Skip to content

sgx: avoid unnecessarily creating a slice #149113

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

sgx: avoid unnecessarily creating a slice #149113

wants to merge 1 commit into from
+1 −8

Conversation

@RalfJung
Copy link
Member

@RalfJung RalfJung commented Nov 19, 2025

Cc @jethrogb -- no idea why this created a slice only to directly convert it back to a raw pointer, but we can avoid this and in fact make the entire function safe. I didn't change the function signature (it's still an unsafe fn) as I know nothing about the surrounding code.

@rustbot rustbot added O-SGX Target: SGX S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Nov 19, 2025
@rustbot
Copy link
Collaborator

rustbot commented Nov 19, 2025

r? @ChrisDenton

rustbot has assigned @ChrisDenton.
They will have a look at your PR within the next two weeks and either review your PR or reassign to another reviewer.

Use r? to explicitly pick a reviewer

@jethrogb
Copy link
Contributor

jethrogb commented Nov 19, 2025
edited
Loading

no idea why

ptr::slice_from_raw_parts_mut was added in 8b21b07. This code was added in 1e44e2d, which predates that.

@jethrogb
Copy link
Contributor

jethrogb commented Nov 19, 2025

make the entire function safe

So the Safety documentation section of the trait method seems to imply that the following invariant must be upheld

  • T: UserSafe implies that the memory location of T is in user (not enclave) memory.

However, I think that may be incorrect. I think a similar invariant is upheld by the UserRef and User types. Also UserSafe is implemented for regular primitive Rust types (like u8), so it sounds weird that implementing that trait somehow adds this kind of restriction.

@RalfJung
Copy link
Member Author

RalfJung commented Nov 20, 2025

It is also generally odd to have a safety comment on a trait impl that's not the same as the one in the trait itself -- callers that use a generic T: UserSafe will not know about the specific requirement of this impl.

Anyway I won't be conducting a refactor of that trait here, I just noticed this little improvement inside the slice impl. I will leave follow-up cleanup to people that understand the surrounding context better :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@ChrisDenton ChrisDenton

Labels

O-SGX Target: SGX S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-libs Relevant to the library team, which will review and decide on the PR/issue.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@RalfJung @rustbot @jethrogb @ChrisDenton