pvmfw: Make the NonZeroUsize FDT_SIZE non-const
There seems to be a bug with clippy::undocumented_unsafe_blocks (in
whichever version Soong uses, AOSP ships 1.68, 1.69, and 1.70), where
the SAFETY comment preceding the definition of the const is ignored:
error: unsafe block missing a safety comment
--> packages/modules/Virtualization/pvmfw/src/entry.rs:89:40
|
89 | const FDT_SIZE: NonZeroUsize = unsafe { NonZeroUsize::new_unchecked(FDT_MAX_SIZE) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= help: consider adding a safety comment on the preceding line
So please Clippy by replacing the unsafe with a (safe) runtime check.
Test: m pvmfw_bin
Change-Id: Iaf390027ec8be9f06c7a26928dfa5936736e26f2
diff --git a/pvmfw/src/entry.rs b/pvmfw/src/entry.rs
index 2d1c418..f3bd637 100644
--- a/pvmfw/src/entry.rs
+++ b/pvmfw/src/entry.rs
@@ -84,12 +84,11 @@
impl<'a> MemorySlices<'a> {
fn new(fdt: usize, kernel: usize, kernel_size: usize) -> Result<Self, RebootReason> {
- // SAFETY - SIZE_2MB is non-zero.
- const FDT_SIZE: NonZeroUsize = unsafe { NonZeroUsize::new_unchecked(crosvm::FDT_MAX_SIZE) };
+ let fdt_size = NonZeroUsize::new(crosvm::FDT_MAX_SIZE).unwrap();
// TODO - Only map the FDT as read-only, until we modify it right before jump_to_payload()
// e.g. by generating a DTBO for a template DT in main() and, on return, re-map DT as RW,
// overwrite with the template DT and apply the DTBO.
- let range = MEMORY.lock().as_mut().unwrap().alloc_mut(fdt, FDT_SIZE).map_err(|e| {
+ let range = MEMORY.lock().as_mut().unwrap().alloc_mut(fdt, fdt_size).map_err(|e| {
error!("Failed to allocate the FDT range: {e}");
RebootReason::InternalError
})?;