XXX multiboot2-hdr

Author: phip1611

Cargo.lock

@@ -34,8 +34,6 @@ pub mod iter;
 #[allow(unused)]
 pub mod test_utils;
 
-pub use iter::TagBytesIter;
-
 use core::fmt::Debug;
 use core::marker::PhantomData;
 use core::mem;

multiboot2-common/src/lib.rs

@@ -41,7 +41,10 @@ unstable = []
 
 [dependencies]
 derive_more.workspace = true
+log.workspace = true
+ptr_meta.workspace = true
 multiboot2 = { version = "0.20.0", default-features = false }
+multiboot2-common = "0.1.0"
 
 [package.metadata.docs.rs]
 all-features = true

multiboot2-header/Cargo.toml

@@ -6,6 +6,11 @@ use crate::{
 };
 use core::fmt::{Debug, Formatter};
 use core::mem::size_of;
+use core::slice;
+use core::{mem, ptr};
+use multiboot2::{TagHeader, TagTrait};
+use multiboot2_common::iter::TagBytesIter;
+use multiboot2_common::{BytesRef, DynSizedStructure, Header, ALIGNMENT};
 
 /// Magic value for a [`Multiboot2Header`], as defined by the spec.
 pub const MAGIC: u32 = 0xe85250d6;
@@ -18,7 +23,7 @@ pub const MAGIC: u32 = 0xe85250d6;
 /// please look at `HeaderBuilder` (requires the `builder` feature).
 #[derive(Debug)]
 #[repr(transparent)]
-pub struct Multiboot2Header<'a>(&'a Multiboot2BasicHeader);
+pub struct Multiboot2Header<'a>(&'a DynSizedStructure<Multiboot2BasicHeader>);
 
 impl<'a> Multiboot2Header<'a> {
     /// Public constructor for this type with various validations.
@@ -35,21 +40,30 @@ impl<'a> Multiboot2Header<'a> {
     /// Multiboot2 header pointer.
     pub unsafe fn load(ptr: *const Multiboot2BasicHeader) -> Result<Self, LoadError> {
         // null or not aligned
-        if ptr.is_null() || ptr.align_offset(8) != 0 {
+        if ptr.is_null() || ptr.align_offset(ALIGNMENT) != 0 {
             return Err(LoadError::InvalidAddress);
         }
 
-        let reference = &*ptr;
+        let header = &*ptr;
 
-        if reference.header_magic() != MAGIC {
+        if header.header_magic() != MAGIC {
             return Err(LoadError::MagicNotFound);
         }
 
-        if !reference.verify_checksum() {
+        if !header.verify_checksum() {
             return Err(LoadError::ChecksumMismatch);
         }
 
-        Ok(Self(reference))
+        let slice = slice::from_raw_parts(ptr.cast::<u8>(), header.length as usize);
+        let bytes = BytesRef::<Multiboot2BasicHeader>::try_from(slice).map_err(|e| {
+            log::error!("Load error: {e:#?}");
+            LoadError::InvalidAddress
+        })?;
+        let inner = DynSizedStructure::ref_from(bytes).map_err(|e| {
+            log::error!("Load error: {e:#?}");
+            LoadError::TooSmall
+        })?;
+        Ok(Self(inner))
     }
 
     /// Find the header in a given slice.
@@ -60,7 +74,7 @@ impl<'a> Multiboot2Header<'a> {
     /// or because it is truncated), it returns a [`LoadError`].
     /// If there is no header, it returns `None`.
     pub fn find_header(buffer: &[u8]) -> Result<Option<(&[u8], u32)>, LoadError> {
-        if buffer.as_ptr().align_offset(4) != 0 {
+        if buffer.as_ptr().align_offset(ALIGNMENT) != 0 {
             return Err(LoadError::InvalidAddress);
         }
 
@@ -102,35 +116,36 @@ impl<'a> Multiboot2Header<'a> {
         )))
     }
 
+    /// Returns a [`Multiboot2HeaderTagIter`].
+    #[must_use]
+    pub fn iter(&self) -> Multiboot2HeaderTagIter {
+        Multiboot2HeaderTagIter::new(self.0.payload())
+    }
+
     /// Wrapper around [`Multiboot2BasicHeader::verify_checksum`].
     #[must_use]
     pub const fn verify_checksum(&self) -> bool {
-        self.0.verify_checksum()
+        self.0.header().verify_checksum()
     }
     /// Wrapper around [`Multiboot2BasicHeader::header_magic`].
     #[must_use]
     pub const fn header_magic(&self) -> u32 {
-        self.0.header_magic()
+        self.0.header().header_magic()
     }
     /// Wrapper around [`Multiboot2BasicHeader::arch`].
     #[must_use]
     pub const fn arch(&self) -> HeaderTagISA {
-        self.0.arch()
+        self.0.header().arch()
     }
     /// Wrapper around [`Multiboot2BasicHeader::length`].
     #[must_use]
     pub const fn length(&self) -> u32 {
-        self.0.length()
+        self.0.header().length()
     }
     /// Wrapper around [`Multiboot2BasicHeader::checksum`].
     #[must_use]
     pub const fn checksum(&self) -> u32 {
-        self.0.checksum()
-    }
-    /// Wrapper around [`Multiboot2BasicHeader::tag_iter`].
-    #[must_use]
-    pub fn iter(&self) -> Multiboot2HeaderTagIter {
-        self.0.tag_iter()
+        self.0.header().checksum()
     }
     /// Wrapper around [`Multiboot2BasicHeader::calc_checksum`].
     #[must_use]
@@ -204,7 +219,7 @@ impl<'a> Multiboot2Header<'a> {
 
     fn get_tag(&self, typ: HeaderTagType) -> Option<&HeaderTagHeader> {
         self.iter()
-            .map(|tag| unsafe { tag.as_ref() }.unwrap())
+            .map(|tag| )
             .find(|tag| tag.typ() == typ)
     }
 }
@@ -229,7 +244,7 @@ impl core::error::Error for LoadError {}
 /// The "basic" Multiboot2 header. This means only the properties, that are known during
 /// compile time. All other information are derived during runtime from the size property.
 #[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
-#[repr(C)]
+#[repr(C, align(8))]
 pub struct Multiboot2BasicHeader {
     /// Must be the value of [`MAGIC`].
     header_magic: u32,
@@ -290,28 +305,11 @@ impl Multiboot2BasicHeader {
     pub const fn checksum(&self) -> u32 {
         self.checksum
     }
+}
 
-    /// Returns a [`Multiboot2HeaderTagIter`].
-    ///
-    /// # Panics
-    /// See doc of [`Multiboot2HeaderTagIter`].
-    #[must_use]
-    pub fn tag_iter(&self) -> Multiboot2HeaderTagIter {
-        let base_hdr_size = size_of::<Self>();
-        if base_hdr_size == self.length as usize {
-            panic!("No end tag!");
-        }
-        let tag_base_addr = self as *const Self;
-        // cast to u8 so that the offset in bytes works correctly
-        let tag_base_addr = tag_base_addr as *const u8;
-        // tag_base_addr should now point behind the "static" members
-        let tag_base_addr = unsafe { tag_base_addr.add(base_hdr_size) };
-        // align pointer to 8 byte according to spec
-        let tag_base_addr = unsafe { tag_base_addr.add(tag_base_addr.align_offset(8)) };
-        // cast back
-        let tag_base_addr = tag_base_addr as *const HeaderTagHeader;
-        let tags_len = self.length as usize - base_hdr_size;
-        Multiboot2HeaderTagIter::new(tag_base_addr, tags_len as u32)
+impl Header for Multiboot2BasicHeader {
+    fn payload_len(&self) -> usize {
+        self.length as usize - size_of::<Self>()
     }
 }
 
@@ -322,100 +320,85 @@ impl Debug for Multiboot2BasicHeader {
             .field("arch", &{ self.arch })
             .field("length", &{ self.length })
             .field("checksum", &{ self.checksum })
-            .field("tags", &self.tag_iter())
+            .field("tags", &self.iter())
             .finish()
     }
 }
 
-/// Iterator over all tags of a Multiboot2 header. The number of items is derived
-/// by the size/length of the header.
-///
-/// # Panics
-/// Panics if the `length`-attribute doesn't match the number of found tags, there are
-/// more tags found than technically possible, or if there is more than one end tag.
-/// All of these errors come from bigger, underlying problems. Therefore, they are
-/// considered as "abort/panic" and not as recoverable errors.
-#[derive(Clone)]
-pub struct Multiboot2HeaderTagIter {
-    /// 8-byte aligned base address
-    base: *const HeaderTagHeader,
-    /// Offset in bytes from the base address.
-    /// Always <= than size.
-    n: u32,
-    /// Size / final value of [`Self::n`].
-    size: u32,
-    /// Counts the number of found tags. If more tags are found
-    /// than technically possible, for example because the length property
-    /// was invalid and there are hundreds of "End"-tags, we can use
-    /// this and enforce a hard iteration limit.
-    tag_count: u32,
-    /// Marks if the end-tag was found. Together with `tag_count`, this
-    /// further helps to improve safety when invalid length properties are given.
-    end_tag_found: bool,
+/// A generic tag serving as base to cast to specific tags. This is a DST
+/// version of [`Multiboot2BasicHeader`] that solves various type and memory safety
+/// problems by having a type that owns the whole memory of a tag.
+#[derive(PartialEq, Eq, ptr_meta::Pointee)]
+#[repr(transparent)]
+pub struct GenericTag(DynSizedStructure<Multiboot2BasicHeader>);
+
+impl GenericTag {
+    /// Returns a reference to [`GenericTag`] to interpret the provided memory
+    /// as [`GenericTag`].
+    ///
+    /// # Panics
+    // pub fn ref_from<'a>(bytes: &'a [u8]) -> Result<&'a Self, MemoryError> {
+    // TODO return result
+    pub fn ref_from<'a>(bytes: &'a [u8]) -> &'a Self {
+        let bytes = BytesRef::<TagHeader>::try_from(bytes).unwrap();
+        let inner = DynSizedStructure::ref_from(bytes).unwrap();
+        unsafe { mem::transmute::<_, &'a Self>(inner) }
+    }
+
+    /// Returns the underlying [`TagHeader`].
+    pub const fn header(&self) -> &Multiboot2BasicHeader {
+        self.0.header()
+    }
+
+    #[cfg(all(test, feature = "builder"))]
+    pub const fn payload(&self) -> &[u8] {
+        self.0.payload()
+    }
+
+    /// Casts the generic tag to a specific implementation.
+    /// TODO use tag trait.
+    pub fn cast<T: Sized>(&self) -> &T {
+        let base_ptr = ptr::addr_of!(*self).cast::<T>();
+        let tag = unsafe { &*base_ptr };
+        tag
+    }
 }
 
-impl Multiboot2HeaderTagIter {
-    fn new(base: *const HeaderTagHeader, size: u32) -> Self {
-        // transform to byte pointer => offset works properly
-        let base = base as *const u8;
-        let base = unsafe { base.add(base.align_offset(8)) };
-        let base = base as *const HeaderTagHeader;
-        Self {
-            base,
-            n: 0,
-            size,
-            tag_count: 0,
-            end_tag_found: false,
-        }
+impl Debug for GenericTag {
+    fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
+        f.debug_struct("GenericTag")
+            .field("header", self.0.header())
+            .field("payload", &"<bytes>")
+            .finish()
     }
 }
 
-impl Iterator for Multiboot2HeaderTagIter {
-    type Item = *const HeaderTagHeader;
+/// Iterates the tags of the header from the first tag to the end tag. The en
+/// tag is included.
+#[derive(Clone)]
+pub struct Multiboot2HeaderTagIter<'a>(TagBytesIter<'a, TagHeader>);
 
-    fn next(&mut self) -> Option<Self::Item> {
-        // no more bytes left to check; length reached
-        if self.n >= self.size {
-            return None;
-        }
+impl<'a> Multiboot2HeaderTagIter<'a> {
+    /// Creates a new iterator.
+    pub fn new(mem: &'a [u8]) -> Self {
+        Self(TagBytesIter::new(mem))
+    }
+}
 
-        // transform to byte ptr => offset works correctly
-        let ptr = self.base as *const u8;
-        let ptr = unsafe { ptr.add(self.n as usize) };
-        let ptr = ptr as *const HeaderTagHeader;
-        assert_eq!(ptr as usize % 8, 0, "must be 8-byte aligned");
-        let tag = unsafe { &*ptr };
-        assert!(
-            tag.size() <= 500,
-            "no real mb2 header should be bigger than 500bytes - probably wrong memory?! is: {}",
-            { tag.size() }
-        );
-        assert!(
-            tag.size() >= 8,
-            "no real mb2 header tag is smaller than 8 bytes - probably wrong memory?! is: {}",
-            { tag.size() }
-        );
-        assert!(
-            !self.end_tag_found,
-            "There is more than one end tag! Maybe the `length` property is invalid?"
-        );
-        self.n += tag.size();
-        // 8-byte alignment of pointer address
-        self.n += self.n % 8;
-        self.tag_count += 1;
-        if tag.typ() == HeaderTagType::End {
-            self.end_tag_found = true;
-        }
-        assert!(self.tag_count < HeaderTagType::count(), "Invalid Multiboot2 header tags! There are more tags than technically possible! Maybe the `length` property is invalid?");
-        Some(ptr)
+impl<'a> Iterator for Multiboot2HeaderTagIter<'a> {
+    type Item = &'a GenericTag;
+
+    fn next(&mut self) -> Option<Self::Item> {
+        let bytes = self.0.next()?;
+        Some(GenericTag::ref_from(bytes.as_ref()))
     }
 }
 
-impl Debug for Multiboot2HeaderTagIter {
+/*impl Debug for Multiboot2HeaderTagIter {
     fn fmt(&self, f: &mut Formatter<'_>) -> core::fmt::Result {
         let mut debug = f.debug_list();
         self.clone().for_each(|t| unsafe {
-            let typ = (*t).typ();
+            let typ = (*t).header().typ();
             if typ == HeaderTagType::End {
                 let entry = t as *const EndHeaderTag;
                 let entry = &*(entry);
@@ -466,7 +449,7 @@ impl Debug for Multiboot2HeaderTagIter {
         });
         debug.finish()
     }
-}
+}*/
 
 #[cfg(test)]
 mod tests {

multiboot2-header/src/header.rs

@@ -13,8 +13,7 @@ use crate::{TagTrait, TagType, TagTypeId};
 use core::fmt::{Debug, Formatter};
 use core::mem;
 use core::ptr;
-use multiboot2_common::iter::TagBytesIter;
-use multiboot2_common::{BytesRef, DynSizedStructure, Header};
+use multiboot2_common::{iter::TagBytesIter, BytesRef, DynSizedStructure, Header};
 
 /// The common header that all tags have in common. This type is ABI compatible.
 ///