Safety docq and other clippy concerns

aes-t-tables/src/lib.rs

@@ -68,10 +68,16 @@ pub trait SimpleCacheSideChannel {
 
 pub trait TableCacheSideChannel {
     //type ChannelFatalError: Debug;
+    /// # Safety
+    ///
+    /// addresses must contain only valid pointers to read.
     unsafe fn calibrate(
         &mut self,
         addresses: impl IntoIterator<Item = *const u8> + Clone,
     ) -> Result<(), ChannelFatalError>;
+    /// # Safety
+    ///
+    /// addresses must contain only valid pointers to read.
     unsafe fn attack<'a, 'b>(
         &'a mut self,
         addresses: impl IntoIterator<Item = *const u8> + Clone,
@@ -81,10 +87,18 @@ pub trait TableCacheSideChannel {
 
 pub trait SingleAddrCacheSideChannel: Debug {
     //type SingleChannelFatalError: Debug;
-
+    /// # Safety
+    ///
+    /// addr must be a valid pointer to read.
     unsafe fn test_single(&mut self, addr: *const u8) -> Result<CacheStatus, SideChannelError>;
+    /// # Safety
+    ///
+    /// addr must be a valid pointer to read.
     unsafe fn prepare_single(&mut self, addr: *const u8) -> Result<(), SideChannelError>;
     fn victim_single(&mut self, operation: &dyn Fn());
+    /// # Safety
+    ///
+    /// addresses must contain only valid pointers to read.
     unsafe fn calibrate_single(
         &mut self,
         addresses: impl IntoIterator<Item = *const u8> + Clone,
@@ -94,15 +108,26 @@ pub trait SingleAddrCacheSideChannel: Debug {
 pub trait MultipleAddrCacheSideChannel: Debug {
     //type MultipleChannelFatalError: Debug;
 
+    /// # Safety
+    ///
+    /// addresses must contain only valid pointers to read.
     unsafe fn test(
         &mut self,
         addresses: impl IntoIterator<Item = *const u8> + Clone,
     ) -> Result<Vec<(*const u8, CacheStatus)>, SideChannelError>;
+
+    /// # Safety
+    ///
+    /// addresses must contain only valid pointers to read.
     unsafe fn prepare(
         &mut self,
         addresses: impl IntoIterator<Item = *const u8> + Clone,
     ) -> Result<(), SideChannelError>;
     fn victim(&mut self, operation: &dyn Fn());
+
+    /// # Safety
+    ///
+    /// addresses must contain only valid pointers to read.
     unsafe fn calibrate(
         &mut self,
         addresses: impl IntoIterator<Item = *const u8> + Clone,
@@ -196,6 +221,9 @@ impl<T: MultipleAddrCacheSideChannel> TableCacheSideChannel for T {
     }
     //type ChannelFatalError = T::MultipleChannelFatalError;
 
+    /// # Safety
+    ///
+    /// addresses must contain only valid pointers to read.
     unsafe fn attack<'a, 'b, 'c>(
         &'a mut self,
         addresses: impl IntoIterator<Item = *const u8> + Clone,
@@ -233,16 +261,12 @@ pub struct AESTTableParams<'a> {
     pub te: [isize; 4],
 }
 
+/// # Safety
+///
+/// te need to refer to the correct t tables offset in the openssl library at path.
 pub unsafe fn attack_t_tables_poc(
     side_channel: &mut impl TableCacheSideChannel,
     parameters: AESTTableParams,
-) {
-    attack_t_tables_poc_impl(side_channel, parameters)
-}
-
-fn attack_t_tables_poc_impl(
-    side_channel: &mut impl TableCacheSideChannel,
-    parameters: AESTTableParams,
 ) {
     // Note : This function doesn't handle the case where the address space is not shared. (Additionally you have the issue of complicated eviction sets due to complex addressing)
     // TODO

aes-t-tables/src/main.rs

@@ -86,7 +86,7 @@ fn get_vpn<T>(p: *const T) -> usize {
     (p as usize) & (!(PAGE_LEN - 1)) // FIXME
 }
 
-fn cum_sum(vector: &Vec<u32>) -> Vec<u32> {
+fn cum_sum(vector: &[u32]) -> Vec<u32> {
     let len = vector.len();
     let mut res = vec![0; len];
     res[0] = vector[0];
@@ -160,7 +160,7 @@ impl MultipleAddrCacheSideChannel for FlushAndFlush {
         let mut pages = HashMap::<VPN, HashSet<*const u8>>::new();
         for addr in addresses {
             let page = get_vpn(addr);
-            pages.entry(page).or_insert(HashSet::new()).insert(addr);
+            pages.entry(page).or_insert_with(HashSet::new).insert(addr);
         }
 
         let core_per_socket = find_core_per_socket();
@@ -315,9 +315,9 @@ impl MultipleAddrCacheSideChannel for FlushAndFlush {
                             // insert in per_core
                             if per_core
                                 .entry(core)
-                                .or_insert(HashMap::new())
+                                .or_insert_with(HashMap::new)
                                 .entry(page)
-                                .or_insert(HashMap::new())
+                                .or_insert_with(HashMap::new)
                                 .insert(
                                     slice,
                                     (
@@ -360,7 +360,7 @@ impl MultipleAddrCacheSideChannel for FlushAndFlush {
         println!("Best core: {}, rate: {}", best_core, best_error_rate);
         let tmp = per_core.remove(&best_core).unwrap();
         for (page, per_page) in tmp {
-            let page_entry = thresholds.entry(page).or_insert(HashMap::new());
+            let page_entry = thresholds.entry(page).or_insert_with(HashMap::new);
             for (slice, per_slice) in per_page {
                 println!(
                     "page: {:x}, slice: {}, threshold: {:?}, error_rate: {}",

aes-t-tables/src/naive_flush_and_reload.rs

@@ -18,6 +18,9 @@ impl NaiveFlushAndReload {
 }
 
 impl SingleAddrCacheSideChannel for NaiveFlushAndReload {
+    /// # Safety
+    ///
+    /// addr needs to be a valid pointer
     unsafe fn test_single(&mut self, addr: *const u8) -> Result<CacheStatus, SideChannelError> {
         if self.current != Some(addr) {
             return Err(SideChannelError::AddressNotReady(addr));
@@ -30,6 +33,9 @@ impl SingleAddrCacheSideChannel for NaiveFlushAndReload {
         }
     }
 
+    /// # Safety:
+    ///
+    /// addr needs to be a valid pointer
     unsafe fn prepare_single(&mut self, addr: *const u8) -> Result<(), SideChannelError> {
         unsafe { flush(addr) };
         self.current = Some(addr);
@@ -40,6 +46,9 @@ impl SingleAddrCacheSideChannel for NaiveFlushAndReload {
         operation()
     }
 
+    /// # Safety
+    ///
+    /// addr needs to be a valid pointer
     unsafe fn calibrate_single(
         &mut self,
         _addresses: impl IntoIterator<Item = *const u8>,

cache_utils/src/complex_addressing.rs

@@ -184,13 +184,11 @@ impl CacheSlicing {
                         }
                         if found_pivot {
                             for j in 0..matrix.len() {
-                                if j != i {
+                                if j != i && bit & matrix[j].0 != 0 {
-                                    if bit & matrix[j].0 != 0 {
                                     matrix[j].0 ^= matrix[i].0;
                                     matrix[j].1 ^= matrix[i].1;
                                 }
                             }
-                            }
                             i += 1;
                         }
                     }

cache_utils/src/frequency.rs

@@ -24,10 +24,10 @@ extern "C" {
 #[cfg(all(target_os = "linux", feature = "use_std"))]
 pub fn get_freq_cpufreq_kernel() -> Result<u64, Error> {
     // TODO Add memorization
-    return match unsafe { sched_getcpu() }.try_into() {
+    match unsafe { sched_getcpu() }.try_into() {
         Ok(cpu) => Ok(unsafe { cpufreq_get_freq_kernel(cpu) }),
         Err(e) => Err(Unimplemented),
-    };
+    }
 }
 
 #[cfg(not(all(target_os = "linux", feature = "use_std")))]
@@ -36,7 +36,6 @@ pub fn get_freq_cpufreq_kernel() -> Result<u64, Error> {
     Err(UnsupportedPlatform)
 }
 
-
 pub fn get_frequency() -> Result<u64, Error> {
     if cfg!(target_os = "linux") && cfg!(feature = "use_std") {
         return get_freq_cpufreq_kernel();
@@ -71,5 +70,5 @@ pub fn get_frequency_change_period(period: u64) -> Result<u64, Error> {
             }
         }
     }
-    return Ok(t / period);
+    Ok(t / period)
 }