diff --git a/uefi/src/allocator.rs b/uefi/src/allocator.rs index 223943609..d030d55ed 100644 --- a/uefi/src/allocator.rs +++ b/uefi/src/allocator.rs @@ -90,9 +90,11 @@ unsafe impl GlobalAlloc for Allocator { // write is appropriately aligned for a `*mut u8` pointer because // `align_ptr` is aligned, and alignments are always powers of two // (as enforced by the `Layout` type). - let aligned_ptr = full_alloc_ptr.add(offset); - (aligned_ptr.cast::<*mut u8>()).sub(1).write(full_alloc_ptr); - aligned_ptr + unsafe { + let aligned_ptr = full_alloc_ptr.add(offset); + (aligned_ptr.cast::<*mut u8>()).sub(1).write(full_alloc_ptr); + aligned_ptr + } } else { // The requested alignment is less than or equal to eight, and // `allocate_pool` always provides eight-byte alignment, so we can @@ -108,13 +110,13 @@ unsafe impl GlobalAlloc for Allocator { if layout.align() > 8 { // Retrieve the pointer to the full allocation that was packed right // before the aligned allocation in `alloc`. - ptr = (ptr as *const *mut u8).sub(1).read(); + ptr = unsafe { (ptr as *const *mut u8).sub(1).read() }; } // OK to unwrap: `ptr` is required to be a valid allocation by the trait API. let ptr = NonNull::new(ptr).unwrap(); // Warning: this will panic after exiting boot services. - boot::free_pool(ptr).unwrap(); + unsafe { boot::free_pool(ptr) }.unwrap(); } } diff --git a/uefi/src/boot.rs b/uefi/src/boot.rs index e5de81f53..4c44bef55 100644 --- a/uefi/src/boot.rs +++ b/uefi/src/boot.rs @@ -116,7 +116,7 @@ pub unsafe fn raise_tpl(tpl: Tpl) -> TplGuard { let bt = unsafe { bt.as_ref() }; TplGuard { - old_tpl: (bt.raise_tpl)(tpl), + old_tpl: unsafe { (bt.raise_tpl)(tpl) }, } } @@ -381,15 +381,17 @@ pub unsafe fn create_event( // Safety: the argument types of the function pointers are defined // differently, but are compatible and can be safely transmuted. - let notify_fn: Option = mem::transmute(notify_fn); + let notify_fn: Option = + unsafe { mem::transmute(notify_fn) }; let notify_ctx = opt_nonnull_to_ptr(notify_ctx); // Now we're ready to call UEFI - (bt.create_event)(event_ty, notify_tpl, notify_fn, notify_ctx, &mut event).to_result_with_val( - // OK to unwrap: event is non-null for Status::SUCCESS. - || Event::from_ptr(event).unwrap(), - ) + unsafe { (bt.create_event)(event_ty, notify_tpl, notify_fn, notify_ctx, &mut event) } + .to_result_with_val( + // OK to unwrap: event is non-null for Status::SUCCESS. + || unsafe { Event::from_ptr(event) }.unwrap(), + ) } /// Creates an event in an event group. @@ -451,19 +453,22 @@ pub unsafe fn create_event_ex( // Safety: the argument types of the function pointers are defined // differently, but are compatible and can be safely transmuted. - let notify_fn: Option = mem::transmute(notify_fn); - - (bt.create_event_ex)( - event_type, - notify_tpl, - notify_fn, - opt_nonnull_to_ptr(notify_ctx), - opt_nonnull_to_ptr(event_group), - &mut event, - ) + let notify_fn: Option = + unsafe { mem::transmute(notify_fn) }; + + unsafe { + (bt.create_event_ex)( + event_type, + notify_tpl, + notify_fn, + opt_nonnull_to_ptr(notify_ctx), + opt_nonnull_to_ptr(event_group), + &mut event, + ) + } .to_result_with_val( // OK to unwrap: event is non-null for Status::SUCCESS. - || Event::from_ptr(event).unwrap(), + || unsafe { Event::from_ptr(event) }.unwrap(), ) } @@ -696,13 +701,15 @@ pub unsafe fn install_protocol_interface( let bt = unsafe { bt.as_ref() }; let mut handle = Handle::opt_to_ptr(handle); - ((bt.install_protocol_interface)( - &mut handle, - protocol, - InterfaceType::NATIVE_INTERFACE, - interface, - )) - .to_result_with_val(|| Handle::from_ptr(handle).unwrap()) + unsafe { + (bt.install_protocol_interface)( + &mut handle, + protocol, + InterfaceType::NATIVE_INTERFACE, + interface, + ) + } + .to_result_with_val(|| unsafe { Handle::from_ptr(handle) }.unwrap()) } /// Reinstalls a protocol interface on a device handle. `old_interface` is replaced with `new_interface`. @@ -730,8 +737,10 @@ pub unsafe fn reinstall_protocol_interface( let bt = boot_services_raw_panicking(); let bt = unsafe { bt.as_ref() }; - (bt.reinstall_protocol_interface)(handle.as_ptr(), protocol, old_interface, new_interface) - .to_result() + unsafe { + (bt.reinstall_protocol_interface)(handle.as_ptr(), protocol, old_interface, new_interface) + } + .to_result() } /// Removes a protocol interface from a device handle. @@ -757,7 +766,7 @@ pub unsafe fn uninstall_protocol_interface( let bt = boot_services_raw_panicking(); let bt = unsafe { bt.as_ref() }; - (bt.uninstall_protocol_interface)(handle.as_ptr(), protocol, interface).to_result() + unsafe { (bt.uninstall_protocol_interface)(handle.as_ptr(), protocol, interface).to_result() } } /// Registers `event` to be signaled whenever a protocol interface is registered for @@ -1035,19 +1044,21 @@ pub unsafe fn open_protocol( let bt = unsafe { bt.as_ref() }; let mut interface = ptr::null_mut(); - (bt.open_protocol)( - params.handle.as_ptr(), - &P::GUID, - &mut interface, - params.agent.as_ptr(), - Handle::opt_to_ptr(params.controller), - attributes as u32, - ) + unsafe { + (bt.open_protocol)( + params.handle.as_ptr(), + &P::GUID, + &mut interface, + params.agent.as_ptr(), + Handle::opt_to_ptr(params.controller), + attributes as u32, + ) + } .to_result_with_val(|| { let interface = if interface.is_null() { None } else { - NonNull::new(P::mut_ptr_from_ffi(interface)) + NonNull::new(unsafe { P::mut_ptr_from_ffi(interface) }) }; ScopedProtocol { interface, @@ -1220,12 +1231,14 @@ pub unsafe fn exit( let bt = boot_services_raw_panicking(); let bt = unsafe { bt.as_ref() }; - (bt.exit)( - image_handle.as_ptr(), - exit_status, - exit_data_size, - exit_data.cast(), - ) + unsafe { + (bt.exit)( + image_handle.as_ptr(), + exit_status, + exit_data_size, + exit_data.cast(), + ) + } } /// Get the current memory map and exit boot services. @@ -1241,7 +1254,7 @@ unsafe fn get_memory_map_and_exit_boot_services(buf: &mut [u8]) -> Result(ptr: *const Char8) -> &'ptr Self { let mut len = 0; - while *ptr.add(len) != NUL_8 { + while unsafe { *ptr.add(len) } != NUL_8 { len += 1 } let ptr = ptr.cast::(); - Self::from_bytes_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1)) + unsafe { Self::from_bytes_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1)) } } /// Creates a CStr8 reference from bytes. @@ -171,7 +171,7 @@ impl CStr8 { /// null-terminated string, with no interior null bytes. #[must_use] pub const unsafe fn from_bytes_with_nul_unchecked(chars: &[u8]) -> &Self { - &*(ptr::from_ref(chars) as *const Self) + unsafe { &*(ptr::from_ref(chars) as *const Self) } } /// Returns the inner pointer to this CStr8. @@ -352,11 +352,11 @@ impl CStr16 { #[must_use] pub unsafe fn from_ptr<'ptr>(ptr: *const Char16) -> &'ptr Self { let mut len = 0; - while *ptr.add(len) != NUL_16 { + while unsafe { *ptr.add(len) } != NUL_16 { len += 1 } let ptr = ptr.cast::(); - Self::from_u16_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1)) + unsafe { Self::from_u16_with_nul_unchecked(slice::from_raw_parts(ptr, len + 1)) } } /// Creates a `&CStr16` from a u16 slice, stopping at the first nul character. @@ -405,7 +405,7 @@ impl CStr16 { /// null-terminated string, with no interior null characters. #[must_use] pub const unsafe fn from_u16_with_nul_unchecked(codes: &[u16]) -> &Self { - &*(ptr::from_ref(codes) as *const Self) + unsafe { &*(ptr::from_ref(codes) as *const Self) } } /// Creates a `&CStr16` from a [`Char16`] slice, stopping at the first nul character. @@ -455,7 +455,7 @@ impl CStr16 { #[must_use] pub const unsafe fn from_char16_with_nul_unchecked(chars: &[Char16]) -> &Self { let ptr: *const [Char16] = chars; - &*(ptr as *const Self) + unsafe { &*(ptr as *const Self) } } /// Convert a [`&str`] to a `&CStr16`, backed by a buffer. diff --git a/uefi/src/helpers/logger.rs b/uefi/src/helpers/logger.rs index ea03813a5..c7fdba50a 100644 --- a/uefi/src/helpers/logger.rs +++ b/uefi/src/helpers/logger.rs @@ -29,7 +29,7 @@ static LOGGER: Logger = Logger::new(); /// disable() on exit from UEFI boot services. pub unsafe fn init() { // Connect the logger to stdout. - system::with_stdout(|stdout| { + system::with_stdout(|stdout| unsafe { LOGGER.set_output(stdout); }); diff --git a/uefi/src/lib.rs b/uefi/src/lib.rs index bf56a3691..ebccb2430 100644 --- a/uefi/src/lib.rs +++ b/uefi/src/lib.rs @@ -224,6 +224,7 @@ clippy::use_self, missing_debug_implementations, missing_docs, + unsafe_op_in_unsafe_fn, unused )] diff --git a/uefi/src/proto/console/gop.rs b/uefi/src/proto/console/gop.rs index 7f3a51de3..f2e3daf0e 100644 --- a/uefi/src/proto/console/gop.rs +++ b/uefi/src/proto/console/gop.rs @@ -589,7 +589,7 @@ impl FrameBuffer<'_> { #[inline] pub unsafe fn write_byte(&mut self, index: usize, value: u8) { debug_assert!(index < self.size, "Frame buffer accessed out of bounds"); - self.base.add(index).write_volatile(value) + unsafe { self.base.add(index).write_volatile(value) } } /// Read the i-th byte of the frame buffer @@ -603,7 +603,7 @@ impl FrameBuffer<'_> { #[must_use] pub unsafe fn read_byte(&self, index: usize) -> u8 { debug_assert!(index < self.size, "Frame buffer accessed out of bounds"); - self.base.add(index).read_volatile() + unsafe { self.base.add(index).read_volatile() } } /// Write a value in the frame buffer, starting at the i-th byte @@ -624,8 +624,10 @@ impl FrameBuffer<'_> { index.saturating_add(size_of::()) <= self.size, "Frame buffer accessed out of bounds" ); - let ptr = self.base.add(index).cast::(); - ptr.write_volatile(value) + unsafe { + let ptr = self.base.add(index).cast::(); + ptr.write_volatile(value) + } } /// Read a value from the frame buffer, starting at the i-th byte @@ -647,6 +649,6 @@ impl FrameBuffer<'_> { index.saturating_add(size_of::()) <= self.size, "Frame buffer accessed out of bounds" ); - (self.base.add(index) as *const T).read_volatile() + unsafe { (self.base.add(index) as *const T).read_volatile() } } } diff --git a/uefi/src/proto/debug/mod.rs b/uefi/src/proto/debug/mod.rs index cfb0f90c9..088f061d3 100644 --- a/uefi/src/proto/debug/mod.rs +++ b/uefi/src/proto/debug/mod.rs @@ -98,7 +98,7 @@ impl DebugSupport { } // Safety: As we've validated the `processor_index`, this should always be safe - (self.register_periodic_callback)(self, processor_index, callback).to_result() + unsafe { (self.register_periodic_callback)(self, processor_index, callback) }.to_result() } /// Registers a function to be called when a given processor exception occurs. @@ -122,8 +122,10 @@ impl DebugSupport { } // Safety: As we've validated the `processor_index`, this should always be safe - (self.register_exception_callback)(self, processor_index, callback, exception_type) - .to_result() + unsafe { + (self.register_exception_callback)(self, processor_index, callback, exception_type) + } + .to_result() } /// Invalidates processor instruction cache for a memory range for a given `processor_index`. @@ -144,7 +146,8 @@ impl DebugSupport { // per the UEFI spec, this call should only return EFI_SUCCESS // Safety: As we've validated the `processor_index`, this should always be safe - (self.invalidate_instruction_cache)(self, processor_index, start, length).to_result() + unsafe { (self.invalidate_instruction_cache)(self, processor_index, start, length) } + .to_result() } } diff --git a/uefi/src/proto/device_path/mod.rs b/uefi/src/proto/device_path/mod.rs index f95d8315c..448de2c68 100644 --- a/uefi/src/proto/device_path/mod.rs +++ b/uefi/src/proto/device_path/mod.rs @@ -173,10 +173,10 @@ impl DevicePathNode { /// that lifetime. #[must_use] pub unsafe fn from_ffi_ptr<'a>(ptr: *const FfiDevicePath) -> &'a Self { - let header = *ptr.cast::(); + let header = unsafe { *ptr.cast::() }; let data_len = usize::from(header.length) - size_of::(); - &*ptr_meta::from_raw_parts(ptr.cast(), data_len) + unsafe { &*ptr_meta::from_raw_parts(ptr.cast(), data_len) } } /// Cast to a [`FfiDevicePath`] pointer. @@ -368,11 +368,11 @@ pub struct DevicePath { impl ProtocolPointer for DevicePath { unsafe fn ptr_from_ffi(ptr: *const c_void) -> *const Self { - ptr_meta::from_raw_parts(ptr.cast(), Self::size_in_bytes_from_ptr(ptr)) + ptr_meta::from_raw_parts(ptr.cast(), unsafe { Self::size_in_bytes_from_ptr(ptr) }) } unsafe fn mut_ptr_from_ffi(ptr: *mut c_void) -> *mut Self { - ptr_meta::from_raw_parts_mut(ptr.cast(), Self::size_in_bytes_from_ptr(ptr)) + ptr_meta::from_raw_parts_mut(ptr.cast(), unsafe { Self::size_in_bytes_from_ptr(ptr) }) } } @@ -384,13 +384,13 @@ impl DevicePath { let mut ptr = ptr.cast::(); let mut total_size_in_bytes: usize = 0; loop { - let node = DevicePathNode::from_ffi_ptr(ptr.cast::()); + let node = unsafe { DevicePathNode::from_ffi_ptr(ptr.cast::()) }; let node_size_in_bytes = usize::from(node.length()); total_size_in_bytes += node_size_in_bytes; if node.is_end_entire() { break; } - ptr = ptr.add(node_size_in_bytes); + ptr = unsafe { ptr.add(node_size_in_bytes) }; } total_size_in_bytes @@ -434,7 +434,7 @@ impl DevicePath { /// that lifetime. #[must_use] pub unsafe fn from_ffi_ptr<'a>(ptr: *const FfiDevicePath) -> &'a Self { - &*Self::ptr_from_ffi(ptr.cast::()) + unsafe { &*Self::ptr_from_ffi(ptr.cast::()) } } /// Cast to a [`FfiDevicePath`] pointer. @@ -669,11 +669,15 @@ pub struct LoadedImageDevicePath(DevicePath); impl ProtocolPointer for LoadedImageDevicePath { unsafe fn ptr_from_ffi(ptr: *const c_void) -> *const Self { - ptr_meta::from_raw_parts(ptr.cast(), DevicePath::size_in_bytes_from_ptr(ptr)) + ptr_meta::from_raw_parts(ptr.cast(), unsafe { + DevicePath::size_in_bytes_from_ptr(ptr) + }) } unsafe fn mut_ptr_from_ffi(ptr: *mut c_void) -> *mut Self { - ptr_meta::from_raw_parts_mut(ptr.cast(), DevicePath::size_in_bytes_from_ptr(ptr)) + ptr_meta::from_raw_parts_mut(ptr.cast(), unsafe { + DevicePath::size_in_bytes_from_ptr(ptr) + }) } } diff --git a/uefi/src/proto/loaded_image.rs b/uefi/src/proto/loaded_image.rs index 02cfa1871..3ab91c4a4 100644 --- a/uefi/src/proto/loaded_image.rs +++ b/uefi/src/proto/loaded_image.rs @@ -150,7 +150,7 @@ impl LoadedImage { unload: extern "efiapi" fn(image_handle: Handle) -> Status, ) { let unload: unsafe extern "efiapi" fn(image_handle: uefi_raw::Handle) -> uefi_raw::Status = - mem::transmute(unload); + unsafe { mem::transmute(unload) }; self.0.unload = Some(unload); } diff --git a/uefi/src/proto/media/disk.rs b/uefi/src/proto/media/disk.rs index 80abd8c5a..d3b8fa0ec 100644 --- a/uefi/src/proto/media/disk.rs +++ b/uefi/src/proto/media/disk.rs @@ -130,8 +130,10 @@ impl DiskIo2 { buffer: *mut u8, ) -> Result { let token = opt_nonnull_to_ptr(token); - (self.0.read_disk_ex)(&self.0, media_id, offset, token.cast(), len, buffer.cast()) - .to_result() + unsafe { + (self.0.read_disk_ex)(&self.0, media_id, offset, token.cast(), len, buffer.cast()) + } + .to_result() } /// Writes bytes to the disk device. @@ -164,14 +166,16 @@ impl DiskIo2 { buffer: *const u8, ) -> Result { let token = opt_nonnull_to_ptr(token); - (self.0.write_disk_ex)( - &mut self.0, - media_id, - offset, - token.cast(), - len, - buffer.cast(), - ) + unsafe { + (self.0.write_disk_ex)( + &mut self.0, + media_id, + offset, + token.cast(), + len, + buffer.cast(), + ) + } .to_result() } diff --git a/uefi/src/proto/media/file/dir.rs b/uefi/src/proto/media/file/dir.rs index e7623aa7a..79661c902 100644 --- a/uefi/src/proto/media/file/dir.rs +++ b/uefi/src/proto/media/file/dir.rs @@ -25,7 +25,7 @@ impl Directory { /// doing otherwise is unsafe. #[must_use] pub const unsafe fn new(handle: FileHandle) -> Self { - Self(RegularFile::new(handle)) + Self(unsafe { RegularFile::new(handle) }) } /// Read the next directory entry. diff --git a/uefi/src/proto/media/file/info.rs b/uefi/src/proto/media/file/info.rs index d8c2c6d6a..8a51b7ea5 100644 --- a/uefi/src/proto/media/file/info.rs +++ b/uefi/src/proto/media/file/info.rs @@ -45,7 +45,7 @@ trait InfoInternal: Align + ptr_meta::Pointee { /// struct. unsafe fn name_ptr(ptr: *mut u8) -> *mut Char16 { let offset_of_str = Self::name_offset(); - ptr.add(offset_of_str).cast::() + unsafe { ptr.add(offset_of_str).cast::() } } /// Create a new info type in user-provided storage. @@ -95,13 +95,13 @@ trait InfoInternal: Align + ptr_meta::Pointee { // Create a pointer to the part of info where the name is // stored. Note that `info_ptr` is used rather than `storage` to // comply with Stacked Borrows. - let info_name_ptr = Self::name_ptr(info_ptr.cast::()); + let info_name_ptr = unsafe { Self::name_ptr(info_ptr.cast::()) }; // Initialize the name slice. - ptr::copy(name.as_ptr(), info_name_ptr, name_length_ucs2); + unsafe { ptr::copy(name.as_ptr(), info_name_ptr, name_length_ucs2) }; // The struct is now valid and safe to dereference. - let info = &mut *info_ptr; + let info = unsafe { &mut *info_ptr }; Ok(info) } } @@ -111,10 +111,10 @@ where T: InfoInternal + ?Sized, { unsafe fn from_uefi<'ptr>(ptr: *mut c_void) -> &'ptr mut Self { - let name_ptr = Self::name_ptr(ptr.cast::()); - let name = CStr16::from_ptr(name_ptr); + let name_ptr = unsafe { Self::name_ptr(ptr.cast::()) }; + let name = unsafe { CStr16::from_ptr(name_ptr) }; let name_len = name.as_slice_with_nul().len(); - &mut *ptr_meta::from_raw_parts_mut(ptr.cast::<()>(), name_len) + unsafe { &mut *ptr_meta::from_raw_parts_mut(ptr.cast::<()>(), name_len) } } } diff --git a/uefi/src/proto/media/file/mod.rs b/uefi/src/proto/media/file/mod.rs index fdf657327..d138d70a3 100644 --- a/uefi/src/proto/media/file/mod.rs +++ b/uefi/src/proto/media/file/mod.rs @@ -407,14 +407,18 @@ mod tests { ) .unwrap(); let required_size = size_of_val(info); - if *buffer_size < required_size { - *buffer_size = required_size; + if unsafe { *buffer_size } < required_size { + unsafe { + *buffer_size = required_size; + } Status::BUFFER_TOO_SMALL } else { unsafe { ptr::copy_nonoverlapping((info as *const FileInfo).cast(), buffer, required_size); } - *buffer_size = required_size; + unsafe { + *buffer_size = required_size; + } Status::SUCCESS } } diff --git a/uefi/src/proto/tcg/v1.rs b/uefi/src/proto/tcg/v1.rs index db8f13f85..8ab30f939 100644 --- a/uefi/src/proto/tcg/v1.rs +++ b/uefi/src/proto/tcg/v1.rs @@ -95,7 +95,7 @@ impl PcrEvent { pub(super) const unsafe fn from_ptr<'a>(ptr: *const u8) -> &'a Self { // Get the `event_size` field. let ptr_u32: *const u32 = ptr.cast(); - let event_size = ptr_u32.add(7).read_unaligned(); + let event_size = unsafe { ptr_u32.add(7).read_unaligned() }; let event_size = usize_from_u32(event_size); unsafe { &*ptr_meta::from_raw_parts(ptr.cast(), event_size) } } diff --git a/uefi/src/proto/tcg/v2.rs b/uefi/src/proto/tcg/v2.rs index 306993891..d13573d6e 100644 --- a/uefi/src/proto/tcg/v2.rs +++ b/uefi/src/proto/tcg/v2.rs @@ -452,35 +452,35 @@ pub struct PcrEvent<'a> { impl<'a> PcrEvent<'a> { unsafe fn from_ptr(ptr: *const u8, header: EventLogHeader<'a>) -> Option { let ptr_u32: *const u32 = ptr.cast(); - let pcr_index = PcrIndex(ptr_u32.read_unaligned()); - let event_type = EventType(ptr_u32.add(1).read_unaligned()); - let digests_count = ptr_u32.add(2).read_unaligned(); - let digests_ptr: *const u8 = ptr.add(12); + let pcr_index = PcrIndex(unsafe { ptr_u32.read_unaligned() }); + let event_type = EventType(unsafe { ptr_u32.add(1).read_unaligned() }); + let digests_count = unsafe { ptr_u32.add(2).read_unaligned() }; + let digests_ptr: *const u8 = unsafe { ptr.add(12) }; // Get the byte size of the digests so that the digests iterator // can be safe code. let mut digests_byte_size = 0; let mut elem_ptr = digests_ptr; for _ in 0..digests_count { - let algorithm_id = AlgorithmId(elem_ptr.cast::().read_unaligned()); + let algorithm_id = AlgorithmId(unsafe { elem_ptr.cast::().read_unaligned() }); let alg_and_digest_size = size_of::() + usize::from(header.algorithm_digest_sizes.get_size(algorithm_id)?); digests_byte_size += alg_and_digest_size; - elem_ptr = elem_ptr.add(alg_and_digest_size); + elem_ptr = unsafe { elem_ptr.add(alg_and_digest_size) }; } - let digests = slice::from_raw_parts(digests_ptr, digests_byte_size); - let event_size_ptr = digests_ptr.add(digests_byte_size); - let event_size = usize_from_u32(event_size_ptr.cast::().read_unaligned()); - let event_data_ptr = event_size_ptr.add(4); - let event_data = slice::from_raw_parts(event_data_ptr, event_size); + let digests = unsafe { slice::from_raw_parts(digests_ptr, digests_byte_size) }; + let event_size_ptr = unsafe { digests_ptr.add(digests_byte_size) }; + let event_size = usize_from_u32(unsafe { event_size_ptr.cast::().read_unaligned() }); + let event_data_ptr = unsafe { event_size_ptr.add(4) }; + let event_data = unsafe { slice::from_raw_parts(event_data_ptr, event_size) }; Some(Self { pcr_index, event_type, digests, event_data, - next: event_data_ptr.add(event_size), + next: unsafe { event_data_ptr.add(event_size) }, algorithm_digest_sizes: header.algorithm_digest_sizes, }) } diff --git a/uefi/src/runtime.rs b/uefi/src/runtime.rs index 2d2450265..52802cf6d 100644 --- a/uefi/src/runtime.rs +++ b/uefi/src/runtime.rs @@ -75,7 +75,7 @@ pub unsafe fn set_time(time: &Time) -> Result { let rt = unsafe { rt.as_ref() }; let time: *const Time = time; - (rt.set_time)(time.cast()).to_result() + unsafe { (rt.set_time)(time.cast()) }.to_result() } /// Checks if a variable exists. @@ -549,10 +549,11 @@ pub unsafe fn set_virtual_address_map( let entry_size = size_of::(); let entry_version = MemoryDescriptor::VERSION; let map_ptr = map.as_mut_ptr(); - (rt.set_virtual_address_map)(map_size, entry_size, entry_version, map_ptr).to_result()?; + unsafe { (rt.set_virtual_address_map)(map_size, entry_size, entry_version, map_ptr) } + .to_result()?; // Update the global system table pointer. - table::set_system_table(new_system_table_virtual_addr); + unsafe { table::set_system_table(new_system_table_virtual_addr) }; Ok(()) } diff --git a/uefi/src/util.rs b/uefi/src/util.rs index 8119383e3..4abe0cda1 100644 --- a/uefi/src/util.rs +++ b/uefi/src/util.rs @@ -5,8 +5,10 @@ use core::ptr::{self, NonNull}; /// Copy the bytes of `val` to `ptr`, then advance pointer to just after the /// newly-copied bytes. pub unsafe fn ptr_write_unaligned_and_add(ptr: &mut *mut u8, val: T) { - ptr.cast::().write_unaligned(val); - *ptr = ptr.add(size_of::()); + unsafe { + ptr.cast::().write_unaligned(val); + *ptr = ptr.add(size_of::()); + } } /// Convert from a `u32` to a `usize`. Panic if the input does fit. On typical