From e99ad986d5ba607df14f0796f02ab2734106338a Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Mon, 17 Jun 2024 10:58:10 -0700 Subject: [PATCH] MSRV 1.63: use_file: Clarify I/O safety using `BorrowedFd`. --- .clippy.toml | 2 +- .github/workflows/tests.yml | 2 +- Cargo.toml | 2 +- README.md | 2 +- src/use_file.rs | 16 +++++++--------- 5 files changed, 11 insertions(+), 13 deletions(-) diff --git a/.clippy.toml b/.clippy.toml index 13f202e9..550d4759 100644 --- a/.clippy.toml +++ b/.clippy.toml @@ -1 +1 @@ -msrv = "1.60" +msrv = "1.63" diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 922e8fd4..149c4288 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -22,7 +22,7 @@ jobs: strategy: matrix: os: [ubuntu-22.04, windows-2022] - toolchain: [nightly, beta, stable, "1.60"] + toolchain: [nightly, beta, stable, "1.63"] # Only Test macOS on stable to reduce macOS CI jobs include: # x86_64-apple-darwin. diff --git a/Cargo.toml b/Cargo.toml index 47c7fd28..f2b7445b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -2,7 +2,7 @@ name = "getrandom" version = "0.2.15" # Also update html_root_url in lib.rs when bumping this edition = "2021" -rust-version = "1.60" # Sync .clippy.toml, tests.yml, and README.md. +rust-version = "1.63" # Sync .clippy.toml, tests.yml, and README.md. authors = ["The Rand Project Developers"] license = "MIT OR Apache-2.0" description = "A small cross-platform library for retrieving random data from system source" diff --git a/README.md b/README.md index ef8a6ce2..bbab4f28 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ crate features, WASM support and Custom RNGs see the ## Minimum Supported Rust Version -This crate requires Rust 1.60.0 or later. +This crate requires Rust 1.63.0 or later. ## Platform Support diff --git a/src/use_file.rs b/src/use_file.rs index ef215182..653775e9 100644 --- a/src/use_file.rs +++ b/src/use_file.rs @@ -11,7 +11,7 @@ use core::{ }; use std::{ fs, io, - os::fd::{IntoRawFd as _, RawFd}, + os::fd::{AsRawFd as _, BorrowedFd, IntoRawFd as _, RawFd}, }; /// For all platforms, we use `/dev/urandom` rather than `/dev/random`. @@ -28,28 +28,28 @@ const FILE_PATH: &str = "/dev/urandom"; pub fn getrandom_inner(dest: &mut [MaybeUninit]) -> Result<(), Error> { let fd = get_rng_fd()?; sys_fill_exact(dest, |buf| unsafe { - libc::read(fd, buf.as_mut_ptr().cast::(), buf.len()) + libc::read(fd.as_raw_fd(), buf.as_mut_ptr().cast::(), buf.len()) }) } // Returns the file descriptor for the device file used to retrieve random // bytes. The file will be opened exactly once. All subsequent calls will // return the same file descriptor. This file descriptor is never closed. -fn get_rng_fd() -> Result { +fn get_rng_fd() -> Result, Error> { // std::os::fd::{BorrowedFd, OwnedFd} guarantee that -1 is not a valid file descriptor. const FD_UNINIT: RawFd = -1; static FD: AtomicI32 = AtomicI32::new(FD_UNINIT); - fn get_fd() -> Option { + fn get_fd() -> Option> { match FD.load(Relaxed) { FD_UNINIT => None, - val => Some(val), + val => Some(unsafe { BorrowedFd::borrow_raw(val) }), } } #[cold] - fn get_fd_locked() -> Result { + fn get_fd_locked() -> Result, Error> { // SAFETY: We use the mutex only in this method, and we always unlock it // before returning, making sure we don't violate the pthread_mutex_t API. static MUTEX: Mutex = Mutex::new(); @@ -71,7 +71,7 @@ fn get_rng_fd() -> Result { debug_assert!(fd != FD_UNINIT); FD.store(fd, Relaxed); - Ok(fd) + Ok(unsafe { BorrowedFd::borrow_raw(fd) }) } // Use double-checked locking to avoid acquiring the lock if possible. @@ -112,8 +112,6 @@ fn get_rng_fd() -> Result { // libsodium uses `libc::poll` similarly to this. #[cfg(any(target_os = "android", target_os = "linux"))] fn wait_until_rng_ready() -> Result<(), Error> { - use std::os::unix::io::AsRawFd as _; - let file = fs::File::open("/dev/random").map_err(map_io_error)?; let mut pfd = libc::pollfd { fd: file.as_raw_fd(),