diff --git a/flowey/flowey_hvlite/src/main.rs b/flowey/flowey_hvlite/src/main.rs index 20d07ce69d..0051cf5961 100644 --- a/flowey/flowey_hvlite/src/main.rs +++ b/flowey/flowey_hvlite/src/main.rs @@ -3,6 +3,8 @@ //! Flowey pipelines used by the OpenVMM project +#![forbid(unsafe_code)] + fn main() { flowey_cli::flowey_main::( "flowey_hvlite", diff --git a/hyperv/tools/hypestv/src/main.rs b/hyperv/tools/hypestv/src/main.rs index 63184b4f15..00ed68fba5 100644 --- a/hyperv/tools/hypestv/src/main.rs +++ b/hyperv/tools/hypestv/src/main.rs @@ -3,6 +3,8 @@ //! Interactive CLI for Hyper-V VMs. +#![forbid(unsafe_code)] + mod windows; #[cfg(windows)] diff --git a/openhcl/ohcldiag-dev/src/main.rs b/openhcl/ohcldiag-dev/src/main.rs index 50a3f11948..89658097a3 100644 --- a/openhcl/ohcldiag-dev/src/main.rs +++ b/openhcl/ohcldiag-dev/src/main.rs @@ -5,6 +5,7 @@ //! guarantees. #![expect(missing_docs)] +#![forbid(unsafe_code)] mod completions; diff --git a/openhcl/openvmm_hcl/src/main.rs b/openhcl/openvmm_hcl/src/main.rs index d14da3d051..635373be2e 100644 --- a/openhcl/openvmm_hcl/src/main.rs +++ b/openhcl/openvmm_hcl/src/main.rs @@ -3,6 +3,8 @@ //! Root binary crate for builds of OpenVMM-HCL. +#![forbid(unsafe_code)] + // Link resources. #[cfg(target_os = "linux")] use openvmm_hcl_resources as _; diff --git a/openvmm/openvmm/src/main.rs b/openvmm/openvmm/src/main.rs index 26cff506d4..a2c7f03be4 100644 --- a/openvmm/openvmm/src/main.rs +++ b/openvmm/openvmm/src/main.rs @@ -3,6 +3,8 @@ //! Root binary crate for OpenVMM. +#![forbid(unsafe_code)] + // Ensure openvmm_resources gets linked. extern crate openvmm_resources as _; diff --git a/petri/petri-tool/src/main.rs b/petri/petri-tool/src/main.rs index 4da976f84d..44a81180bb 100644 --- a/petri/petri-tool/src/main.rs +++ b/petri/petri-tool/src/main.rs @@ -3,6 +3,8 @@ //! Tool for using petri functionality from the command line. +#![forbid(unsafe_code)] + use anyhow::Context as _; use clap::Parser; use petri::ArtifactResolver; diff --git a/petri/pipette/src/agent.rs b/petri/pipette/src/agent.rs index cb39e9e8b0..811fe086c3 100644 --- a/petri/pipette/src/agent.rs +++ b/petri/pipette/src/agent.rs @@ -3,8 +3,6 @@ //! The main pipette agent, which is run when the process starts. -#![cfg(any(target_os = "linux", target_os = "windows"))] - use anyhow::Context; use futures::future::FutureExt; use futures_concurrency::future::RaceOk; diff --git a/petri/pipette/src/execute.rs b/petri/pipette/src/execute.rs index 6cf5caa55e..b688e6f864 100644 --- a/petri/pipette/src/execute.rs +++ b/petri/pipette/src/execute.rs @@ -3,8 +3,6 @@ //! Handler for the execute request. -#![cfg(any(target_os = "linux", target_os = "windows"))] - use futures::executor::block_on; use futures::io::AllowStdIo; use std::process::Stdio; diff --git a/petri/pipette/src/main.rs b/petri/pipette/src/main.rs index 4d92876247..0823b5e721 100644 --- a/petri/pipette/src/main.rs +++ b/petri/pipette/src/main.rs @@ -4,21 +4,20 @@ //! This is the petri pipette agent, which runs on the guest and executes //! commands and other requests from the host. +#![cfg_attr(not(windows), forbid(unsafe_code))] + +#[cfg(any(target_os = "linux", windows))] mod agent; +#[cfg(any(target_os = "linux", windows))] mod execute; +#[cfg(any(target_os = "linux", windows))] mod shutdown; +#[cfg(any(target_os = "linux", windows))] mod trace; #[cfg(windows)] mod winsvc; -// This is here to satisfy rust-analyzer on macos. Pipette does not yet support -// macos. -#[cfg(target_os = "macos")] -fn main() -> anyhow::Result<()> { - anyhow::bail!("unsupported on macos") -} - -#[cfg(any(target_os = "linux", target_os = "windows"))] +#[cfg(any(target_os = "linux", windows))] fn main() -> anyhow::Result<()> { #[cfg(windows)] if std::env::args().nth(1).as_deref() == Some("--service") { @@ -30,3 +29,8 @@ fn main() -> anyhow::Result<()> { agent.run().await }) } + +#[cfg(not(any(target_os = "linux", windows)))] +fn main() -> anyhow::Result<()> { + anyhow::bail!("unsupported platform"); +} diff --git a/petri/pipette/src/shutdown.rs b/petri/pipette/src/shutdown.rs index a5baa76b4e..df6a64bd2f 100644 --- a/petri/pipette/src/shutdown.rs +++ b/petri/pipette/src/shutdown.rs @@ -3,7 +3,6 @@ //! Handler for the power off request. -#![cfg(any(target_os = "linux", target_os = "windows"))] // UNSAFETY: required for Windows shutdown API #![cfg_attr(windows, expect(unsafe_code))] diff --git a/petri/pipette/src/trace.rs b/petri/pipette/src/trace.rs index 6a502edd41..f811296e37 100644 --- a/petri/pipette/src/trace.rs +++ b/petri/pipette/src/trace.rs @@ -3,8 +3,6 @@ //! [`tracing`] support. -#![cfg(any(target_os = "linux", target_os = "windows"))] - use std::sync::Arc; use tracing_subscriber::filter::Targets; use tracing_subscriber::fmt::format::FmtSpan; diff --git a/support/atomic_ringbuf/src/lib.rs b/support/atomic_ringbuf/src/lib.rs index 8d5d93a9f8..297f91bba2 100644 --- a/support/atomic_ringbuf/src/lib.rs +++ b/support/atomic_ringbuf/src/lib.rs @@ -9,6 +9,8 @@ //! for when they miss an update and the ring buffer wraps around. Writing //! is synchronized with a lock, but read attempts are never blocked. +#![forbid(unsafe_code)] + cfg_if::cfg_if! { if #[cfg(all(target_arch = "x86_64", test))] { // xtask-fmt allow-target-arch dependency use loom::sync::Mutex; diff --git a/support/cache_topology/src/lib.rs b/support/cache_topology/src/lib.rs index 437d90c489..f06632ab15 100644 --- a/support/cache_topology/src/lib.rs +++ b/support/cache_topology/src/lib.rs @@ -4,9 +4,6 @@ //! Provides ways to describe a machine's cache topology and to query it from //! the current running machine. -// UNSAFETY: needed to call Win32 functions to query cache topology -#![cfg_attr(windows, expect(unsafe_code))] - use thiserror::Error; /// A machine's cache topology. @@ -63,6 +60,8 @@ impl CacheTopology { } #[cfg(windows)] +// UNSAFETY: needed to call Win32 functions to query cache topology +#[expect(unsafe_code)] mod windows { use super::CacheTopology; use crate::Cache; diff --git a/vm/devices/storage/disk_vhd1/Cargo.toml b/vm/devices/storage/disk_vhd1/Cargo.toml index c58670b724..9f791d7a18 100644 --- a/vm/devices/storage/disk_vhd1/Cargo.toml +++ b/vm/devices/storage/disk_vhd1/Cargo.toml @@ -23,9 +23,6 @@ zerocopy.workspace = true [dev-dependencies] tempfile.workspace = true -[target.'cfg(unix)'.dependencies] - -[target.'cfg(target_os = "linux")'.dependencies] [lints] workspace = true diff --git a/vm/devices/support/fs/lxutil/src/lib.rs b/vm/devices/support/fs/lxutil/src/lib.rs index 1188ea198f..f15ca5e3a5 100644 --- a/vm/devices/support/fs/lxutil/src/lib.rs +++ b/vm/devices/support/fs/lxutil/src/lib.rs @@ -2087,7 +2087,7 @@ mod tests { // the case sensitive directory attribute, which is only enabled if the WSL optional component // is installed. #[test] - #[cfg(any(unix, not(feature = "ci")))] + #[cfg(not(all(windows, feature = "ci")))] fn case_sensitive() { let env = TestEnv::with_options(LxVolumeOptions::new().create_case_sensitive_dirs(true)); diff --git a/vm/loader/igvmfilegen/src/main.rs b/vm/loader/igvmfilegen/src/main.rs index ecee5cad8b..e795633122 100644 --- a/vm/loader/igvmfilegen/src/main.rs +++ b/vm/loader/igvmfilegen/src/main.rs @@ -3,6 +3,8 @@ //! Implements a command line utility to generate IGVM files. +#![forbid(unsafe_code)] + mod file_loader; mod identity_mapping; mod signed_measurement; diff --git a/vm/vmgs/vmgstool/src/main.rs b/vm/vmgs/vmgstool/src/main.rs index 9298ba5716..36f444b90e 100644 --- a/vm/vmgs/vmgstool/src/main.rs +++ b/vm/vmgs/vmgstool/src/main.rs @@ -2,6 +2,7 @@ // Licensed under the MIT License. #![expect(missing_docs)] +#![forbid(unsafe_code)] mod storage_backend; #[cfg(feature = "test_helpers")] diff --git a/vmm_tests/vmm_tests/tests/tests/main.rs b/vmm_tests/vmm_tests/tests/tests/main.rs index c7860300e6..0292e26c93 100644 --- a/vmm_tests/vmm_tests/tests/tests/main.rs +++ b/vmm_tests/vmm_tests/tests/tests/main.rs @@ -2,6 +2,7 @@ // Licensed under the MIT License. #![expect(missing_docs)] +#![forbid(unsafe_code)] //! A collection of end-to-end VMM tests. //! diff --git a/vmm_tests/vmm_tests/tests/tmks.rs b/vmm_tests/vmm_tests/tests/tmks.rs index 3849b81394..115b264098 100644 --- a/vmm_tests/vmm_tests/tests/tmks.rs +++ b/vmm_tests/vmm_tests/tests/tmks.rs @@ -3,6 +3,8 @@ //! Test entrypoint for running TMK tests in different environments. +#![forbid(unsafe_code)] + // Include all the tests. // // FUTURE: probably the tmk_tests package should own this crate, rather than diff --git a/xtask/src/main.rs b/xtask/src/main.rs index ebbfe76ce6..ce7980c6bb 100644 --- a/xtask/src/main.rs +++ b/xtask/src/main.rs @@ -8,6 +8,8 @@ //! Follows the xtask workflow/convention, as described at //! +#![forbid(unsafe_code)] + use anyhow::Context; use clap::Parser; use clap::Subcommand;