Skip to content

Commit 58ba609

Browse files
chbaker0chbaker0
authored
Add Send impl for BootInformation (#114)
* Add Send impl for BootInformation
1 parent ad23b21 commit 58ba609

File tree

1 file changed

+16
-6
lines changed

1 file changed

+16
-6
lines changed

multiboot2/src/lib.rs

Lines changed: 16 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -103,9 +103,12 @@ pub const MULTIBOOT2_BOOTLOADER_MAGIC: u32 = 0x36d76289;
103103
/// ```
104104
///
105105
/// ## Safety
106-
/// This function might terminate the program, if the address is invalid. This can be the case in
107-
/// environments with standard environment (segfault) but also in UEFI-applications,
108-
/// where the referenced memory is not (identity) mapped (UEFI does only identity mapping).
106+
/// * `address` must be valid for reading. Otherwise this function might
107+
/// terminate the program. This can be the case in environments with standard
108+
/// environment (segfault) but also in UEFI-applications, where the referenced
109+
/// memory is not (identity) mapped (UEFI does only identity mapping).
110+
/// * The memory at `address` must not be modified after calling `load` or the
111+
/// program may observe unsychronized mutation.
109112
pub unsafe fn load(address: usize) -> Result<BootInformation, MbiLoadError> {
110113
load_with_offset(address, 0)
111114
}
@@ -123,9 +126,12 @@ pub unsafe fn load(address: usize) -> Result<BootInformation, MbiLoadError> {
123126
/// ```
124127
///
125128
/// ## Safety
126-
/// This function might terminate the program, if the address is invalid. This can be the case in
127-
/// environments with standard environment (segfault) but also in UEFI-applications,
128-
/// where the referenced memory is not (identity) mapped (UEFI does only identity mapping).
129+
/// * `address` must be valid for reading. Otherwise this function might
130+
/// terminate the program. This can be the case in environments with standard
131+
/// environment (segfault) but also in UEFI-applications, where the referenced
132+
/// memory is not (identity) mapped (UEFI does only identity mapping).
133+
/// * The memory at `address` must not be modified after calling `load` or the
134+
/// program may observe unsychronized mutation.
129135
pub unsafe fn load_with_offset(
130136
address: usize,
131137
offset: usize,
@@ -326,6 +332,10 @@ impl BootInformationInner {
326332
}
327333
}
328334

335+
// SAFETY: BootInformation contains a const ptr to memory that is never mutated.
336+
// Sending this pointer to other threads is sound.
337+
unsafe impl Send for BootInformation {}
338+
329339
impl fmt::Debug for BootInformation {
330340
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
331341
/// Limit how many Elf-Sections should be debug-formatted.

0 commit comments

Comments
 (0)