Rethink (im)mutabiltiy of device paths (DevicePathBuilder / install_protocol_interface)
#970
Comments
phip1611
changed the title
DevicePathBuilder / install_protocol_interface)DevicePathBuilder / install_protocol_interface)
|
It would be nice to be able to build device paths as global constants as well. This would sidestep the use-after-free issues from nix-community/lanzaboote#194. |
|
🔝 I wonder if this is possible without (procedural) macros but only const functions 🤔 I have to take a closer look at device paths. |
A protocol's interface may mutate itself, but the void pointer passed to the
`{install,reinstall,uninstall}_protocol_interface` functions is opaque to the
firmware, so there's no need for it to be a mut pointer.
Note that from a Rust safety perspective there's no difference here -- mut and
const pointers are interchangeable.
rust-osdev#970
|
I agree with you that install_protocol_interface could just take a const pointer. Put up #981 for that. Interesting idea about constructing const device paths. It's tricky in the general case since some nodes are rather dynamic. We'd also have to change our current trait-based approach (https://docs.rs/uefi/latest/uefi/proto/device_path/build/trait.BuildNode.html), since I don't think there's any way to declare const fns in traits yet. |
|
I opened #983 for building device paths as constants. |
DevicePathBuilder::finalize()returns a&DevicePath. If one wants to install this to a handle usinginstall_protocol_interface, one has to cast that to a*mut c_void. It feels unhandy to change the mutability here.Also, I'm not sure if
install_protocol_interfacecould just consume a *const`. In the spec, I don't find something that says that this needs to be mutable:https://uefi.org/specs/UEFI/2.10/07_Services_Boot_Services.html?highlight=install_protocol_interface
Code that uses this functionality can be found here: nix-community/lanzaboote#194
The text was updated successfully, but these errors were encountered: