diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index ee79b5dff..d4191b5b2 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -48,7 +48,7 @@ RUN SNIPPET="export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhisto USER $USER -ARG RUST_TOOLCHAIN=1.86 +ARG RUST_TOOLCHAIN=1.89 # Install rust RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \ diff --git a/.github/workflows/Benchmarks.yml b/.github/workflows/Benchmarks.yml index d5ad18939..25b62de49 100644 --- a/.github/workflows/Benchmarks.yml +++ b/.github/workflows/Benchmarks.yml @@ -33,7 +33,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/CargoAudit.yml b/.github/workflows/CargoAudit.yml index 4c19c8a74..b38b7507d 100644 --- a/.github/workflows/CargoAudit.yml +++ b/.github/workflows/CargoAudit.yml @@ -19,8 +19,8 @@ jobs: # TODO: Once the runner image is updated to include the necessary tools (without downloading), we can switch to the common workflow. - uses: dtolnay/rust-toolchain@master with: - toolchain: "1.86" - + toolchain: "1.89" + - uses: rustsec/audit-check@v2.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/CargoPublish.yml b/.github/workflows/CargoPublish.yml index 0c4ad8304..7bebfb28c 100644 --- a/.github/workflows/CargoPublish.yml +++ b/.github/workflows/CargoPublish.yml @@ -34,8 +34,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" - + rust-toolchain: "1.89" - name: Check crate versions shell: bash run: | diff --git a/.github/workflows/CreateDevcontainerImage.yml b/.github/workflows/CreateDevcontainerImage.yml index 72b977f98..6716ef233 100644 --- a/.github/workflows/CreateDevcontainerImage.yml +++ b/.github/workflows/CreateDevcontainerImage.yml @@ -15,8 +15,8 @@ env: IMAGE_NAME: ${{ github.repository }}-devcontainer USER: vscode GROUP: vscode - LLVM_VERSION: 17 - RUST_TOOLCHAIN_DEFAULT: 1.86 + LLVM_VERSION: 18 + RUST_TOOLCHAIN_DEFAULT: 1.89 RUST_TOOLCHAIN_FILE: rust-toolchain.toml # There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu. diff --git a/.github/workflows/CreateRelease.yml b/.github/workflows/CreateRelease.yml index 07e8e6da2..64791b3f5 100644 --- a/.github/workflows/CreateRelease.yml +++ b/.github/workflows/CreateRelease.yml @@ -33,7 +33,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -54,7 +54,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -114,7 +114,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index e50e7792c..d1343bcc6 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -28,6 +28,6 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dep_build_guest_binaries.yml b/.github/workflows/dep_build_guest_binaries.yml index 9656f5702..5b20336ea 100644 --- a/.github/workflows/dep_build_guest_binaries.yml +++ b/.github/workflows/dep_build_guest_binaries.yml @@ -33,7 +33,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dep_fuzzing.yml b/.github/workflows/dep_fuzzing.yml index 4386cc58a..d4c4f2609 100644 --- a/.github/workflows/dep_fuzzing.yml +++ b/.github/workflows/dep_fuzzing.yml @@ -34,7 +34,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dep_rust.yml b/.github/workflows/dep_rust.yml index 25777ca43..ffa79aa8c 100644 --- a/.github/workflows/dep_rust.yml +++ b/.github/workflows/dep_rust.yml @@ -48,7 +48,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -100,7 +100,7 @@ jobs: - uses: hyperlight-dev/ci-setup-workflow@v1.8.0 with: - rust-toolchain: "1.86" + rust-toolchain: "1.89" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index dec76e560..2abe2940f 100644 --- a/.gitignore +++ b/.gitignore @@ -471,3 +471,4 @@ hyperlight_guest.h # gdb .gdbinit +trace/* diff --git a/Cargo.toml b/Cargo.toml index 8bccc53d3..dcf5f8f7b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -29,7 +29,7 @@ exclude = [ [workspace.package] version = "0.9.0" edition = "2024" -rust-version = "1.86" +rust-version = "1.88" license = "Apache-2.0" homepage = "https://github.com/hyperlight-dev/hyperlight" repository = "https://github.com/hyperlight-dev/hyperlight" diff --git a/Justfile b/Justfile index c0cedc8ea..9d7b62dfe 100644 --- a/Justfile +++ b/Justfile @@ -104,7 +104,7 @@ like-ci config=default-target hypervisor="kvm": {{ if os() == "linux" { "just clippy-exhaustive " + config } else { "" } }} @# Verify MSRV - ./dev/verify-msrv.sh hyperlight-host hyperlight-guest hyperlight-guest-bin hyperlight-common + ./dev/verify-msrv.sh hyperlight-common hyperlight-guest hyperlight-guest-bin hyperlight-host hyperlight-component-util hyperlight-component-macro hyperlight-guest-tracing-macro hyperlight-guest-tracing @# Build and move Rust guests just build-rust-guests {{config}} diff --git a/README.md b/README.md index eed169cfc..185cc5fdc 100644 --- a/README.md +++ b/README.md @@ -190,7 +190,7 @@ After having an environment with a hypervisor setup, running the example has the 1. On Linux or WSL, you'll most likely need build essential. For Ubuntu, run `sudo apt install build-essential`. For Azure Linux, run `sudo dnf install build-essential`. -2. [Rust](https://www.rust-lang.org/tools/install). Install toolchain v1.86 or later. +2. [Rust](https://www.rust-lang.org/tools/install). Install toolchain v1.89 or later. 3. [just](https://github.com/casey/just). `cargo install just` On Windows you also need [pwsh](https://learn.microsoft.com/en-us/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.4). 4. [clang and LLVM](https://clang.llvm.org/get_started.html). - On Ubuntu, run: diff --git a/rust-toolchain.toml b/rust-toolchain.toml index b8aa83f43..aec2748e0 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,5 +1,5 @@ [toolchain] -channel = "1.86" +channel = "1.89" # Target used for guest binaries. This is an additive list of targets in addition to host platform. # Will install the target if not already installed when building guest binaries. targets = ["x86_64-unknown-none", "x86_64-unknown-linux-musl"] diff --git a/src/hyperlight_common/src/clippy.toml b/src/hyperlight_common/src/clippy.toml index cda217749..05fdbf5a2 100644 --- a/src/hyperlight_common/src/clippy.toml +++ b/src/hyperlight_common/src/clippy.toml @@ -2,6 +2,4 @@ disallowed-macros = [ { path = "std::assert", reason = "no asserts in release builds" }, { path = "std::assert_eq", reason = "no asserts in release builds" }, { path = "std::assert_ne", reason = "no asserts in release builds" }, - { path = "std::assert_true", reason = "no asserts in release builds" }, - { path = "std::assert_false", reason = "no asserts in release builds" }, ] diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs index dba1ed055..6b03bb0cb 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/error_code_generated.rs @@ -124,7 +124,7 @@ impl<'a> flatbuffers::Follow<'a> for ErrorCode { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); + let b = unsafe { flatbuffers::read_scalar_at::(buf, loc) }; Self(b) } } @@ -133,7 +133,9 @@ impl flatbuffers::Push for ErrorCode { type Output = ErrorCode; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs index 17d31fa9f..786d6de98 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for FunctionCall<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } @@ -290,14 +290,14 @@ pub fn size_prefixed_root_as_function_call_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `FunctionCall`. pub unsafe fn root_as_function_call_unchecked(buf: &[u8]) -> FunctionCall { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed FunctionCall and returns it. /// # Safety /// Callers must trust the given bytes do indeed contain a valid size prefixed `FunctionCall`. pub unsafe fn size_prefixed_root_as_function_call_unchecked(buf: &[u8]) -> FunctionCall { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_function_call_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs index 8ff674e6c..9e7cddd15 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_result_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for FunctionCallResult<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } @@ -513,7 +513,7 @@ pub fn size_prefixed_root_as_function_call_result_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `FunctionCallResult`. pub unsafe fn root_as_function_call_result_unchecked(buf: &[u8]) -> FunctionCallResult { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed FunctionCallResult and returns it. @@ -522,7 +522,7 @@ pub unsafe fn root_as_function_call_result_unchecked(buf: &[u8]) -> FunctionCall pub unsafe fn size_prefixed_root_as_function_call_result_unchecked( buf: &[u8], ) -> FunctionCallResult { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_function_call_result_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs index 67edacdf9..84356d89a 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/function_call_type_generated.rs @@ -66,7 +66,7 @@ impl<'a> flatbuffers::Follow<'a> for FunctionCallType { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); + let b = unsafe { flatbuffers::read_scalar_at::(buf, loc) }; Self(b) } } @@ -75,7 +75,9 @@ impl flatbuffers::Push for FunctionCallType { type Output = FunctionCallType; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs index 57887a31b..24b76ea47 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_error_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for GuestError<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } @@ -192,14 +192,14 @@ pub fn size_prefixed_root_as_guest_error_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `GuestError`. pub unsafe fn root_as_guest_error_unchecked(buf: &[u8]) -> GuestError { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed GuestError and returns it. /// # Safety /// Callers must trust the given bytes do indeed contain a valid size prefixed `GuestError`. pub unsafe fn size_prefixed_root_as_guest_error_unchecked(buf: &[u8]) -> GuestError { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_guest_error_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs index 8deec7cad..d57f8ed7e 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/guest_log_data_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for GuestLogData<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } @@ -288,14 +288,14 @@ pub fn size_prefixed_root_as_guest_log_data_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `GuestLogData`. pub unsafe fn root_as_guest_log_data_unchecked(buf: &[u8]) -> GuestLogData { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed GuestLogData and returns it. /// # Safety /// Callers must trust the given bytes do indeed contain a valid size prefixed `GuestLogData`. pub unsafe fn size_prefixed_root_as_guest_log_data_unchecked(buf: &[u8]) -> GuestLogData { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_guest_log_data_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs index d2005e5a5..c4a2b6673 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlbool_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlbool<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs index 5c71c2c9e..0cbabb8b1 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hldouble_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hldouble<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs index 93673efe1..ca59467d4 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlfloat_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlfloat<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs index a162f6eec..726f3ba29 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlint_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlint<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs index 690afaa26..7c088ff8c 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hllong_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hllong<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs index ed1e74b37..cbbb2729c 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlsizeprefixedbuffer_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlsizeprefixedbuffer<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs index ba8c2eb7f..cb2d7db09 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlstring_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlstring<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs index e10699658..67f8cbd6d 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hluint_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hluint<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs index db83b936d..f701f3d6c 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlulong_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlulong<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs index e673cd425..8b1c4a109 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvecbytes_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlvecbytes<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs index 76e0e9f97..a218c60ba 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/hlvoid_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for hlvoid<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_definition_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_definition_generated.rs index 381f77fcc..010d111bf 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_definition_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_definition_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for HostFunctionDefinition<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } @@ -202,3 +202,88 @@ impl core::fmt::Debug for HostFunctionDefinition<'_> { ds.finish() } } +#[inline] +/// Verifies that a buffer of bytes contains a `HostFunctionDefinition` +/// and returns it. +/// Note that verification is still experimental and may not +/// catch every error, or be maximally performant. For the +/// previous, unchecked, behavior use +/// `root_as_host_function_definition_unchecked`. +pub fn root_as_host_function_definition( + buf: &[u8], +) -> Result { + flatbuffers::root::(buf) +} +#[inline] +/// Verifies that a buffer of bytes contains a size prefixed +/// `HostFunctionDefinition` and returns it. +/// Note that verification is still experimental and may not +/// catch every error, or be maximally performant. For the +/// previous, unchecked, behavior use +/// `size_prefixed_root_as_host_function_definition_unchecked`. +pub fn size_prefixed_root_as_host_function_definition( + buf: &[u8], +) -> Result { + flatbuffers::size_prefixed_root::(buf) +} +#[inline] +/// Verifies, with the given options, that a buffer of bytes +/// contains a `HostFunctionDefinition` and returns it. +/// Note that verification is still experimental and may not +/// catch every error, or be maximally performant. For the +/// previous, unchecked, behavior use +/// `root_as_host_function_definition_unchecked`. +pub fn root_as_host_function_definition_with_opts<'b, 'o>( + opts: &'o flatbuffers::VerifierOptions, + buf: &'b [u8], +) -> Result, flatbuffers::InvalidFlatbuffer> { + flatbuffers::root_with_opts::>(opts, buf) +} +#[inline] +/// Verifies, with the given verifier options, that a buffer of +/// bytes contains a size prefixed `HostFunctionDefinition` and returns +/// it. Note that verification is still experimental and may not +/// catch every error, or be maximally performant. For the +/// previous, unchecked, behavior use +/// `root_as_host_function_definition_unchecked`. +pub fn size_prefixed_root_as_host_function_definition_with_opts<'b, 'o>( + opts: &'o flatbuffers::VerifierOptions, + buf: &'b [u8], +) -> Result, flatbuffers::InvalidFlatbuffer> { + flatbuffers::size_prefixed_root_with_opts::>(opts, buf) +} +#[inline] +/// Assumes, without verification, that a buffer of bytes contains a HostFunctionDefinition and returns it. +/// # Safety +/// Callers must trust the given bytes do indeed contain a valid `HostFunctionDefinition`. +pub unsafe fn root_as_host_function_definition_unchecked(buf: &[u8]) -> HostFunctionDefinition { + unsafe { flatbuffers::root_unchecked::(buf) } +} +#[inline] +/// Assumes, without verification, that a buffer of bytes contains a size prefixed HostFunctionDefinition and returns it. +/// # Safety +/// Callers must trust the given bytes do indeed contain a valid size prefixed `HostFunctionDefinition`. +pub unsafe fn size_prefixed_root_as_host_function_definition_unchecked( + buf: &[u8], +) -> HostFunctionDefinition { + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } +} +#[inline] +pub fn finish_host_function_definition_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( + fbb: &'b mut flatbuffers::FlatBufferBuilder<'a, A>, + root: flatbuffers::WIPOffset>, +) { + fbb.finish(root, None); +} + +#[inline] +pub fn finish_size_prefixed_host_function_definition_buffer< + 'a, + 'b, + A: flatbuffers::Allocator + 'a, +>( + fbb: &'b mut flatbuffers::FlatBufferBuilder<'a, A>, + root: flatbuffers::WIPOffset>, +) { + fbb.finish_size_prefixed(root, None); +} diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_details_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_details_generated.rs index 71edd22b3..a502dd491 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_details_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/host_function_details_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for HostFunctionDetails<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } @@ -187,7 +187,7 @@ pub fn size_prefixed_root_as_host_function_details_with_opts<'b, 'o>( /// # Safety /// Callers must trust the given bytes do indeed contain a valid `HostFunctionDetails`. pub unsafe fn root_as_host_function_details_unchecked(buf: &[u8]) -> HostFunctionDetails { - flatbuffers::root_unchecked::(buf) + unsafe { flatbuffers::root_unchecked::(buf) } } #[inline] /// Assumes, without verification, that a buffer of bytes contains a size prefixed HostFunctionDetails and returns it. @@ -196,7 +196,7 @@ pub unsafe fn root_as_host_function_details_unchecked(buf: &[u8]) -> HostFunctio pub unsafe fn size_prefixed_root_as_host_function_details_unchecked( buf: &[u8], ) -> HostFunctionDetails { - flatbuffers::size_prefixed_root_unchecked::(buf) + unsafe { flatbuffers::size_prefixed_root_unchecked::(buf) } } #[inline] pub fn finish_host_function_details_buffer<'a, 'b, A: flatbuffers::Allocator + 'a>( diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs index a47458489..6fb5ce2c6 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/log_level_generated.rs @@ -86,7 +86,7 @@ impl<'a> flatbuffers::Follow<'a> for LogLevel { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); + let b = unsafe { flatbuffers::read_scalar_at::(buf, loc) }; Self(b) } } @@ -95,7 +95,9 @@ impl flatbuffers::Push for LogLevel { type Output = LogLevel; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs index 41e80c4ac..b0e803ec5 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_generated.rs @@ -22,7 +22,7 @@ impl<'a> flatbuffers::Follow<'a> for Parameter<'a> { #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { Self { - _tab: flatbuffers::Table::new(buf, loc), + _tab: unsafe { flatbuffers::Table::new(buf, loc) }, } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs index 5ef4b56e1..cf46560b1 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_type_generated.rs @@ -94,7 +94,7 @@ impl<'a> flatbuffers::Follow<'a> for ParameterType { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); + let b = unsafe { flatbuffers::read_scalar_at::(buf, loc) }; Self(b) } } @@ -103,7 +103,9 @@ impl flatbuffers::Push for ParameterType { type Output = ParameterType; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs index 91d51b456..8113df5fc 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/parameter_value_generated.rs @@ -98,7 +98,7 @@ impl<'a> flatbuffers::Follow<'a> for ParameterValue { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); + let b = unsafe { flatbuffers::read_scalar_at::(buf, loc) }; Self(b) } } @@ -107,7 +107,9 @@ impl flatbuffers::Push for ParameterValue { type Output = ParameterValue; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs index 0610cdd55..913b1fe78 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_type_generated.rs @@ -98,7 +98,7 @@ impl<'a> flatbuffers::Follow<'a> for ReturnType { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); + let b = unsafe { flatbuffers::read_scalar_at::(buf, loc) }; Self(b) } } @@ -107,7 +107,9 @@ impl flatbuffers::Push for ReturnType { type Output = ReturnType; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs index 2c9f94872..d13c73623 100644 --- a/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs +++ b/src/hyperlight_common/src/flatbuffers/hyperlight/generated/return_value_generated.rs @@ -102,7 +102,7 @@ impl<'a> flatbuffers::Follow<'a> for ReturnValue { type Inner = Self; #[inline] unsafe fn follow(buf: &'a [u8], loc: usize) -> Self::Inner { - let b = flatbuffers::read_scalar_at::(buf, loc); + let b = unsafe { flatbuffers::read_scalar_at::(buf, loc) }; Self(b) } } @@ -111,7 +111,9 @@ impl flatbuffers::Push for ReturnValue { type Output = ReturnValue; #[inline] unsafe fn push(&self, dst: &mut [u8], _written_len: usize) { - flatbuffers::emplace_scalar::(dst, self.0); + unsafe { + flatbuffers::emplace_scalar::(dst, self.0); + } } } diff --git a/src/hyperlight_common/src/flatbuffers/mod.rs b/src/hyperlight_common/src/flatbuffers/mod.rs index f8ac0929d..d0a859cd8 100644 --- a/src/hyperlight_common/src/flatbuffers/mod.rs +++ b/src/hyperlight_common/src/flatbuffers/mod.rs @@ -2,6 +2,7 @@ // @generated pub mod hyperlight { use super::*; + #[allow(mismatched_lifetime_syntaxes)] pub mod generated { use super::*; mod parameter_value_generated; diff --git a/src/hyperlight_common/src/lib.rs b/src/hyperlight_common/src/lib.rs index e22cf6417..3ec6aa6fc 100644 --- a/src/hyperlight_common/src/lib.rs +++ b/src/hyperlight_common/src/lib.rs @@ -25,14 +25,7 @@ extern crate alloc; pub mod flatbuffer_wrappers; /// cbindgen:ignore /// FlatBuffers-related utilities and (mostly) generated code -#[allow( - dead_code, - unused_imports, - clippy::all, - clippy::unwrap_used, - unsafe_op_in_unsafe_fn, - non_camel_case_types -)] +#[allow(clippy::all, warnings)] mod flatbuffers; /// cbindgen:ignore pub mod mem; diff --git a/src/hyperlight_component_util/src/emit.rs b/src/hyperlight_component_util/src/emit.rs index 2cd14c9df..1b3545813 100644 --- a/src/hyperlight_component_util/src/emit.rs +++ b/src/hyperlight_component_util/src/emit.rs @@ -680,7 +680,7 @@ impl<'a> WitName<'a> { } } /// Parse a kebab-name as a WIT name -pub fn split_wit_name(n: &str) -> WitName { +pub fn split_wit_name(n: &str) -> WitName<'_> { let mut namespaces = Vec::new(); let mut colon_components = n.split(':').rev(); let last = colon_components.next().unwrap(); diff --git a/src/hyperlight_guest_tracing_macro/src/lib.rs b/src/hyperlight_guest_tracing_macro/src/lib.rs index 22a5cdf0e..cba0bcff3 100644 --- a/src/hyperlight_guest_tracing_macro/src/lib.rs +++ b/src/hyperlight_guest_tracing_macro/src/lib.rs @@ -113,10 +113,10 @@ impl syn::parse::Parse for TraceMacroInput { if !matches!(message, syn::Lit::Str(_)) { return Err(input.error("first argument to trace! must be a string literal")); } - if let syn::Lit::Str(ref lit_str) = message { - if lit_str.value().is_empty() { - return Err(input.error("trace message must not be empty")); - } + if let syn::Lit::Str(ref lit_str) = message + && lit_str.value().is_empty() + { + return Err(input.error("trace message must not be empty")); } let statement = if input.peek(syn::Token![,]) { diff --git a/src/hyperlight_host/clippy.toml b/src/hyperlight_host/clippy.toml index cda217749..05fdbf5a2 100644 --- a/src/hyperlight_host/clippy.toml +++ b/src/hyperlight_host/clippy.toml @@ -2,6 +2,4 @@ disallowed-macros = [ { path = "std::assert", reason = "no asserts in release builds" }, { path = "std::assert_eq", reason = "no asserts in release builds" }, { path = "std::assert_ne", reason = "no asserts in release builds" }, - { path = "std::assert_true", reason = "no asserts in release builds" }, - { path = "std::assert_false", reason = "no asserts in release builds" }, ] diff --git a/src/hyperlight_host/src/hypervisor/gdb/x86_64_target.rs b/src/hyperlight_host/src/hypervisor/gdb/x86_64_target.rs index 3248e6082..a3e36ebb7 100644 --- a/src/hyperlight_host/src/hypervisor/gdb/x86_64_target.rs +++ b/src/hyperlight_host/src/hypervisor/gdb/x86_64_target.rs @@ -133,18 +133,18 @@ impl Target for HyperlightSandboxTarget { type Arch = GdbTargetArch; type Error = GdbTargetError; - fn support_breakpoints(&mut self) -> Option> { + fn support_breakpoints(&mut self) -> Option> { Some(self) } #[inline(always)] - fn base_ops(&mut self) -> BaseOps { + fn base_ops(&mut self) -> BaseOps<'_, Self::Arch, Self::Error> { BaseOps::SingleThread(self) } fn support_section_offsets( &mut self, - ) -> Option> { + ) -> Option> { Some(self) } } @@ -288,7 +288,7 @@ impl SingleThreadBase for HyperlightSandboxTarget { } } - fn support_resume(&mut self) -> Option> { + fn support_resume(&mut self) -> Option> { Some(self) } } @@ -315,7 +315,7 @@ impl SectionOffsets for HyperlightSandboxTarget { } impl Breakpoints for HyperlightSandboxTarget { - fn support_hw_breakpoint(&mut self) -> Option> { + fn support_hw_breakpoint(&mut self) -> Option> { Some(self) } fn support_sw_breakpoint(&mut self) -> Option> { @@ -438,7 +438,7 @@ impl SingleThreadResume for HyperlightSandboxTarget { log::debug!("Resume"); self.resume_vcpu() } - fn support_single_step(&mut self) -> Option> { + fn support_single_step(&mut self) -> Option> { Some(self) } } diff --git a/src/hyperlight_host/src/hypervisor/hyperv_linux.rs b/src/hyperlight_host/src/hypervisor/hyperv_linux.rs index a5a32f456..aaef9316d 100644 --- a/src/hyperlight_host/src/hypervisor/hyperv_linux.rs +++ b/src/hyperlight_host/src/hypervisor/hyperv_linux.rs @@ -960,7 +960,7 @@ impl Hypervisor for HypervLinuxDriver { } #[cfg(crashdump)] - fn crashdump_context(&self) -> Result> { + fn crashdump_context(&self) -> Result>> { if self.rt_cfg.guest_core_dump { let mut regs = [0; 27]; diff --git a/src/hyperlight_host/src/hypervisor/hyperv_windows.rs b/src/hyperlight_host/src/hypervisor/hyperv_windows.rs index 0f98613b3..620910004 100644 --- a/src/hyperlight_host/src/hypervisor/hyperv_windows.rs +++ b/src/hyperlight_host/src/hypervisor/hyperv_windows.rs @@ -894,7 +894,7 @@ impl Hypervisor for HypervWindowsDriver { } #[cfg(crashdump)] - fn crashdump_context(&self) -> Result> { + fn crashdump_context(&self) -> Result>> { if self.rt_cfg.guest_core_dump { let mut regs = [0; 27]; diff --git a/src/hyperlight_host/src/hypervisor/kvm.rs b/src/hyperlight_host/src/hypervisor/kvm.rs index d048e20f3..a69b51f55 100644 --- a/src/hyperlight_host/src/hypervisor/kvm.rs +++ b/src/hyperlight_host/src/hypervisor/kvm.rs @@ -831,7 +831,7 @@ impl Hypervisor for KVMDriver { } #[cfg(crashdump)] - fn crashdump_context(&self) -> Result> { + fn crashdump_context(&self) -> Result>> { if self.rt_cfg.guest_core_dump { let mut regs = [0; 27]; diff --git a/src/hyperlight_host/src/hypervisor/mod.rs b/src/hyperlight_host/src/hypervisor/mod.rs index 928d9ac2e..9c04ad3a0 100644 --- a/src/hyperlight_host/src/hypervisor/mod.rs +++ b/src/hyperlight_host/src/hypervisor/mod.rs @@ -230,7 +230,7 @@ pub(crate) trait Hypervisor: Debug + Send { fn as_mut_hypervisor(&mut self) -> &mut dyn Hypervisor; #[cfg(crashdump)] - fn crashdump_context(&self) -> Result>; + fn crashdump_context(&self) -> Result>>; #[cfg(gdb)] /// handles the cases when the vCPU stops due to a Debug event @@ -267,16 +267,15 @@ pub(crate) fn get_memory_access_violation<'a>( // find the region containing the given gpa let region = mem_regions.find(|region| region.guest_region.contains(&gpa)); - if let Some(region) = region { - if !region.flags.contains(access_info) - || region.flags.contains(MemoryRegionFlags::STACK_GUARD) - { - return Some(HyperlightExit::AccessViolation( - gpa as u64, - access_info, - region.flags, - )); - } + if let Some(region) = region + && (!region.flags.contains(access_info) + || region.flags.contains(MemoryRegionFlags::STACK_GUARD)) + { + return Some(HyperlightExit::AccessViolation( + gpa as u64, + access_info, + region.flags, + )); } None } diff --git a/src/hyperlight_host/src/hypervisor/surrogate_process_manager.rs b/src/hyperlight_host/src/hypervisor/surrogate_process_manager.rs index 6724f2c6d..f805e94ad 100644 --- a/src/hyperlight_host/src/hypervisor/surrogate_process_manager.rs +++ b/src/hyperlight_host/src/hypervisor/surrogate_process_manager.rs @@ -531,11 +531,11 @@ mod tests { while result { if let Ok(process_name) = unsafe { CStr::from_ptr(process_entry.szExeFile.as_ptr()).to_str() } + && process_name == SURROGATE_PROCESS_BINARY_NAME { - if process_name == SURROGATE_PROCESS_BINARY_NAME { - count += 1; - } + count += 1; } + unsafe { result = Process32Next(snapshot_handle, &mut process_entry).is_ok(); } diff --git a/src/hyperlight_host/src/hypervisor/windows_hypervisor_platform.rs b/src/hyperlight_host/src/hypervisor/windows_hypervisor_platform.rs index d6064443b..3d97de9ea 100644 --- a/src/hyperlight_host/src/hypervisor/windows_hypervisor_platform.rs +++ b/src/hyperlight_host/src/hypervisor/windows_hypervisor_platform.rs @@ -213,7 +213,7 @@ impl VMPartition { // with an error about a missing entrypoint // This function should always succeed since before we get here we have already checked that the hypervisor is present and // that we are on a supported version of windows. -type WHvMapGpaRange2Func = unsafe extern "cdecl" fn( +type WHvMapGpaRange2Func = unsafe extern "system" fn( WHV_PARTITION_HANDLE, HANDLE, *const c_void, @@ -523,10 +523,10 @@ impl VMProcessor { ); // If it failed for reasons other than insufficient buffer, return error - if let Err(e) = result { - if e.code() != windows::Win32::Foundation::WHV_E_INSUFFICIENT_BUFFER { - return Err(HyperlightError::WindowsAPIError(e)); - } + if let Err(e) = result + && e.code() != windows::Win32::Foundation::WHV_E_INSUFFICIENT_BUFFER + { + return Err(HyperlightError::WindowsAPIError(e)); } } diff --git a/src/hyperlight_host/src/mem/mgr.rs b/src/hyperlight_host/src/mem/mgr.rs index f578f3ea8..7d9d0d288 100644 --- a/src/hyperlight_host/src/mem/mgr.rs +++ b/src/hyperlight_host/src/mem/mgr.rs @@ -242,10 +242,11 @@ where let addr = (p << 21) + (i << 12); // First check if we're still in the cached region - if let Some(cached_idx) = *cached_region_idx { - if cached_idx < regions.len() && regions[cached_idx].guest_region.contains(&addr) { - return Ok(regions[cached_idx].region_type); - } + if let Some(cached_idx) = *cached_region_idx + && cached_idx < regions.len() + && regions[cached_idx].guest_region.contains(&addr) + { + return Ok(regions[cached_idx].region_type); } // If not in cached region, try adjacent regions first (common for sequential access) diff --git a/src/hyperlight_host/src/sandbox/initialized_multi_use.rs b/src/hyperlight_host/src/sandbox/initialized_multi_use.rs index 9223c5e1b..fc860caf6 100644 --- a/src/hyperlight_host/src/sandbox/initialized_multi_use.rs +++ b/src/hyperlight_host/src/sandbox/initialized_multi_use.rs @@ -165,11 +165,11 @@ impl MultiUseSandbox { /// ``` #[instrument(err(Debug), skip_all, parent = Span::current())] pub fn restore(&mut self, snapshot: &Snapshot) -> Result<()> { - if let Some(snap) = &self.snapshot { - if Arc::ptr_eq(&snap.inner, &snapshot.inner) { - // If the snapshot is already the current one, no need to restore - return Ok(()); - } + if let Some(snap) = &self.snapshot + && Arc::ptr_eq(&snap.inner, &snapshot.inner) + { + // If the snapshot is already the current one, no need to restore + return Ok(()); } if self.id != snapshot.inner.sandbox_id() { diff --git a/src/hyperlight_host/src/sandbox/uninitialized.rs b/src/hyperlight_host/src/sandbox/uninitialized.rs index 679d5e0e5..f952c6bd7 100644 --- a/src/hyperlight_host/src/sandbox/uninitialized.rs +++ b/src/hyperlight_host/src/sandbox/uninitialized.rs @@ -946,14 +946,13 @@ mod tests { (metadata_values_map, "module_path"), (metadata_values_map, "target"), ]); - if let Ok(err_vals) = err_vals_res { - if err_vals[0] == "ERROR" - && err_vals[1].starts_with(expected_error_start) - && err_vals[2] == "hyperlight_host::sandbox::uninitialized" - && err_vals[3] == "hyperlight_host::sandbox::uninitialized" - { - count_matching_events += 1; - } + if let Ok(err_vals) = err_vals_res + && err_vals[0] == "ERROR" + && err_vals[1].starts_with(expected_error_start) + && err_vals[2] == "hyperlight_host::sandbox::uninitialized" + && err_vals[3] == "hyperlight_host::sandbox::uninitialized" + { + count_matching_events += 1; } } assert!( diff --git a/src/hyperlight_host/src/seccomp/guest.rs b/src/hyperlight_host/src/seccomp/guest.rs index b08f483f6..c55d40686 100644 --- a/src/hyperlight_host/src/seccomp/guest.rs +++ b/src/hyperlight_host/src/seccomp/guest.rs @@ -121,11 +121,12 @@ pub(crate) fn get_seccomp_filter_for_host_function_worker_thread( .try_into()?; // If `openat` is an explicitly allowed syscall, we shouldn't return the filter that forces it to return EACCES. - if let Some(extra_syscalls) = extra_allowed_syscalls { - if extra_syscalls.contains(&libc::SYS_openat) { - return Ok(vec![allowlist]); - } + if let Some(extra_syscalls) = extra_allowed_syscalls + && extra_syscalls.contains(&libc::SYS_openat) + { + return Ok(vec![allowlist]); } + // Otherwise, we return both filters. // Filter that forces `openat` to return EACCES