LailaTheElf/embassy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hal-internal: remove impl DerefMut for PeripheralRef.

Browse Source 
if you have `PeripheralRef<'a, AnyPIn>` for pin A, and `AnyPin` (owned) for pin B, you can `mem::swap` them.
so, getting access forever to pin A, just by "sacrificing" pin B

this defeats the point of PeripheralRef, which is if you got a `PeripheralRef<'a, T>` then you're only allowed to use the peripheral for `'a`.

Also some drivers rely on the fact only one instance of a singleton exists for soundness, so this is a soundness fix for those.
This commit is contained in:
Dario Nieuwenhuis
2024-02-20 01:02:15 +01:00
parent 69bfcaad42
commit e8474426d8
6 changed files with 43 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
embassy-hal-internal/src/peripheral.rs
View File

@@ -1,5 +1,5 @@
use core::marker::PhantomData;
use core::ops::{Deref, DerefMut};
use core::ops::Deref;
/// An exclusive reference to a peripheral.
///
@@ -86,13 +86,6 @@ impl<'a, T> Deref for PeripheralRef<'a, T> {
}
}
impl<'a, T> DerefMut for PeripheralRef<'a, T> {
#[inline]
fn deref_mut(&mut self) -> &mut Self::Target {
&mut self.inner
}
}
/// Trait for any type that can be used as a peripheral of type `P`.
///
/// This is used in driver constructors, to allow passing either owned peripherals (e.g. `TWISPI0`),
@@ -162,7 +155,7 @@ pub trait Peripheral: Sized {
}
}
impl<'b, T: DerefMut> Peripheral for T
impl<'b, T: Deref> Peripheral for T
where
T::Target: Peripheral,
{