Bring in cpufeatures v0.2.9 #6
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
It was pinned due to issues around `aarch64_target_feature` stabilization, but those have been resolved upstream.
See rust-lang/unsafe-code-guidelines#133 Calling as_mut_ptr creates a unique reference, and as_ptr a shared reference. These 2 conflict, and one invalidates the other. Both ptr need to be reborrows of or be basically the same pointer.
Also removes all uses of `html_root_url` and relevant notes from Cargo.toml.
) Sometimes libraries want to be generic across types like `Vec<u8>` and `Box<[u8]>`. Therefore, they use bounds like `T: AsRef<[u8]>`. The `Zeroizing<Vec<u8>>` type should be transparently equivalent to `Vec<u8>` in this regard. This allows `Zeroizing` to be used with all such bounds. Signed-off-by: Nathaniel McCallum <[email protected]>
This implements Zeroize for std::ffi::CString. As CString is not in allocate but in std, a new optional std feature is added to depend on the std library.
This crate provides a `generic-array`-inspired array type which uses some of the ideas from `crypto-bigint` to provide type-level conversions between const generics and typenum-based arrays. I originally looked at trying to add this sort of thing as an afterthought to `generic-array`, but felt that it would really be helpful if it were the core abstraction everything else is built on. Also `generic-array` is full of huge swaths of complicated `unsafe` code which is completely unnecessary in the setup used in this crate, which merely uses the type system to map to Rust's underlying array types. It provides an `Array` type similar to `GenericArray` along with an `Array<T, const N: usize>` trait which can be used to map const generic parameters to underlying array types. Macros are used to write the `Array`/`ArraySize` trait impls for the following array sizes: - 0-64 - 96 - 128 - 192 - 256 - 384 - 448 - 512 - 768 - 896 - 1024 - 2048 - 8192 This is a smaller range of sizes than what `generic-array` supports due to `typenum` type alias definitions. It is necessary to make the const generic linkage work. The overall API is *much* closer to `core::array` than `GenericArray` is. For example, `GenericArray` has a panicking `From` providing `TryFrom`-like behavior, and confusingly receives the blanket impl of `TryFrom`, so people can mistakenly use `TryFrom` expecting a fallible API only to get the blanket impl of `From` and a panic in the event of an error. Everywhere possible, it uses const generic implementations of traits rather than macro-based implementations in order to improve compile times and keep the macro-based parts to a minimum. This includes: - `AsRef<[T; N]>` - `AsMut<[T; N]>` - `Borrow<[T; N]>` - `BorrowMut<T; N]>` - `From<[T; N]>` - `Index<I>` - `IndexMut<I>` - `TryFrom<&[T]>`
Adds support for extracting secp384r1 test vectors from Wycheproof, in order to test the `p384` crate.
Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.36 to 1.0.39. - [Release notes](https://github.com/dtolnay/proc-macro2/releases) - [Commits](dtolnay/proc-macro2@1.0.36...1.0.39) --- updated-dependencies: - dependency-name: proc-macro2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This crate is a tool for transforming `fiat-crypto`-generated field arithmetic into `const fn` form. It performs mechanical translation to the parsed AST of the code, making some assumptions about how it's structured and rewriting the usages of mutable references into a functional form. Manual tests confirm the output from the p386 base field compiles.
Adds `allow` directives for the following: - `clippy::identity_op` - `clippy::unnecessary_cast`
Reorder code in terms of precedence; add whitespace
Uses a 32-bit Linux target
This test relies on UB and is flaking out in certain cases: RustCrypto#774 It's unclear if the test failure indicates a genuine bug in the implementation, or is the result of a test with UB. However, in the meantime it shouldn't block users who would just like the test suite to run reliably.
Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.39 to 1.0.40. - [Release notes](https://github.com/dtolnay/proc-macro2/releases) - [Commits](dtolnay/proc-macro2@1.0.39...1.0.40) --- updated-dependencies: - dependency-name: proc-macro2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This (optional) feature implements Serialize/Deserialize for Zeroizing when the inner type implements these traits. This makes it possible to use Zeroizing in serde contexts. Signed-off-by: Nathaniel McCallum <[email protected]>
Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.40 to 1.0.42. - [Release notes](https://github.com/dtolnay/proc-macro2/releases) - [Commits](dtolnay/proc-macro2@1.0.40...1.0.42) --- updated-dependencies: - dependency-name: proc-macro2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Miri is an interpreter, and though it tries to emulate the target CPU it does not support any target features.
This fixes compilation of dependent crates for these targets.
For example, `sha2`:
Before:
```
$ cargo build --target x86_64-unknown-none --no-default-features
Compiling sha2 v0.10.6 (/home/rvolosatovs/src/github.com/rustcrypto/hashes/sha2)
LLVM ERROR: Do not know how to split the result of this operator!
error: could not compile `sha2`
$ cargo build --target x86_64-unknown-uefi --no-default-features
Compiling sha2 v0.10.6 (/home/rvolosatovs/src/github.com/rustcrypto/hashes/sha2)
LLVM ERROR: Do not know how to split the result of this operator!
error: could not compile `sha2`
```
After:
```
$ cargo build --target x86_64-unknown-none --no-default-features
Compiling cpufeatures v0.2.5 (/home/rvolosatovs/src/github.com/rustcrypto/utils/cpufeatures)
Compiling sha2 v0.10.6 (/home/rvolosatovs/src/github.com/rustcrypto/hashes/sha2)
Finished dev [optimized + debuginfo] target(s) in 0.19s
$ cargo build --target x86_64-unknown-uefi --no-default-features
Compiling cpufeatures v0.2.5 (/home/rvolosatovs/src/github.com/rustcrypto/utils/cpufeatures)
Compiling sha2 v0.10.6 (/home/rvolosatovs/src/github.com/rustcrypto/hashes/sha2)
Finished dev [optimized + debuginfo] target(s) in 0.19s
```
Signed-off-by: Roman Volosatovs <[email protected]>
It's quite annoying to have to add a generic parameter to `ArraySize`, particularly when notating it in bounds. GATs provide a solution to this problem, moving the type parameter to the associated type so bounds are simply `N: ArraySize`.
Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.57 to 1.0.59. - [Release notes](https://github.com/dtolnay/proc-macro2/releases) - [Commits](dtolnay/proc-macro2@1.0.57...1.0.59) --- updated-dependencies: - dependency-name: proc-macro2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Adds a set of reference conversions to `Array<T, U>` as well as the `ArrayOps` trait: - `&Array<T, U>`: `From<&[T, N]>` + TryFrom<&[T]> - `&mut Array<T, U>`: `From<&mut [T, N]>` + `TryFrom<&mut [T]>` The implementation uses an unsafe pointer cast to convert a slice into the corresponding reference newtype. Additionally it adds the following panicking inherent methods to `Array<T, U>` to ease migrating code based on `GenericArray`: - `Array::ref_from_slice`: alternative to `GenericArray::from_slice` - `Array::ref_from_mut_slice`: alternative to `GenericArray::from_mut_slice` - `Array::clone_from_slice`: alternative to `GenericArray::clone_from_slice` These methods are marked with TODOs to deprecate them before a final v0.2.0 release, however for now they're not deprecate to ease a migration.
Adds an extension trait with a blanket impl for all core arrays, and adds it to the bounds for `ArraySize::ArrayType`. It currently provides a `from_fn` constructor which is now leveraged by a now-generic `Default` impl which bounds on `ArraySize`. This reduces the bounds needed in generic code to just `ArraySize`, even to leverage the `Default` impl, and should also permit some additional array constructors.
Derefs to the inner core array type. Also adds bounds for `Deref`/`DerefMut` to `ArrayOps`, with a `Target` of `[T; N]`.
…RustCrypto#910) Changes `ArrayOps` to contain only operations that need to know the exact size (as a const generic) of an associated array.
It's leaked through `ArraySize::ArrayType` bounds, and it may potentially be useful to have in the public API.
This makes porting existing `generic-array` code easier, and also means deref coercion will allow `&Array<T, _>` to deref to `&[T]`, making it usable anywhere a slice is.
It's used when checking the lengths of slices match an array size prior to using a pointer cast to convert types. If someone were to make their own `typenum::Unsigned` type and impl `ArraySize` for it with an `ArrayType` whose size does not match `Unsigned::USIZE`, that would be UB. Really `ArraySize` is not intended for downstream crates to impl anyway, but making it an `unsafe trait` at least captures the UB potential. Additionally this adds more debug checks to `check_slice_length` to ensure that if there is a length mismatch, it's at least caught in debug builds.
Renames the following methods of the `ArrayOps` trait: - `as_array_ref` -> `as_core_array` - `as_array_mut` -> `as_mut_core_array` - `from_core_array_ref` -> `ref_from_core_array` - `from_core_array_mut` -> `ref_from_mut_core_array` - `map` -> `map_to_core_array`
nick-mobilecoin
approved these changes
Sep 13, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR merges the
cpufeatures-v0.2.9tag while maintaining our hack that disables theCPUIDcall.This is used in enclave builds. I needed 0.2.9 since the crates that depend on
cpufeaturesmoved to that version.I verified this works by deploying it: https://github.com/mobilecoinfoundation/mobilecoin/actions/runs/6178026343
Prior to this switch, the enclave crashed (since the stock
cpufeatures0.2.9 was included, which calledCPUIDinside SGX).