From 000b76edd9ff665d671c236dadaa11d79120f186 Mon Sep 17 00:00:00 2001 From: Sebastian Walz Date: Mon, 13 Nov 2023 12:34:03 +0100 Subject: [PATCH] feat: release the turbofish Unlike functions with anonymous generic arguments (foo: impl Bar), functions with named generic arguments can be called using the turbofish-notation `foo::` in the case of the compiler unable to infer the type themself. IMHO, in library-methods, anonymous generics should be avoided. Hoewever, they are perfectly fine for internal methods and functions or in an initial implementation. In memory of Anna Harren. --- src/builtins/systemio.rs | 16 ++++++++-------- src/landlock.rs | 2 +- src/lib.rs | 8 ++++---- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/src/builtins/systemio.rs b/src/builtins/systemio.rs index 45188dd..9ff3dfe 100644 --- a/src/builtins/systemio.rs +++ b/src/builtins/systemio.rs @@ -265,7 +265,7 @@ impl RuleSet for SystemIO { #[cfg(feature = "landlock")] impl SystemIO { - fn insert_flags(&mut self, path: impl AsRef, new_flags: BitFlags) { + fn insert_flags>(&mut self, path: P, new_flags: BitFlags) { let path = path.as_ref().to_path_buf(); let _flag = self.landlock_rules.entry(path.clone()) .and_modify(|existing_flags| existing_flags.access_rules.insert(new_flags)) @@ -278,7 +278,7 @@ impl SystemIO { /// /// Note that if this is used with [`allow_open_readonly`] or other syscall-argument restricting /// methods, applying the `SafetyContext` will fail. - pub fn allow_read_path(mut self, path: impl AsRef) -> SystemIO { + pub fn allow_read_path>(mut self, path: P) -> SystemIO { let new_flags = access::read_path(); self.insert_flags(path, new_flags); @@ -294,7 +294,7 @@ impl SystemIO { /// /// Note that if this is used with [`allow_open_readonly`] or other syscall-argument restricting /// methods, applying the `SafetyContext` will fail. - pub fn allow_write_file(mut self, path: impl AsRef) -> SystemIO { + pub fn allow_write_file>(mut self, path: P) -> SystemIO { let new_flags = access::write_file(); self.insert_flags(path, new_flags); @@ -310,7 +310,7 @@ impl SystemIO { /// /// Note that if this is used with [`allow_open_readonly`] or other syscall-argument restricting /// methods, applying the `SafetyContext` will fail. - pub fn allow_create_in_dir(mut self, path: impl AsRef) -> SystemIO { + pub fn allow_create_in_dir>(mut self, path: P) -> SystemIO { // write file here allows us to create files, but in order to actually write to them, you'd // need to enable the write syscall. let new_flags = access::create_file() | access::write_file(); @@ -323,7 +323,7 @@ impl SystemIO { /// Use Landlock to allow listing the contents of the given directory. If this function is /// called multiple times, all directories passed will be allowed. - pub fn allow_list_dir(mut self, path: impl AsRef) -> SystemIO { + pub fn allow_list_dir>(mut self, path: P) -> SystemIO { let new_flags = access::list_dir(); self.insert_flags(path, new_flags); @@ -336,7 +336,7 @@ impl SystemIO { /// Use Landlock to allow creating directories. If this function is called multiple times, all /// directories passed will be allowed. - pub fn allow_create_dir(mut self, path: impl AsRef) -> SystemIO { + pub fn allow_create_dir>(mut self, path: P) -> SystemIO { let new_flags = access::create_dir(); self.insert_flags(path, new_flags); @@ -347,7 +347,7 @@ impl SystemIO { /// Use Landlock to allow deleting files. If this function is called multiple times, all files /// passed will be allowed. - pub fn allow_remove_file(mut self, path: impl AsRef) -> SystemIO { + pub fn allow_remove_file>(mut self, path: P) -> SystemIO { let new_flags = access::delete_file(); self.insert_flags(path, new_flags); @@ -364,7 +364,7 @@ impl SystemIO { /// /// Also recall that that in order to delete a directory with `unlink` or `rmdir` it must be /// empty. - pub fn allow_remove_dir(mut self, path: impl AsRef) -> SystemIO { + pub fn allow_remove_dir>(mut self, path: P) -> SystemIO { let new_flags = access::delete_dir(); self.insert_flags(path, new_flags); diff --git a/src/landlock.rs b/src/landlock.rs index e9f0524..3ce20a8 100644 --- a/src/landlock.rs +++ b/src/landlock.rs @@ -19,7 +19,7 @@ pub struct LandlockRule { impl LandlockRule { /// Create a new Landlock Rule. - pub fn new(path: impl AsRef, access_rules: BitFlags) -> LandlockRule { + pub fn new>(path: P, access_rules: BitFlags) -> LandlockRule { let path = path.as_ref().into(); LandlockRule { path, diff --git a/src/lib.rs b/src/lib.rs index b45fb65..cc558ba 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -270,7 +270,7 @@ impl SafetyContext { /// Gather unconditional and conditional seccomp rules to be provided to the seccomp context. #[allow(clippy::needless_pass_by_value)] - fn gather_rules(rules: impl RuleSet) -> Vec { + fn gather_rules(rules: R) -> Vec { let base_syscalls = rules.simple_rules(); let mut rules = rules.conditional_rules(); for syscall in base_syscalls { @@ -289,7 +289,7 @@ impl SafetyContext { /// # Errors /// Will return [`ExtraSafeError::ConditionalNoEffectError`] if a conditional rule is enabled at /// the same time as a simple rule for a syscall, which would override the conditional rule. - pub fn enable(mut self, policy: impl RuleSet) -> Result { + pub fn enable(mut self, policy: R) -> Result { #[cfg(feature = "landlock")] self.enable_landlock_rules(&policy)?; @@ -299,7 +299,7 @@ impl SafetyContext { } #[cfg(feature = "landlock")] - fn enable_landlock_rules(&mut self, policy: &impl RuleSet) -> Result<(), ExtraSafeError> { + fn enable_landlock_rules(&mut self, policy: &R) -> Result<(), ExtraSafeError> { let name = policy.name(); let rules = policy.landlock_rules().into_iter() .map(|rule| (rule.path.clone(), LabeledLandlockRule(name, rule))); @@ -315,7 +315,7 @@ impl SafetyContext { Ok(()) } - fn enable_seccomp_rules(&mut self, policy: impl RuleSet) -> Result<(), ExtraSafeError> { + fn enable_seccomp_rules(&mut self, policy: R) -> Result<(), ExtraSafeError> { let policy_name = policy.name(); let new_rules = SafetyContext::gather_rules(policy) .into_iter()