Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 251d7fb0 authored by Andrew Walbran's avatar Andrew Walbran Committed by Gerrit Code Review
Browse files

Merge changes Ib38b115b,I13fc1bc4 into main 

* changes:
  Add safety comments and TODO.
  Add safety comments, or temporarily allow them to be omitted.
parents d985b532 acaf7ac1

system/gd/rust/common/src/bridge.rs

+1 −0
Original line number Diff line number Diff line
@@ -2,6 +2,7 @@ 


pub use crate::parameter_provider::*;



#[allow(unsafe_op_in_unsafe_fn)]

#[cxx::bridge(namespace = "bluetooth::fake_bluetooth_keystore")]

/// ffi extern module

pub mod ffi {

system/gd/rust/common/src/parameter_provider.rs

+4 −0
Original line number Diff line number Diff line
@@ -18,7 +18,11 @@ pub struct ParameterProvider { 
    lock: Mutex<i32>,

}



// SAFETY: Nothing about `BluetoothKeystoreInterface` is bound to a specific thread, and all other

// fields are `Send`.

unsafe impl Send for ParameterProvider {}



// SAFETY: Nothing about `BluetoothKeystoreInterface` is bound to a specific thread.

unsafe impl Send for BluetoothKeystoreInterface {}



impl ParameterProvider {

system/gd/rust/facade/src/main.rs

+10 −2
Original line number Diff line number Diff line
@@ -13,7 +13,8 @@ use std::sync::{Arc, Mutex}; 
use tokio::runtime::Runtime;



fn main() {

    let sigint = install_sigint();

    // SAFETY: There is no signal handler installed before this.

    let sigint = unsafe { install_sigint() };

    bt_common::init_logging();

    let rt = Arc::new(Runtime::new().unwrap());

    rt.block_on(async_main(Arc::clone(&rt), sigint));
@@ -70,7 +71,10 @@ async fn async_main(rt: Arc<Runtime>, mut sigint: mpsc::UnboundedReceiver<()>) { 
}



// TODO: remove as this is a temporary nix-based hack to catch SIGINT

fn install_sigint() -> mpsc::UnboundedReceiver<()> {

/// # Safety

///

/// The old signal handler, if any, must be installed correctly.

unsafe fn install_sigint() -> mpsc::UnboundedReceiver<()> {

    let (tx, rx) = mpsc::unbounded();

    *SIGINT_TX.lock().unwrap() = Some(tx);
@@ -79,6 +83,10 @@ fn install_sigint() -> mpsc::UnboundedReceiver<()> { 
        signal::SaFlags::empty(),

        signal::SigSet::empty(),

    );

    // SAFETY: The caller guarantees that the old signal handler was installed correctly.

    // TODO(b/292218119): Make sure `handle_sigint` only makes system calls that are safe for signal

    // handlers, and only accesses global state through atomics. In particular, it must not take any

    // shared locks.

    unsafe {

        signal::sigaction(signal::SIGINT, &sig_action).unwrap();

    }

system/gd/rust/shim/src/init_flags.rs

+1 −0
Original line number Diff line number Diff line 
#[cxx::bridge(namespace = bluetooth::common::init_flags)]

#[allow(unsafe_op_in_unsafe_fn)]

mod ffi {

    struct InitFlagWithValue {

        flag: &'static str,

system/gd/rust/stack/src/hal/hidl_hal.rs

+1 −0
Original line number Diff line number Diff line
@@ -43,6 +43,7 @@ async fn provide_hidl_hal(rt: Arc<Runtime>) -> RawHal { 
#[cxx::bridge(namespace = bluetooth::hal)]

// TODO Either use or remove these functions, this shouldn't be the long term state

#[allow(dead_code)]

#[allow(unsafe_op_in_unsafe_fn)]

mod ffi {

    unsafe extern "C++" {

        include!("src/hal/ffi/hidl.h");