Require safety comments on aarch64-only code too.

google · Jul 4, 2023 · 46f69fc · 46f69fc
1 parent 8093ea7
commit 46f69fc
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 7 deletions.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -30,6 +30,11 @@ jobs:
         uses: actions-rs/clippy-check@v1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Run clippy for aarch64
+        uses: actions-rs/clippy-check@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          args: --target=aarch64-unknown-none
 
   format:
     runs-on: ubuntu-latest

diff --git a/src/lib.rs b/src/lib.rs
@@ -126,10 +126,10 @@ impl<T: Translation + Clone> Mapping<T> {
         assert!(self.previous_ttbr.is_none());
 
         let mut previous_ttbr;
+        // SAFETY: Safe because we trust that self.root.to_physical() returns a valid physical
+        // address of a page table, and the `Drop` implementation will reset `TTBRn_EL1` before it
+        // becomes invalid.
         unsafe {
-            // Safe because we trust that self.root.to_physical() returns a valid physical address
-            // of a page table, and the `Drop` implementation will reset `TTBRn_EL1` before it
-            // becomes invalid.
             match self.root.va_range() {
                 VaRange::Lower => asm!(
                     "mrs   {previous_ttbr}, ttbr0_el1",
@@ -160,9 +160,9 @@ impl<T: Translation + Clone> Mapping<T> {
     /// called.
     #[cfg(target_arch = "aarch64")]
     pub fn deactivate(&mut self) {
+        // SAFETY: Safe because this just restores the previously saved value of `TTBRn_EL1`, which
+        // must have been valid.
         unsafe {
-            // Safe because this just restores the previously saved value of `TTBRn_EL1`, which must
-            // have been valid.
             match self.root.va_range() {
                 VaRange::Lower => asm!(
                     "msr   ttbr0_el1, {ttbrval}",
@@ -212,8 +212,8 @@ impl<T: Translation + Clone> Mapping<T> {
     ) -> Result<(), MapError> {
         self.root.map_range(range, pa, flags)?;
         #[cfg(target_arch = "aarch64")]
+        // SAFETY: Safe because this is just a memory barrier.
         unsafe {
-            // Safe because this is just a memory barrier.
             asm!("dsb ishst");
         }
         Ok(())
@@ -240,8 +240,8 @@ impl<T: Translation + Clone> Mapping<T> {
     pub fn modify_range(&mut self, range: &MemoryRegion, f: &PteUpdater) -> Result<(), MapError> {
         self.root.modify_range(range, f)?;
         #[cfg(target_arch = "aarch64")]
+        // SAFETY: Safe because this is just a memory barrier.
         unsafe {
-            // Safe because this is just a memory barrier.
             asm!("dsb ishst");
         }
         Ok(())