summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-01-08docs: Target tableJonathan Woollett-Light
2023-01-08Merge #1956bors[bot]
1956: fix: clippy::size_of_ref r=rtzoeller a=JonathanWoollett-Light Closes #1955 Co-authored-by: Jonathan <jonathanwoollettlight@gmail.com>
2022-12-31fix: clippy::size_of_refJonathan
2022-12-25Merge #1952bors[bot]
1952: fix: linux+mips+uclibc unreachable pattern r=asomers a=cppcoffee Signed-off-by: Xiaobo Liu <cppcoffee@gmail.com> Co-authored-by: Xiaobo Liu <cppcoffee@gmail.com>
2022-12-25fix: linux+mips+uclibc unreachable patternXiaobo Liu
Signed-off-by: Xiaobo Liu <cppcoffee@gmail.com>
2022-12-14Merge #1944bors[bot]
1944: Rework vsock test r=asomers a=stefano-garzarella We mainly provide VsockAddr, so let's try to test well that VsockAddr mapping to libc::sockaddr_vm is correct. Let's remove all interactions with the socket, since vsock may or may not be available in the environment. Testing socket(), bind(), listen(), connect(), etc. caused unexpected failures, and it's out of scope of this crate. So let's simplify the vsock test focussing on VsockAddr. This should work also on graviton, so let's try to re-enable it. Fixes #1934 Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Co-authored-by: Stefano Garzarella <sgarzare@redhat.com>
2022-12-14Rework vsock testStefano Garzarella
We mainly provide VsockAddr, so let's try to test well that VsockAddr mapping to libc::sockaddr_vm is correct. Let's remove all interactions with the socket, since vsock may or may not be available in the environment. Testing socket(), bind(), listen(), connect(), etc. caused unexpected failures, and it's out of scope of this crate. So let's simplify the vsock test focussing on VsockAddr. This should work also on graviton, so let's try to re-enable it. Fixes #1934 Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
2022-12-14Merge #1912bors[bot]
1912: Added CANbus socket family protocol constants. r=asomers a=fpagliughi Added CANbus socket family protocol values for `CanRaw` and `CanBcm` Co-authored-by: fpagliughi <fpagliughi@mindspring.com>
2022-12-13Added CANbus socket family protocol constants.fpagliughi
2022-12-13Merge #1940bors[bot]
1940: feat: I/O safety for 'sys/select' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for module `sys/select`. Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-12feat: I/O safety for 'sys/select'Steve Lau
2022-12-11Merge #1923bors[bot]
1923: feat: I/O safety for 'sys/wait' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for `sys/wait` ---------- Actually, I am not sure about which type to use here: ```rust pub enum Id<'fd> { /// Wait for the child referred to by the given PID file descriptor #[cfg(any(target_os = "android", target_os = "linux"))] PIDFd(RawFd), PIDFd(BorrowedFd<'fd>), } ``` If we use `Fd: AsFd` ```rust pub enum Id<'fd, Fd: AsFd> { /// Wait for the child referred to by the given PID file descriptor #[cfg(any(target_os = "android", target_os = "linux"))] PIDFd(RawFd), PIDFd(&'fd Fd), } ``` then the user has to specify that generic type when using this interface, which is kinda user-unfriendly... ------ The typical usage of this interface will be something like: ```rust // Thought currently we don't have pidfd_open(2) in `Nix` let fd_referring_to_a_process: OwnedFd = pidfd_open().unwrap(); let status = waitid(Id::PIDFd(fd_referring_to_a_process), WaitPidFlag::XXXX).unwrap(); ``` UPDATE: `pidfd_open(2)` will be added in #1859 or #1868 . Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-11Merge #1928 #1938bors[bot]
1928: feat: I/O safety for 'sys/memfd' & 'sys/event' & 'sys/eventfd' r=asomers a=SteveLauC #### What this PR does: Adds I/O safety for moduels: 1. `sys/memfd` 2. `sys/event` 3. `sys/eventfd` ----- BYW, I called `rustfmt` on these 4 files, which introduces some noise, sorry about this. 1938: Deprecate the signalfd function. r=asomers a=asomers The SignalFd type is just as capable and easier to use. CC `@JonathanWoollett-Light` Co-authored-by: Steve Lau <stevelauc@outlook.com> Co-authored-by: Alan Somers <asomers@gmail.com>
2022-12-11Merge #1937bors[bot]
1937: feat: I/O safety for 'poll' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for module `poll`. Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-11feat: I/O safety for 'sys/poll'Steve Lau
2022-12-11feat: I/O safety for 'sys/wait'Steve Lau
2022-12-11feat: I/O safety for 'sys/memfd' & 'sys/event' & 'sys/eventfd'Steve Lau
2022-12-10Deprecate the signalfd function.Alan Somers
The SignalFd type is just as capable and easier to use.
2022-12-10Merge #1874bors[bot]
1874: signalfd optional file descriptor r=asomers a=JonathanWoollett-Light [`sys::signalfd::signalfd`](https://docs.rs/nix/latest/nix/sys/signalfd/fn.signalfd.html) currently takes a `RawFd` for its `fd` argument. Considering from [the documentation](https://man7.org/linux/man-pages/man2/signalfd.2.html): > If the fd argument is -1, then the call creates a new file descriptor and associates the signal set specified in mask with that file descriptor. If fd is not -1, then it must specify a valid existing signalfd file descriptor, and mask is used to replace the signal set associated with that file descriptor. We can better pass the argument as `Option<BorrowedFd>` which encodes the optional nature of this parameter in an option rather than the value being -1 (invalid) (`size_of::<Option<BorrowedFd>>() == size_of::<RawFd>() == 4`). This removes the error case where `fd < -1`. > EBADF The fd file descriptor is not a valid file descriptor. This does however require additional changes to produce a cohesive implementation, notably changing the type within `Signal` from `RawFd` to `ManuallyDrop<OwnedFd>`, this has no functional affect, but illustrates ownership and allows the type to more easily produce `BorrowedFd`s. To use [`BorrowedFd`](https://doc.rust-lang.org/stable/std/os/unix/io/struct.BorrowedFd.html) requires updating the MSRV to `>= 1.63.0` Co-authored-by: Jonathan <jonathanwoollettlight@gmail.com>
2022-12-10Merge #1935bors[bot]
1935: Formatting only changes for #1928 and #1863 r=asomers a=SUPERCILEX Co-authored-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-12-10signalfd optional file descriptorJonathan
2022-12-09Formatting only changes for #1928 and #1863Alex Saveau
Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-12-09Merge #1913 #1926 #1927 #1931 #1933bors[bot]
1913: feat: I/O safety for 'sys/inotify' r=asomers a=SteveLauC #### What this PR does: 1. Changes the `fd` field of `struct Inotify` from `RawFd` to `OwnedFd` 2. Changes the interfaces of functions in the `impl Inotify {}` > The type of `self` changes from `Self` to `&mut Self`. From: ```rust pub fn add_watch<P: ?Sized + NixPath>( self, path: &P, mask: AddWatchFlags, ) -> Result<WatchDescriptor> pub fn rm_watch(self, wd: WatchDescriptor) -> Result<()> pub fn read_events(self) -> Result<Vec<InotifyEvent>> ``` To: ```rust pub fn add_watch<P: ?Sized + NixPath>( &mut self, path: &P, mask: AddWatchFlags, ) -> Result<WatchDescriptor> pub fn rm_watch(&mut self, wd: WatchDescriptor) -> Result<()> pub fn read_events(&mut self) -> Result<Vec<InotifyEvent>> ``` In the previous implementation, these functions can take `self` by value as `struct Inotify` [was `Copy`](https://docs.rs/nix/latest/nix/sys/inotify/struct.Inotify.html#impl-Copy-for-Inotify). With the changes in `1` applied, `struct Inotify` is no longer `Copy`, so we have to take `self` by reference. ------- Blocks until the merge of #1863 as this PR needs `read(2)` to be I/O-safe. 1926: feat: I/O safety for 'sys/sendfile' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for module `sys/sendfile`. 1927: feat: I/O safety for 'sys/statvfs' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for module `sys/statvfs`. 1931: feat: I/O safety for 'sys/uid' & 'sched' r=asomers a=SteveLauC #### What this PR does: Adds I/O safety for modules: 1. `sys/uio` 2. `sched` 1933: feat: I/O safety for 'sys/timerfd' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for module `sys/timerfd`. Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-09Merge #1932bors[bot]
1932: refactor: take `AsFd` by value r=asomers a=SteveLauC #### What this PR does 1. Changes the `fd` type to take `AsFd` by value for the I/O safety PRs that are merged. * #1916 * #1919 * #1921 * #1922 Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-09feat: I/O safety for 'sys/timerfd'Steve Lau
2022-12-09feat: I/O safety for 'sys/inotify'Steve Lau
2022-12-09feat: I/O safety for 'sys/sendfile'Steve Lau
2022-12-09feat: I/O safety for 'sys/uid' & 'sched'Steve Lau
2022-12-09feat: I/O safety for 'sys/statvfs'Steve Lau
2022-12-09fixSteve Lau
2022-12-09refactor: take AsFd by valueSteve Lau
2022-12-08Merge #1921bors[bot]
1921: feat: I/O safety for 'sys/termios' & 'pty' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for modules `sys/termios` and `pty` ------ #### Known Problems: 1. [Double free issue on `PtyMaster`](https://github.com/nix-rust/nix/issues/659) I have changed the `RawFd` in `PtyMaster` to `OwnedFd` in this PR, with this change, the double-free issue still exists, see this test code snippet (From [this comment](https://github.com/nix-rust/nix/issues/659#issuecomment-315544022)) ```rust use std::io::prelude::*; use std::os::unix::io::AsRawFd; fn main() { let mut f = { let m = nix::pty::posix_openpt(nix::fcntl::OFlag::O_RDWR).unwrap(); // get fd 3 nix::unistd::close(m.as_raw_fd()).unwrap(); // close fd 3 std::fs::File::create("foo").unwrap() // get fd 3 again }; // m goes out of scope, `drop(OwnedFd)`, fd 3 closed f.write("whatever".as_bytes()).unwrap(); // EBADF } ``` I have tested this code with `nix 0.26.1`, and I am still getting `EBADF`, which means the current impl does not prevent this problem either. ```shell $ cat Cargo.toml | grep nix nix = "0.26.1" $ cargo r -q thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Os { code: 9, kind: Uncategorized, message: "Bad file descriptor" }', src/main.rs:10:36 ``` If we still wanna the drop of `PtyMaster` panic when the internal `fd` is invalid as we did in #677, then we have to revert the changes to use `RawFd` and manually impl `Drop`. 2. Some trait implementations for some types are removed * `struct OpenptyResult`: 1. PartialEq 2. Eq 3. Hash 4. Clone * `struct ForkptyResult`: 1. Clone * `struct PtyMaster`: 1. PartialEq 2. Eq 3. Hash In the previous implementation, these trait impls are `#[derive()]`ed, due to the type change to `OwnedFd`, we can no longer derive them. Should we manually implement them? I kinda think we should at least impl `PartialEq` and `Eq` for `OpenptyResult` and `PtyMaster`. ----- #### Some Clarifications that may help code review 1. For the basic `fd`-related syscall like `read(2)`, `write(2)` and `fcntl(2)` , I am still using the old `RawFd` interfaces, as they will be covered in other PRs. 2. Two helper functions 1. `write_all()` in `test/sys/test_termios.rs`: ```rust /// Helper function analogous to `std::io::Write::write_all`, but for `RawFd`s fn write_all(f: RawFd, buf: &[u8]) { /// Helper function analogous to `std::io::Write::write_all`, but for `Fd`s fn write_all<Fd: AsFd>(f: &Fd, buf: &[u8]) { let mut len = 0; while len < buf.len() { len += write(f, &buf[len..]).unwrap(); len += write(f.as_fd().as_raw_fd(), &buf[len..]).unwrap(); } } ``` 2. `read_exact()` in `test/test.rs`: ```rust /// Helper function analogous to `std::io::Read::read_exact`, but for `RawFD`s fn read_exact(f: RawFd, buf: &mut [u8]) { /// Helper function analogous to `std::io::Read::read_exact`, but for `Fd`s fn read_exact<Fd: AsFd>(f: &Fd, buf: &mut [u8]) { let mut len = 0; while len < buf.len() { // get_mut would be better than split_at_mut, but it requires nightly let (_, remaining) = buf.split_at_mut(len); len += read(f, remaining).unwrap(); len += read(f.as_fd().as_raw_fd(), remaining).unwrap(); } } ``` I have added I/O safety for them, but it actually does not matter whether they use `Fd: AsFd` or `RawFd`. So feel free to ask me to discard these changes if you guys don't like it. Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-08feat: I/O safety for 'sys/termios' & 'pty'Steve Lau
2022-12-08Merge #1922bors[bot]
1922: feat: I/O safety for 'kmod' r=asomers a=SteveLauC #### What this PR does: 1. Adds I/O safety for module `kmod`. Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-07feat: I/O safety for 'kmod'Steve Lau
2022-12-06Merge #1916bors[bot]
1916: Use I/O safety in sys::mman r=rtzoeller a=asomers Co-authored-by: Alan Somers <asomers@gmail.com>
2022-12-06Merge #1882bors[bot]
1882: Epoll type r=asomers a=JonathanWoollett-Light Epoll can be most safely used as a type. This implement a type `Epoll` which supports this. Co-authored-by: Jonathan <jonathanwoollettlight@gmail.com>
2022-12-06Merge #1919bors[bot]
1919: feat: I/O safety for 'sys/statfs' r=asomers a=SteveLauC ### What this PR does: 1. Adds I/O safety for module `sys/statfs`. This PR is pretty small as all we need to do is to change the interface of `fstatfs(2)`: from: ```rust pub fn fstatfs<T: AsRawFd>(fd: &T) -> Result<Statfs> ``` to: ```rust pub fn fstatfs<Fd: AsFd>(fd: &Fd) -> Result<Statfs> ``` ------ ~Besides from the changes in module `sys/statfs`, there are two extra places where care needs to be taken:~ ```shell $ cd nix # Search for the usage of `fstatfs(2)` in `nix` $ rg "fstatfs\(" test/test_fcntl.rs 386: let statfs = nix::sys::statfs::fstatfs(&tmp).unwrap(); 424: let statfs = nix::sys::statfs::fstatfs(&tmp).unwrap(); CHANGELOG.md 849:- Now functions `statfs()` and `fstatfs()` return result with `Statfs` wrapper src/sys/statfs.rs 769: check_fstatfs("/tmp"); 770: check_fstatfs("/dev"); 771: check_fstatfs("/run"); 772: check_fstatfs("/"); 775: fn check_fstatfs(path: &str) { 781: let fs = fstatfs(&file).unwrap(); 830: let fs = fstatfs(&file); ``` ~As you can see, `fstatfs(2)` is used in the tests in `test/test_fcntl.rs`:~ ```rust // Test code that involves `fstatfs(2)` let tmp: NamedTempFile = NamedTempFile::new().unwrap(); let fd = tmp.as_raw_fd(); let statfs = nix::sys::statfs::fstatfs(&tmp).unwrap(); ``` ~`tmp` is of type [`NamedTempFile`](https://docs.rs/tempfile/latest/tempfile/struct.NamedTempFile.html), which does not implement `AsFd` in the current implementation of `tempfile`, but the implementation should be easy as it contains `std::fs::File` internally:~ ```rust pub struct NamedTempFile { path: TempPath, file: File, } ``` ~So I am thinking about making a PR to `tempfile` to make `NamedTempFile` `AsFd`, any thoughts on this?~ Co-authored-by: Steve Lau <stevelauc@outlook.com>
2022-12-06Merge #1918bors[bot]
1918: Update CI environment to FreeBSD 12.4 r=rtzoeller a=asomers Co-authored-by: Alan Somers <asomers@gmail.com>
2022-12-06feat: I/O safety for 'sys/statfs'Steve Lau
2022-12-05Update CI environment to FreeBSD 12.4Alan Somers
2022-12-05Use I/O safety in sys::mmanAlan Somers
2022-12-05Merge #1911bors[bot]
1911: Cleanup old Clippy directives. r=rtzoeller a=asomers Co-authored-by: Alan Somers <asomers@gmail.com>
2022-12-04Cleanup old Clippy directives.Alan Somers
2022-12-04EpollJonathan
2022-12-04Merge #1862bors[bot]
1862: Bump MSRV to 1.63 for I/O safety r=asomers a=SUPERCILEX Prep for https://github.com/nix-rust/nix/issues/1750 Co-authored-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-12-04Tweak cirrus rust versionsAlex Saveau
Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-12-04Fix clippy lintsAlex Saveau
Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-12-04Bump the edition since why notAlex Saveau
Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>
2022-12-04Bump MSRV to 1.63 for I/O safetyAlex Saveau
Signed-off-by: Alex Saveau <saveau.alexandre@gmail.com>