { unsafe { core::arch::asm!("lidt [{}]", in(reg) self, options(readonly, nostack, preserves_flags)); - } + }} } -pub(crate) unsafe fn load_idt() { +pub(crate) unsafe fn load_idt() { unsafe { init_idt(); let idt_size = 256 * size_of::(); @@ -29,4 +29,4 @@ pub(crate) unsafe fn load_idt() { IDTR.init(expected_base, idt_size as u16); IDTR.load(); -} +}} diff --git a/src/hyperlight_guest/src/exceptions/interrupt_entry.rs b/src/hyperlight_guest/src/exceptions/interrupt_entry.rs index a04963b8c..48de98ed6 100644 --- a/src/hyperlight_guest/src/exceptions/interrupt_entry.rs +++ b/src/hyperlight_guest/src/exceptions/interrupt_entry.rs @@ -21,7 +21,7 @@ use core::arch::global_asm; use crate::exceptions::handlers::hl_exception_handler; -extern "C" { +unsafe extern "C" { // Exception handlers pub(crate) fn _do_excp0(); pub(crate) fn _do_excp1(); diff --git a/src/hyperlight_guest/src/guest_error.rs b/src/hyperlight_guest/src/guest_error.rs index d56cd82d6..9ad7e2bd4 100644 --- a/src/hyperlight_guest/src/guest_error.rs +++ b/src/hyperlight_guest/src/guest_error.rs @@ -45,7 +45,7 @@ pub(crate) fn set_error(error_code: ErrorCode, message: &str) { /// # Safety /// TODO /// cbindgen:ignore -#[no_mangle] +#[unsafe(no_mangle)] #[allow(non_camel_case_types)] pub unsafe extern "C" fn setError(code: u64, message: *const c_char) { let error_code = ErrorCode::from(code); diff --git a/src/hyperlight_guest/src/guest_function_call.rs b/src/hyperlight_guest/src/guest_function_call.rs index 361b9c3ab..5c7baa1d5 100644 --- a/src/hyperlight_guest/src/guest_function_call.rs +++ b/src/hyperlight_guest/src/guest_function_call.rs @@ -68,7 +68,7 @@ pub(crate) fn call_guest_function(function_call: FunctionCall) -> Result // TODO: ideally we would define a default implementation of this with weak linkage so the guest is not required // to implement the function but its seems that weak linkage is an unstable feature so for now its probably better // to not do that. - extern "Rust" { + unsafe extern "Rust" { fn guest_dispatch_function(function_call: FunctionCall) -> Result>; } @@ -78,7 +78,7 @@ pub(crate) fn call_guest_function(function_call: FunctionCall) -> Result // This function is marked as no_mangle/inline to prevent the compiler from inlining it , if its inlined the epilogue will not be called // and we will leak memory as the epilogue will not be called as halt() is not going to return. -#[no_mangle] +#[unsafe(no_mangle)] #[inline(never)] fn internal_dispatch_function() -> Result<()> { #[cfg(debug_assertions)] diff --git a/src/hyperlight_guest/src/host_function_call.rs b/src/hyperlight_guest/src/host_function_call.rs index 97c03e117..f9094b956 100644 --- a/src/hyperlight_guest/src/host_function_call.rs +++ b/src/hyperlight_guest/src/host_function_call.rs @@ -107,9 +107,9 @@ pub fn outb(port: u16, data: &[u8]) { } } -pub(crate) unsafe fn out32(port: u16, val: u32) { +pub(crate) unsafe fn out32(port: u16, val: u32) { unsafe { arch::asm!("out dx, eax", in("dx") port, in("eax") val, options(preserves_flags, nomem, nostack)); -} +}} /// Prints a message using `OutBAction::DebugPrint`. It transmits bytes of a message /// through several VMExists and, with such, it is slower than diff --git a/src/hyperlight_guest/src/memory.rs b/src/hyperlight_guest/src/memory.rs index 9e0a71a6d..71c1401c8 100644 --- a/src/hyperlight_guest/src/memory.rs +++ b/src/hyperlight_guest/src/memory.rs @@ -81,30 +81,30 @@ unsafe fn alloc_helper(size: usize, zero: bool) -> *mut c_void { /// /// # Safety /// The returned pointer must be freed with `memory::free` when it is no longer needed, otherwise memory will leak. -#[no_mangle] -pub unsafe extern "C" fn malloc(size: usize) -> *mut c_void { +#[unsafe(no_mangle)] +pub unsafe extern "C" fn malloc(size: usize) -> *mut c_void { unsafe { alloc_helper(size, false) -} +}} /// Allocates a block of memory for an array of `nmemb` elements, each of `size` bytes. /// The memory is initialized to 0s. /// /// # Safety /// The returned pointer must be freed with `memory::free` when it is no longer needed, otherwise memory will leak. -#[no_mangle] -pub unsafe extern "C" fn calloc(nmemb: usize, size: usize) -> *mut c_void { +#[unsafe(no_mangle)] +pub unsafe extern "C" fn calloc(nmemb: usize, size: usize) -> *mut c_void { unsafe { let total_size = nmemb .checked_mul(size) .expect("nmemb * size should not overflow in calloc"); alloc_helper(total_size, true) -} +}} /// Frees the memory block pointed to by `ptr`. /// /// # Safety /// `ptr` must be a pointer to a memory block previously allocated by `memory::malloc`, `memory::calloc`, or `memory::realloc`. -#[no_mangle] +#[unsafe(no_mangle)] pub unsafe extern "C" fn free(ptr: *mut c_void) { if !ptr.is_null() { unsafe { @@ -120,8 +120,8 @@ pub unsafe extern "C" fn free(ptr: *mut c_void) { /// /// # Safety /// `ptr` must be a pointer to a memory block previously allocated by `memory::malloc`, `memory::calloc`, or `memory::realloc`. -#[no_mangle] -pub unsafe extern "C" fn realloc(ptr: *mut c_void, size: usize) -> *mut c_void { +#[unsafe(no_mangle)] +pub unsafe extern "C" fn realloc(ptr: *mut c_void, size: usize) -> *mut c_void { unsafe { if ptr.is_null() { // If the pointer is null, treat as a malloc return malloc(size); @@ -155,4 +155,4 @@ pub unsafe extern "C" fn realloc(ptr: *mut c_void, size: usize) -> *mut c_void { new_block_start.add(1) as *mut c_void } } -} +}} diff --git a/src/hyperlight_guest/src/print.rs b/src/hyperlight_guest/src/print.rs index 740e4561f..ebe5a571d 100644 --- a/src/hyperlight_guest/src/print.rs +++ b/src/hyperlight_guest/src/print.rs @@ -31,9 +31,9 @@ static mut MESSAGE_BUFFER: Vec = Vec::new(); /// /// # Safety /// This function is not thread safe -#[no_mangle] +#[unsafe(no_mangle)] #[allow(static_mut_refs)] -pub unsafe extern "C" fn _putchar(c: c_char) { +pub unsafe extern "C" fn _putchar(c: c_char) { unsafe { let char = c as u8; // Extend buffer capacity if it's empty (like `with_capacity` in lazy_static). @@ -66,4 +66,4 @@ pub unsafe extern "C" fn _putchar(c: c_char) { // Clear the buffer after sending MESSAGE_BUFFER.clear(); } -} +}} From 47006570bc220a08ccba719ddbb6379e4958ec69 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 11:16:31 +0100 Subject: [PATCH 06/12] fix unsafe scopes Signed-off-by: Simon Davies --- src/hyperlight_guest/src/memory.rs | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/src/hyperlight_guest/src/memory.rs b/src/hyperlight_guest/src/memory.rs index 71c1401c8..4e296972b 100644 --- a/src/hyperlight_guest/src/memory.rs +++ b/src/hyperlight_guest/src/memory.rs @@ -121,29 +121,31 @@ pub unsafe extern "C" fn free(ptr: *mut c_void) { /// # Safety /// `ptr` must be a pointer to a memory block previously allocated by `memory::malloc`, `memory::calloc`, or `memory::realloc`. #[unsafe(no_mangle)] -pub unsafe extern "C" fn realloc(ptr: *mut c_void, size: usize) -> *mut c_void { unsafe { +pub unsafe extern "C" fn realloc(ptr: *mut c_void, size: usize) -> *mut c_void { if ptr.is_null() { // If the pointer is null, treat as a malloc - return malloc(size); + return unsafe {malloc(size)}; } if size == 0 { // If the size is 0, treat as a free and return null - free(ptr); + unsafe { + free(ptr); + } return ptr::null_mut(); } - unsafe { + let total_new_size = size .checked_add(size_of::()) .expect("data and layout size should not overflow in realloc"); - let block_start = (ptr as *const Layout).sub(1); - let old_layout = block_start.read(); + let block_start = unsafe { (ptr as *const Layout).sub(1) }; + let old_layout = unsafe { block_start.read() }; let new_layout = Layout::from_size_align(total_new_size, MAX_ALIGN).unwrap(); let new_block_start = - alloc::alloc::realloc(block_start as *mut u8, old_layout, total_new_size) + unsafe {alloc::alloc::realloc(block_start as *mut u8, old_layout, total_new_size)} as *mut Layout; if new_block_start.is_null() { @@ -151,8 +153,10 @@ pub unsafe extern "C" fn realloc(ptr: *mut c_void, size: usize) -> *mut c_void { abort_with_code(&[ErrorCode::MallocFailed as u8]); } else { // Update the stored Layout, then return ptr to memory right after the Layout. - new_block_start.write(new_layout); - new_block_start.add(1) as *mut c_void + unsafe { + new_block_start.write(new_layout); + new_block_start.add(1) as *mut c_void + } } - } -}} + +} From 6c754a4596b0ef3145c02436a2e03c6e36987f41 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 11:48:14 +0100 Subject: [PATCH 07/12] fix hyperlight-guest to avoid clippy warnings about using shared reference to mutable static Signed-off-by: Simon Davies --- src/hyperlight_guest/src/exceptions/idtr.rs | 9 ++++++--- src/hyperlight_guest/src/guest_function_call.rs | 5 +++-- src/tests/rust_guests/simpleguest/src/main.rs | 2 ++ 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/src/hyperlight_guest/src/exceptions/idtr.rs b/src/hyperlight_guest/src/exceptions/idtr.rs index 73339ea45..b872392e6 100644 --- a/src/hyperlight_guest/src/exceptions/idtr.rs +++ b/src/hyperlight_guest/src/exceptions/idtr.rs @@ -26,7 +26,10 @@ pub(crate) unsafe fn load_idt() { unsafe { let idt_size = 256 * size_of::(); let expected_base = addr_of!(IDT) as *const _ as u64; - - IDTR.init(expected_base, idt_size as u16); - IDTR.load(); + + // Use &raw mut to get a mutable raw pointer, then dereference it + // this is to avoid the clippy warning "shared reference to mutable static" + let idtr = &mut *(&raw mut IDTR); + idtr.init(expected_base, idt_size as u16); + idtr.load(); }} diff --git a/src/hyperlight_guest/src/guest_function_call.rs b/src/hyperlight_guest/src/guest_function_call.rs index 5c7baa1d5..1311fedbf 100644 --- a/src/hyperlight_guest/src/guest_function_call.rs +++ b/src/hyperlight_guest/src/guest_function_call.rs @@ -43,8 +43,9 @@ pub(crate) fn call_guest_function(function_call: FunctionCall) -> Result } // Find the function definition for the function call. - if let Some(registered_function_definition) = - unsafe { REGISTERED_GUEST_FUNCTIONS.get(&function_call.function_name) } + // Use &raw const to get an immutable reference to the static HashMap + // this is to avoid the clippy warning "shared reference to mutable static" + if let Some(registered_function_definition) = unsafe { (*(&raw const REGISTERED_GUEST_FUNCTIONS)).get(&function_call.function_name) } { let function_call_parameter_types: Vec = function_call .parameters diff --git a/src/tests/rust_guests/simpleguest/src/main.rs b/src/tests/rust_guests/simpleguest/src/main.rs index ce7bd6aa7..6311d8e2d 100644 --- a/src/tests/rust_guests/simpleguest/src/main.rs +++ b/src/tests/rust_guests/simpleguest/src/main.rs @@ -56,9 +56,11 @@ static mut BIGARRAY: [i32; 1024 * 1024] = [0; 1024 * 1024]; fn set_static(_: &FunctionCall) -> Result> { unsafe { + #[allow(static_mut_refs)] for val in BIGARRAY.iter_mut() { *val = 1; } + #[allow(static_mut_refs)] Ok(get_flatbuffer_result(BIGARRAY.len() as i32)) } } From ee1421ddea080a6b8d20feac447fbfd61bce99a7 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 12:23:27 +0100 Subject: [PATCH 08/12] Fix hyperlight-guest for Rust Edition 2024 The is mainly the result of running `cargo fix --edition` along with a couple of manula changes to fix clippy "shared reference to mutable static" warnings Signed-off-by: Simon Davies --- src/hyperlight_guest_capi/src/dispatch.rs | 17 ++++++++------ src/hyperlight_guest_capi/src/error.rs | 6 ++--- src/hyperlight_guest_capi/src/flatbuffer.rs | 26 ++++++++++----------- src/hyperlight_guest_capi/src/logging.rs | 2 +- 4 files changed, 27 insertions(+), 24 deletions(-) diff --git a/src/hyperlight_guest_capi/src/dispatch.rs b/src/hyperlight_guest_capi/src/dispatch.rs index feba47658..aae90738c 100644 --- a/src/hyperlight_guest_capi/src/dispatch.rs +++ b/src/hyperlight_guest_capi/src/dispatch.rs @@ -17,16 +17,18 @@ static mut REGISTERED_C_GUEST_FUNCTIONS: GuestFunctionRegister = GuestFunctionRe type CGuestFunc = extern "C" fn(&FfiFunctionCall) -> Box; -extern "C" { +unsafe extern "C" { // NOTE *mut FfiVec must be a Box. This will be the case as long as the guest // returns a FfiVec that they created using the c-api hl_flatbuffer_result_from_* functions. fn c_guest_dispatch_function(function_call: &FfiFunctionCall) -> *mut FfiVec; } -#[no_mangle] +#[unsafe(no_mangle)] pub fn guest_dispatch_function(function_call: FunctionCall) -> Result> { + // Use &raw const to get an immutable reference to the static HashMap + // this is to avoid the clippy warning "shared reference to mutable static" if let Some(registered_func) = - unsafe { REGISTERED_C_GUEST_FUNCTIONS.get(&function_call.function_name) } + unsafe { (*(&raw const REGISTERED_C_GUEST_FUNCTIONS)).get(&function_call.function_name) } { let function_call_parameter_types: Vec = function_call .parameters @@ -64,7 +66,7 @@ pub fn guest_dispatch_function(function_call: FunctionCall) -> Result> { } } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_register_function_definition( function_name: *const c_char, func_ptr: CGuestFunc, @@ -79,12 +81,13 @@ pub extern "C" fn hl_register_function_definition( let func_def = GuestFunctionDefinition::new(func_name, func_params, return_type, func_ptr as usize); - #[allow(static_mut_refs)] - unsafe { &mut REGISTERED_C_GUEST_FUNCTIONS }.register(func_def); + // Use &raw mut to get a mutable raw pointer, then dereference it + // this is to avoid the clippy warning "shared reference to mutable static" + unsafe { (&mut *(&raw mut REGISTERED_C_GUEST_FUNCTIONS)).register(func_def) }; } /// The caller is responsible for freeing the memory associated with given `FfiFunctionCall`. -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_call_host_function(function_call: &FfiFunctionCall) { let parameters = unsafe { function_call.copy_parameters() }; let func_name = unsafe { function_call.copy_function_name() }; diff --git a/src/hyperlight_guest_capi/src/error.rs b/src/hyperlight_guest_capi/src/error.rs index ea87b6c6d..8e4845c58 100644 --- a/src/hyperlight_guest_capi/src/error.rs +++ b/src/hyperlight_guest_capi/src/error.rs @@ -3,19 +3,19 @@ use core::ffi::c_char; use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode; use hyperlight_guest::guest_error::setError; -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_set_error(err: ErrorCode, message: *const c_char) { unsafe { setError(err.into(), message); } } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_abort_with_code(err: i32) { hyperlight_guest::entrypoint::abort_with_code(&[err as u8]); } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_abort_with_code_and_message(err: i32, message: *const c_char) { unsafe { hyperlight_guest::entrypoint::abort_with_code_and_message(&[err as u8], message) }; } diff --git a/src/hyperlight_guest_capi/src/flatbuffer.rs b/src/hyperlight_guest_capi/src/flatbuffer.rs index 33cfdbb4b..959b8d2a9 100644 --- a/src/hyperlight_guest_capi/src/flatbuffer.rs +++ b/src/hyperlight_guest_capi/src/flatbuffer.rs @@ -10,56 +10,56 @@ use crate::types::FfiVec; // is to match the names of the variants in hl_ReturnType, // which is used in the C macros in macro.h -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_Int(value: i32) -> Box { let vec = get_flatbuffer_result(value); Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_UInt(value: u32) -> Box { let vec = get_flatbuffer_result(value); Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_Long(value: i64) -> Box { let vec = get_flatbuffer_result(value); Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_ULong(value: u64) -> Box { let vec = get_flatbuffer_result(value); Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_Float(value: f32) -> Box { let vec = get_flatbuffer_result(value); Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_Double(value: f64) -> Box { let vec = get_flatbuffer_result(value); Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_Void() -> Box { let vec = get_flatbuffer_result(()); Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_String(value: *const c_char) -> Box { let str = unsafe { CStr::from_ptr(value) }; let vec = get_flatbuffer_result(str.to_string_lossy().as_ref()); @@ -67,7 +67,7 @@ pub extern "C" fn hl_flatbuffer_result_from_String(value: *const c_char) -> Box< Box::new(unsafe { FfiVec::from_vec(vec) }) } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_flatbuffer_result_from_Bytes(data: *const u8, len: usize) -> Box { let slice = unsafe { core::slice::from_raw_parts(data, len) }; @@ -78,23 +78,23 @@ pub extern "C" fn hl_flatbuffer_result_from_Bytes(data: *const u8, len: usize) - //--- Functions for getting values returned by host functions calls -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_get_host_return_value_as_Int() -> i32 { get_host_return_value().expect("Unable to get host return value as int") } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_get_host_return_value_as_UInt() -> u32 { get_host_return_value().expect("Unable to get host return value as uint") } // the same for long, ulong -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_get_host_return_value_as_Long() -> i64 { get_host_return_value().expect("Unable to get host return value as long") } -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_get_host_return_value_as_ULong() -> u64 { get_host_return_value().expect("Unable to get host return value as ulong") } diff --git a/src/hyperlight_guest_capi/src/logging.rs b/src/hyperlight_guest_capi/src/logging.rs index 8bba45e32..2846fa3fe 100644 --- a/src/hyperlight_guest_capi/src/logging.rs +++ b/src/hyperlight_guest_capi/src/logging.rs @@ -1,6 +1,6 @@ use core::ffi::c_char; -#[no_mangle] +#[unsafe(no_mangle)] pub extern "C" fn hl_log( level: log::Level, message: *const c_char, From 18d9ffc12647cdb875de45033de58b2391f640d2 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 12:30:57 +0100 Subject: [PATCH 09/12] Clippy fixes for updates to Rust Version 2024 Signed-off-by: Simon Davies --- src/hyperlight_common/src/flatbuffer_wrappers/util.rs | 2 +- src/hyperlight_host/src/mem/layout.rs | 3 +-- src/hyperlight_host/src/mem/mgr.rs | 3 +-- src/hyperlight_host/src/metrics/mod.rs | 6 +++--- src/hyperlight_host/src/sandbox_state/transition.rs | 7 +++---- 5 files changed, 9 insertions(+), 12 deletions(-) diff --git a/src/hyperlight_common/src/flatbuffer_wrappers/util.rs b/src/hyperlight_common/src/flatbuffer_wrappers/util.rs index ff453edc4..0e387b03a 100644 --- a/src/hyperlight_common/src/flatbuffer_wrappers/util.rs +++ b/src/hyperlight_common/src/flatbuffer_wrappers/util.rs @@ -45,7 +45,7 @@ pub trait FlatbufferSerializable { fn serialize(&self, builder: &mut FlatBufferBuilder) -> FbFunctionCallResultArgs; } -/// Implementations for basic types below +// Implementations for basic types below impl FlatbufferSerializable for () { fn serialize(&self, builder: &mut FlatBufferBuilder) -> FbFunctionCallResultArgs { diff --git a/src/hyperlight_host/src/mem/layout.rs b/src/hyperlight_host/src/mem/layout.rs index 1c1faf561..2346e9205 100644 --- a/src/hyperlight_host/src/mem/layout.rs +++ b/src/hyperlight_host/src/mem/layout.rs @@ -462,8 +462,7 @@ impl SandboxMemoryLayout { // Get the number of pages needed for the PTs - let num_pages: usize = ((total_mapped_memory_size + AMOUNT_OF_MEMORY_PER_PT - 1) - / AMOUNT_OF_MEMORY_PER_PT) + let num_pages: usize = total_mapped_memory_size.div_ceil(AMOUNT_OF_MEMORY_PER_PT) + 3; // PML4, PDPT, PD num_pages * PAGE_SIZE_USIZE diff --git a/src/hyperlight_host/src/mem/mgr.rs b/src/hyperlight_host/src/mem/mgr.rs index 8569c99b3..4854d90ab 100644 --- a/src/hyperlight_host/src/mem/mgr.rs +++ b/src/hyperlight_host/src/mem/mgr.rs @@ -145,8 +145,7 @@ where let mem_size = usize::try_from(mem_size)?; - let num_pages: usize = - (mem_size + AMOUNT_OF_MEMORY_PER_PT - 1) / AMOUNT_OF_MEMORY_PER_PT; + let num_pages: usize = mem_size.div_ceil(AMOUNT_OF_MEMORY_PER_PT); // Create num_pages PT with 512 PTEs for p in 0..num_pages { diff --git a/src/hyperlight_host/src/metrics/mod.rs b/src/hyperlight_host/src/metrics/mod.rs index c08f30c94..5a5c6a2a3 100644 --- a/src/hyperlight_host/src/metrics/mod.rs +++ b/src/hyperlight_host/src/metrics/mod.rs @@ -152,7 +152,7 @@ mod tests { assert!( matches!( histogram_value, - metrics_util::debugging::DebugValue::Histogram(ref histogram) if histogram.len() == 1 + metrics_util::debugging::DebugValue::Histogram(histogram) if histogram.len() == 1 ), "Histogram metric does not match expected value" ); @@ -169,7 +169,7 @@ mod tests { assert!( matches!( histogram_value, - metrics_util::debugging::DebugValue::Histogram(ref histogram) if histogram.len() == 1 + metrics_util::debugging::DebugValue::Histogram(histogram) if histogram.len() == 1 ), "Histogram metric does not match expected value" ); @@ -196,7 +196,7 @@ mod tests { assert!( matches!( histogram_value, - metrics_util::debugging::DebugValue::Histogram(ref histogram) if histogram.len() == 1 + metrics_util::debugging::DebugValue::Histogram(histogram) if histogram.len() == 1 ), "Histogram metric does not match expected value" ); diff --git a/src/hyperlight_host/src/sandbox_state/transition.rs b/src/hyperlight_host/src/sandbox_state/transition.rs index 46f4eba01..48b808b02 100644 --- a/src/hyperlight_host/src/sandbox_state/transition.rs +++ b/src/hyperlight_host/src/sandbox_state/transition.rs @@ -100,7 +100,6 @@ impl TransitionMetadata for Noop where F: FnOnce(&mut MultiUseGuestCallContext) -> Result<()> + 'func, @@ -110,14 +109,14 @@ where cb: F, } -impl<'a, Cur: Sandbox, Next: Sandbox, F> TransitionMetadata - for MultiUseContextCallback<'a, Cur, F> +impl TransitionMetadata + for MultiUseContextCallback<'_, Cur, F> where F: FnOnce(&mut MultiUseGuestCallContext) -> Result<()>, { } -impl<'a, Cur: Sandbox, F> MultiUseContextCallback<'a, Cur, F> +impl MultiUseContextCallback<'_, Cur, F> where F: FnOnce(&mut MultiUseGuestCallContext) -> Result<()>, { From 00e6a1dcf0f1ce8a0ec5335c5c1f6e02d64e71d8 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 13:08:35 +0100 Subject: [PATCH 10/12] fix style edition to 2021 running rustfmt with edition 2024 creates a lot of noise Signed-off-by: Simon Davies --- rustfmt.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/rustfmt.toml b/rustfmt.toml index fdf2716ef..f4d36ed98 100644 --- a/rustfmt.toml +++ b/rustfmt.toml @@ -3,4 +3,5 @@ unstable_features = true # Cargo fmt now needs to be called with `cargo +nightly group_imports = "StdExternalCrate" # create three groups for std, external and local crates # Merge imports from the same module # See: https://rust-lang.github.io/rustfmt/?version=v1.4.38&search=#imports_granularity -imports_granularity = "Module" \ No newline at end of file +imports_granularity = "Module" +style_edition = "2021" From b59234b6a0870f480bcd5d424b6cf010752f7433 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Wed, 28 May 2025 13:09:21 +0100 Subject: [PATCH 11/12] fmt changes Signed-off-by: Simon Davies --- src/hyperlight_guest/build.rs | 4 +- src/hyperlight_guest/src/entrypoint.rs | 26 ++++---- src/hyperlight_guest/src/exceptions/gdt.rs | 46 ++++++------- src/hyperlight_guest/src/exceptions/idtr.rs | 34 +++++----- .../src/guest_function_call.rs | 3 +- .../src/host_function_call.rs | 8 ++- src/hyperlight_guest/src/memory.rs | 64 +++++++++---------- src/hyperlight_guest/src/print.rs | 58 +++++++++-------- src/hyperlight_host/src/mem/layout.rs | 3 +- src/hyperlight_host/src/mem/ptr_offset.rs | 9 ++- 10 files changed, 133 insertions(+), 122 deletions(-) diff --git a/src/hyperlight_guest/build.rs b/src/hyperlight_guest/build.rs index aa031a266..e0dc906fb 100644 --- a/src/hyperlight_guest/build.rs +++ b/src/hyperlight_guest/build.rs @@ -104,9 +104,9 @@ fn cargo_main() { } if cfg!(windows) { - unsafe {env::set_var("AR_x86_64_unknown_none", "llvm-ar")}; + unsafe { env::set_var("AR_x86_64_unknown_none", "llvm-ar") }; } else { - unsafe {env::set_var("AR_x86_64_pc_windows_msvc", "llvm-lib")}; + unsafe { env::set_var("AR_x86_64_pc_windows_msvc", "llvm-lib") }; } cfg.compile("hyperlight_guest"); diff --git a/src/hyperlight_guest/src/entrypoint.rs b/src/hyperlight_guest/src/entrypoint.rs index 2221ad4a0..a8a3bc67b 100644 --- a/src/hyperlight_guest/src/entrypoint.rs +++ b/src/hyperlight_guest/src/entrypoint.rs @@ -49,22 +49,24 @@ pub fn abort_with_code(code: &[u8]) -> ! { /// /// # Safety /// This function is unsafe because it dereferences a raw pointer. -pub unsafe fn abort_with_code_and_message(code: &[u8], message_ptr: *const c_char) -> ! { unsafe { - // Step 1: Send abort code (typically 1 byte, but `code` allows flexibility) - outb(OutBAction::Abort as u16, code); +pub unsafe fn abort_with_code_and_message(code: &[u8], message_ptr: *const c_char) -> ! { + unsafe { + // Step 1: Send abort code (typically 1 byte, but `code` allows flexibility) + outb(OutBAction::Abort as u16, code); - // Step 2: Convert the C string to bytes - let message_bytes = CStr::from_ptr(message_ptr).to_bytes(); // excludes null terminator + // Step 2: Convert the C string to bytes + let message_bytes = CStr::from_ptr(message_ptr).to_bytes(); // excludes null terminator - // Step 3: Send the message itself in chunks - outb(OutBAction::Abort as u16, message_bytes); + // Step 3: Send the message itself in chunks + outb(OutBAction::Abort as u16, message_bytes); - // Step 4: Send abort terminator to signal completion (e.g., 0xFF) - outb(OutBAction::Abort as u16, &[0xFF]); + // Step 4: Send abort terminator to signal completion (e.g., 0xFF) + outb(OutBAction::Abort as u16, &[0xFF]); - // This function never returns - unreachable!() -}} + // This function never returns + unreachable!() + } +} unsafe extern "C" { fn hyperlight_main(); diff --git a/src/hyperlight_guest/src/exceptions/gdt.rs b/src/hyperlight_guest/src/exceptions/gdt.rs index 77e3e3ac3..34150ebd0 100644 --- a/src/hyperlight_guest/src/exceptions/gdt.rs +++ b/src/hyperlight_guest/src/exceptions/gdt.rs @@ -72,26 +72,28 @@ struct GdtPointer { } /// Load the GDT -pub unsafe fn load_gdt() { unsafe { - let gdt_ptr = GdtPointer { - size: (core::mem::size_of::<[GdtEntry; 3]>() - 1) as u16, - base: addr_of!(GDT) as *const _ as u64, - }; +pub unsafe fn load_gdt() { + unsafe { + let gdt_ptr = GdtPointer { + size: (core::mem::size_of::<[GdtEntry; 3]>() - 1) as u16, + base: addr_of!(GDT) as *const _ as u64, + }; - asm!( - "lgdt [{0}]", - "mov ax, 0x10", // Load data segment registers - "mov ds, ax", - "mov es, ax", - "mov fs, ax", - "mov gs, ax", - "mov ss, ax", - "push 0x08", // Push CS (kernel code segment) - "lea rax, [2f + rip]", // Load the next instruction's address - "push rax", // Push address onto stack - "retfq", // Far return to update CS - "2:", // Label for continued execution - in(reg) &gdt_ptr, - options(nostack, preserves_flags) - ); -}} + asm!( + "lgdt [{0}]", + "mov ax, 0x10", // Load data segment registers + "mov ds, ax", + "mov es, ax", + "mov fs, ax", + "mov gs, ax", + "mov ss, ax", + "push 0x08", // Push CS (kernel code segment) + "lea rax, [2f + rip]", // Load the next instruction's address + "push rax", // Push address onto stack + "retfq", // Far return to update CS + "2:", // Label for continued execution + in(reg) &gdt_ptr, + options(nostack, preserves_flags) + ); + } +} diff --git a/src/hyperlight_guest/src/exceptions/idtr.rs b/src/hyperlight_guest/src/exceptions/idtr.rs index b872392e6..47ea727d1 100644 --- a/src/hyperlight_guest/src/exceptions/idtr.rs +++ b/src/hyperlight_guest/src/exceptions/idtr.rs @@ -16,20 +16,24 @@ impl Idtr { self.base = base; } - pub unsafe fn load(&self) { unsafe { - core::arch::asm!("lidt [{}]", in(reg) self, options(readonly, nostack, preserves_flags)); - }} + pub unsafe fn load(&self) { + unsafe { + core::arch::asm!("lidt [{}]", in(reg) self, options(readonly, nostack, preserves_flags)); + } + } } -pub(crate) unsafe fn load_idt() { unsafe { - init_idt(); - - let idt_size = 256 * size_of::(); - let expected_base = addr_of!(IDT) as *const _ as u64; - - // Use &raw mut to get a mutable raw pointer, then dereference it - // this is to avoid the clippy warning "shared reference to mutable static" - let idtr = &mut *(&raw mut IDTR); - idtr.init(expected_base, idt_size as u16); - idtr.load(); -}} +pub(crate) unsafe fn load_idt() { + unsafe { + init_idt(); + + let idt_size = 256 * size_of::(); + let expected_base = addr_of!(IDT) as *const _ as u64; + + // Use &raw mut to get a mutable raw pointer, then dereference it + // this is to avoid the clippy warning "shared reference to mutable static" + let idtr = &mut *(&raw mut IDTR); + idtr.init(expected_base, idt_size as u16); + idtr.load(); + } +} diff --git a/src/hyperlight_guest/src/guest_function_call.rs b/src/hyperlight_guest/src/guest_function_call.rs index 1311fedbf..31b1c163a 100644 --- a/src/hyperlight_guest/src/guest_function_call.rs +++ b/src/hyperlight_guest/src/guest_function_call.rs @@ -45,7 +45,8 @@ pub(crate) fn call_guest_function(function_call: FunctionCall) -> Result // Find the function definition for the function call. // Use &raw const to get an immutable reference to the static HashMap // this is to avoid the clippy warning "shared reference to mutable static" - if let Some(registered_function_definition) = unsafe { (*(&raw const REGISTERED_GUEST_FUNCTIONS)).get(&function_call.function_name) } + if let Some(registered_function_definition) = + unsafe { (*(&raw const REGISTERED_GUEST_FUNCTIONS)).get(&function_call.function_name) } { let function_call_parameter_types: Vec = function_call .parameters diff --git a/src/hyperlight_guest/src/host_function_call.rs b/src/hyperlight_guest/src/host_function_call.rs index f9094b956..6857ed70f 100644 --- a/src/hyperlight_guest/src/host_function_call.rs +++ b/src/hyperlight_guest/src/host_function_call.rs @@ -107,9 +107,11 @@ pub fn outb(port: u16, data: &[u8]) { } } -pub(crate) unsafe fn out32(port: u16, val: u32) { unsafe { - arch::asm!("out dx, eax", in("dx") port, in("eax") val, options(preserves_flags, nomem, nostack)); -}} +pub(crate) unsafe fn out32(port: u16, val: u32) { + unsafe { + arch::asm!("out dx, eax", in("dx") port, in("eax") val, options(preserves_flags, nomem, nostack)); + } +} /// Prints a message using `OutBAction::DebugPrint`. It transmits bytes of a message /// through several VMExists and, with such, it is slower than diff --git a/src/hyperlight_guest/src/memory.rs b/src/hyperlight_guest/src/memory.rs index 4e296972b..af22ec024 100644 --- a/src/hyperlight_guest/src/memory.rs +++ b/src/hyperlight_guest/src/memory.rs @@ -82,9 +82,9 @@ unsafe fn alloc_helper(size: usize, zero: bool) -> *mut c_void { /// # Safety /// The returned pointer must be freed with `memory::free` when it is no longer needed, otherwise memory will leak. #[unsafe(no_mangle)] -pub unsafe extern "C" fn malloc(size: usize) -> *mut c_void { unsafe { - alloc_helper(size, false) -}} +pub unsafe extern "C" fn malloc(size: usize) -> *mut c_void { + unsafe { alloc_helper(size, false) } +} /// Allocates a block of memory for an array of `nmemb` elements, each of `size` bytes. /// The memory is initialized to 0s. @@ -92,13 +92,15 @@ pub unsafe extern "C" fn malloc(size: usize) -> *mut c_void { unsafe { /// # Safety /// The returned pointer must be freed with `memory::free` when it is no longer needed, otherwise memory will leak. #[unsafe(no_mangle)] -pub unsafe extern "C" fn calloc(nmemb: usize, size: usize) -> *mut c_void { unsafe { - let total_size = nmemb - .checked_mul(size) - .expect("nmemb * size should not overflow in calloc"); +pub unsafe extern "C" fn calloc(nmemb: usize, size: usize) -> *mut c_void { + unsafe { + let total_size = nmemb + .checked_mul(size) + .expect("nmemb * size should not overflow in calloc"); - alloc_helper(total_size, true) -}} + alloc_helper(total_size, true) + } +} /// Frees the memory block pointed to by `ptr`. /// @@ -124,39 +126,37 @@ pub unsafe extern "C" fn free(ptr: *mut c_void) { pub unsafe extern "C" fn realloc(ptr: *mut c_void, size: usize) -> *mut c_void { if ptr.is_null() { // If the pointer is null, treat as a malloc - return unsafe {malloc(size)}; + return unsafe { malloc(size) }; } if size == 0 { // If the size is 0, treat as a free and return null - unsafe { - free(ptr); + unsafe { + free(ptr); } return ptr::null_mut(); } - - let total_new_size = size - .checked_add(size_of::()) - .expect("data and layout size should not overflow in realloc"); + let total_new_size = size + .checked_add(size_of::()) + .expect("data and layout size should not overflow in realloc"); - let block_start = unsafe { (ptr as *const Layout).sub(1) }; - let old_layout = unsafe { block_start.read() }; - let new_layout = Layout::from_size_align(total_new_size, MAX_ALIGN).unwrap(); + let block_start = unsafe { (ptr as *const Layout).sub(1) }; + let old_layout = unsafe { block_start.read() }; + let new_layout = Layout::from_size_align(total_new_size, MAX_ALIGN).unwrap(); - let new_block_start = - unsafe {alloc::alloc::realloc(block_start as *mut u8, old_layout, total_new_size)} - as *mut Layout; + let new_block_start = + unsafe { alloc::alloc::realloc(block_start as *mut u8, old_layout, total_new_size) } + as *mut Layout; - if new_block_start.is_null() { - // Realloc failed - abort_with_code(&[ErrorCode::MallocFailed as u8]); - } else { - // Update the stored Layout, then return ptr to memory right after the Layout. - unsafe { - new_block_start.write(new_layout); - new_block_start.add(1) as *mut c_void - } + if new_block_start.is_null() { + // Realloc failed + abort_with_code(&[ErrorCode::MallocFailed as u8]); + } else { + // Update the stored Layout, then return ptr to memory right after the Layout. + unsafe { + new_block_start.write(new_layout); + new_block_start.add(1) as *mut c_void } - + } } diff --git a/src/hyperlight_guest/src/print.rs b/src/hyperlight_guest/src/print.rs index ebe5a571d..c73ae6beb 100644 --- a/src/hyperlight_guest/src/print.rs +++ b/src/hyperlight_guest/src/print.rs @@ -33,37 +33,39 @@ static mut MESSAGE_BUFFER: Vec = Vec::new(); /// This function is not thread safe #[unsafe(no_mangle)] #[allow(static_mut_refs)] -pub unsafe extern "C" fn _putchar(c: c_char) { unsafe { - let char = c as u8; +pub unsafe extern "C" fn _putchar(c: c_char) { + unsafe { + let char = c as u8; - // Extend buffer capacity if it's empty (like `with_capacity` in lazy_static). - // TODO: replace above Vec::new() with Vec::with_capacity once it's stable in const contexts. - if MESSAGE_BUFFER.capacity() == 0 { - MESSAGE_BUFFER.reserve(BUFFER_SIZE); - } + // Extend buffer capacity if it's empty (like `with_capacity` in lazy_static). + // TODO: replace above Vec::new() with Vec::with_capacity once it's stable in const contexts. + if MESSAGE_BUFFER.capacity() == 0 { + MESSAGE_BUFFER.reserve(BUFFER_SIZE); + } - MESSAGE_BUFFER.push(char); + MESSAGE_BUFFER.push(char); - if MESSAGE_BUFFER.len() == BUFFER_SIZE || char == b'\0' { - let str = if char == b'\0' { - CStr::from_bytes_until_nul(&MESSAGE_BUFFER) - .expect("No null byte in buffer") - .to_string_lossy() - .into_owned() - } else { - String::from_utf8(mem::take(&mut MESSAGE_BUFFER)) - .expect("Failed to convert buffer to string") - }; + if MESSAGE_BUFFER.len() == BUFFER_SIZE || char == b'\0' { + let str = if char == b'\0' { + CStr::from_bytes_until_nul(&MESSAGE_BUFFER) + .expect("No null byte in buffer") + .to_string_lossy() + .into_owned() + } else { + String::from_utf8(mem::take(&mut MESSAGE_BUFFER)) + .expect("Failed to convert buffer to string") + }; - // HostPrint returns an i32, but we don't care about the return value - let _ = call_host_function::( - "HostPrint", - Some(Vec::from(&[ParameterValue::String(str)])), - ReturnType::Int, - ) - .expect("Failed to call HostPrint"); + // HostPrint returns an i32, but we don't care about the return value + let _ = call_host_function::( + "HostPrint", + Some(Vec::from(&[ParameterValue::String(str)])), + ReturnType::Int, + ) + .expect("Failed to call HostPrint"); - // Clear the buffer after sending - MESSAGE_BUFFER.clear(); + // Clear the buffer after sending + MESSAGE_BUFFER.clear(); + } } -}} +} diff --git a/src/hyperlight_host/src/mem/layout.rs b/src/hyperlight_host/src/mem/layout.rs index 2346e9205..08c0bab55 100644 --- a/src/hyperlight_host/src/mem/layout.rs +++ b/src/hyperlight_host/src/mem/layout.rs @@ -462,8 +462,7 @@ impl SandboxMemoryLayout { // Get the number of pages needed for the PTs - let num_pages: usize = total_mapped_memory_size.div_ceil(AMOUNT_OF_MEMORY_PER_PT) - + 3; // PML4, PDPT, PD + let num_pages: usize = total_mapped_memory_size.div_ceil(AMOUNT_OF_MEMORY_PER_PT) + 3; // PML4, PDPT, PD num_pages * PAGE_SIZE_USIZE } diff --git a/src/hyperlight_host/src/mem/ptr_offset.rs b/src/hyperlight_host/src/mem/ptr_offset.rs index bf9daf92f..9a3f3df27 100644 --- a/src/hyperlight_host/src/mem/ptr_offset.rs +++ b/src/hyperlight_host/src/mem/ptr_offset.rs @@ -201,11 +201,10 @@ impl Sub for u64 { impl PartialEq for Offset { #[instrument(skip_all, parent = Span::current(), level= "Trace")] fn eq(&self, other: &usize) -> bool { - match usize::try_from(self) { Ok(offset_usize) => { - offset_usize == *other - } _ => { - false - }} + match usize::try_from(self) { + Ok(offset_usize) => offset_usize == *other, + _ => false, + } } } From 3f6e9b9e0e94ced74f927edf9c6f1200a5b73558 Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Thu, 29 May 2025 10:10:39 +0100 Subject: [PATCH 12/12] Fix clippy issue on windows Signed-off-by: Simon Davies --- src/hyperlight_host/src/hypervisor/hyperv_windows.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/hyperlight_host/src/hypervisor/hyperv_windows.rs b/src/hyperlight_host/src/hypervisor/hyperv_windows.rs index abc2b77cf..4a4ba591f 100644 --- a/src/hyperlight_host/src/hypervisor/hyperv_windows.rs +++ b/src/hyperlight_host/src/hypervisor/hyperv_windows.rs @@ -131,7 +131,7 @@ impl HypervWindowsDriver { WHV_REGISTER_VALUE { Segment: WHV_X64_SEGMENT_REGISTER { Anonymous: WHV_X64_SEGMENT_REGISTER_0 { - Attributes: 0b1011 | 1 << 4 | 1 << 7 | 1 << 13, // Type (11: Execute/Read, accessed) | L (64-bit mode) | P (present) | S (code segment) + Attributes: 0b1011 | (1 << 4) | (1 << 7) | (1 << 13), // Type (11: Execute/Read, accessed) | L (64-bit mode) | P (present) | S (code segment) }, ..Default::default() // zero out the rest },