Disallow references to static mut

Author: yogh333

ledger_device_sdk/src/nbgl.rs

@@ -79,7 +79,7 @@ trait SyncNBGL: Sized {
 
     fn ux_sync_wait(&self, exit_on_apdu: bool) -> SyncNbgl {
         unsafe {
-            if let Some(comm) = COMM_REF.as_mut() {
+            if let Some(comm) = (*(&raw mut COMM_REF)).as_mut() {
                 while !G_ENDED {
                     let apdu_received = comm.next_event_ahead::<ApduHeader>();
                     if exit_on_apdu && apdu_received {

ledger_device_sdk/src/nbgl/nbgl_home_and_settings.rs

@@ -20,7 +20,7 @@ unsafe extern "C" fn settings_callback(token: c_int, _index: u8, _page: c_int) {
         _ => panic!("Invalid state."),
     }
 
-    if let Some(data) = NVM_REF.as_mut() {
+    if let Some(data) = (*(&raw mut NVM_REF)).as_mut() {
         let mut switch_values: [u8; SETTINGS_SIZE] = *data.get_ref();
         if switch_values[setting_idx] == OFF_STATE {
             switch_values[setting_idx] = ON_STATE;
@@ -166,7 +166,7 @@ impl<'a> NbglHomeAndSettings {
                 for (i, setting) in self.setting_contents.iter().enumerate() {
                     SWITCH_ARRAY[i].text = setting[0].as_ptr();
                     SWITCH_ARRAY[i].subText = setting[1].as_ptr();
-                    let state = if let Some(data) = NVM_REF.as_mut() {
+                    let state = if let Some(data) = (*(&raw mut NVM_REF)).as_mut() {
                         data.get_ref()[i]
                     } else {
                         OFF_STATE
@@ -179,7 +179,7 @@ impl<'a> NbglHomeAndSettings {
                 self.content = nbgl_content_t {
                     content: nbgl_content_u {
                         switchesList: nbgl_pageSwitchesList_s {
-                            switches: &SWITCH_ARRAY as *const nbgl_contentSwitch_t,
+                            switches: &raw const SWITCH_ARRAY as *const nbgl_contentSwitch_t,
                             nbSwitches: self.nb_settings,
                         },
                     },
@@ -211,7 +211,7 @@ impl<'a> NbglHomeAndSettings {
                 );
                 match self.ux_sync_wait(true) {
                     SyncNbgl::UxSyncRetApduReceived => {
-                        if let Some(comm) = COMM_REF.as_mut() {
+                        if let Some(comm) = (*(&raw mut COMM_REF)).as_mut() {
                             if let Some(value) = comm.check_event() {
                                 return value;
                             }
@@ -250,7 +250,7 @@ impl<'a> NbglHomeAndSettings {
             for (i, setting) in self.setting_contents.iter().enumerate() {
                 SWITCH_ARRAY[i].text = setting[0].as_ptr();
                 SWITCH_ARRAY[i].subText = setting[1].as_ptr();
-                let state = if let Some(data) = NVM_REF.as_mut() {
+                let state = if let Some(data) = (*(&raw mut NVM_REF)).as_mut() {
                     data.get_ref()[i]
                 } else {
                     OFF_STATE
@@ -263,7 +263,7 @@ impl<'a> NbglHomeAndSettings {
             self.content = nbgl_content_t {
                 content: nbgl_content_u {
                     switchesList: nbgl_pageSwitchesList_s {
-                        switches: &SWITCH_ARRAY as *const nbgl_contentSwitch_t,
+                        switches: &raw const SWITCH_ARRAY as *const nbgl_contentSwitch_t,
                         nbSwitches: self.nb_settings,
                     },
                 },

ledger_device_sdk/src/seph.rs

@@ -112,8 +112,8 @@ pub fn handle_usb_event(event: u8) {
     match Events::from(event) {
         Events::USBEventReset => {
             unsafe {
-                USBD_LL_SetSpeed(&mut USBD_Device, 1 /*USBD_SPEED_FULL*/);
-                USBD_LL_Reset(&mut USBD_Device);
+                USBD_LL_SetSpeed(&raw mut USBD_Device, 1 /*USBD_SPEED_FULL*/);
+                USBD_LL_Reset(&raw mut USBD_Device);
 
                 if G_io_app.apdu_media != IO_APDU_MEDIA_NONE {
                     return;
@@ -124,13 +124,13 @@ pub fn handle_usb_event(event: u8) {
             }
         }
         Events::USBEventSOF => unsafe {
-            USBD_LL_SOF(&mut USBD_Device);
+            USBD_LL_SOF(&raw mut USBD_Device);
         },
         Events::USBEventSuspend => unsafe {
-            USBD_LL_Suspend(&mut USBD_Device);
+            USBD_LL_Suspend(&raw mut USBD_Device);
         },
         Events::USBEventResume => unsafe {
-            USBD_LL_Resume(&mut USBD_Device);
+            USBD_LL_Resume(&raw mut USBD_Device);
         },
         _ => (),
     }
@@ -140,13 +140,13 @@ pub fn handle_usb_ep_xfer_event(apdu_buffer: &mut [u8], buffer: &[u8]) {
     let endpoint = buffer[3] & 0x7f;
     match UsbEp::from(buffer[4]) {
         UsbEp::USBEpXFERSetup => unsafe {
-            USBD_LL_SetupStage(&mut USBD_Device, &buffer[6]);
+            USBD_LL_SetupStage(&raw mut USBD_Device, &buffer[6]);
         },
         UsbEp::USBEpXFERIn => {
             if (endpoint as u32) < IO_USB_MAX_ENDPOINTS {
                 unsafe {
                     G_io_app.usb_ep_timeouts[endpoint as usize].timeout = 0;
-                    USBD_LL_DataInStage(&mut USBD_Device, endpoint, &buffer[6]);
+                    USBD_LL_DataInStage(&raw mut USBD_Device, endpoint, &buffer[6]);
                 }
             }
         }
@@ -158,7 +158,7 @@ pub fn handle_usb_ep_xfer_event(apdu_buffer: &mut [u8], buffer: &[u8]) {
                         buf: apdu_buffer.as_mut_ptr(),
                         len: 260,
                     };
-                    USBD_LL_DataOutStage(&mut USBD_Device, endpoint, &buffer[6], &mut apdu_buf);
+                    USBD_LL_DataOutStage(&raw mut USBD_Device, endpoint, &buffer[6], &mut apdu_buf);
                 }
             }
         }
@@ -167,19 +167,21 @@ pub fn handle_usb_ep_xfer_event(apdu_buffer: &mut [u8], buffer: &[u8]) {
 }
 
 pub fn handle_capdu_event(apdu_buffer: &mut [u8], buffer: &[u8]) {
-    let io_app = unsafe { &mut G_io_app };
-    if io_app.apdu_state == APDU_IDLE {
-        let max = (apdu_buffer.len() - 3).min(buffer.len() - 3);
-        let size = u16::from_be_bytes([buffer[1], buffer[2]]) as usize;
+    let io_app = &raw mut G_io_app;
+    unsafe {
+        if (*io_app).apdu_state == APDU_IDLE {
+            let max = (apdu_buffer.len() - 3).min(buffer.len() - 3);
+            let size = u16::from_be_bytes([buffer[1], buffer[2]]) as usize;
 
-        io_app.apdu_media = IO_APDU_MEDIA_RAW;
-        io_app.apdu_state = APDU_RAW;
+            (*io_app).apdu_media = IO_APDU_MEDIA_RAW;
+            (*io_app).apdu_state = APDU_RAW;
 
-        let len = size.min(max);
+            let len = size.min(max);
 
-        io_app.apdu_length = len as u16;
+            (*io_app).apdu_length = len as u16;
 
-        apdu_buffer[..len].copy_from_slice(&buffer[3..len + 3]);
+            apdu_buffer[..len].copy_from_slice(&buffer[3..len + 3]);
+        }
     }
 }
 

ledger_secure_sdk_sys/Cargo.toml

@@ -18,6 +18,7 @@ critical-section = { version = "1.1.2", optional = true }
 
 [features]
 heap = ["dep:embedded-alloc", "dep:critical-section"]
+ccid = []
 
 [lints.rust.unexpected_cfgs]
 level = "warn"

ledger_secure_sdk_sys/src/lib.rs

@@ -65,7 +65,7 @@ unsafe impl critical_section::Impl for CriticalSection {
 extern "C" fn heap_init() {
     // HEAP_SIZE comes from heap_size.rs, which is defined via env var and build.rs
     static mut HEAP_MEM: [MaybeUninit<u8>; HEAP_SIZE] = [MaybeUninit::uninit(); HEAP_SIZE];
-    unsafe { HEAP.init(HEAP_MEM.as_ptr() as usize, HEAP_SIZE) }
+    unsafe { HEAP.init(&raw mut HEAP_MEM as usize, HEAP_SIZE) }
 }
 
 #[no_mangle]