diff --git a/src/qos_aws/src/lib.rs b/src/qos_aws/src/lib.rs index 43d87f0f4..e8398a62f 100644 --- a/src/qos_aws/src/lib.rs +++ b/src/qos_aws/src/lib.rs @@ -18,7 +18,7 @@ fn nitro_heartbeat() { read(fd, buf.as_ptr() as _, 1); close(fd); } - dmesg(format!("Sent NSM heartbeat")); + dmesg("Sent NSM heartbeat".to_string()); } /// Initialize nitro device @@ -27,12 +27,12 @@ pub fn init_platform() { nitro_heartbeat(); match insmod("/nsm.ko") { - Ok(()) => dmesg(format!("Loaded nsm.ko")), + Ok(()) => dmesg("Loaded nsm.ko".to_string()), Err(e) => eprintln!("{}", e), }; match check_hwrng("nsm-hwrng") { - Ok(()) => dmesg(format!("Validated entropy source is nsm-hwrng")), + Ok(()) => dmesg("Validated entropy source is nsm-hwrng".to_string()), Err(e) => { eprintln!("{}", e); poweroff(); diff --git a/src/qos_core/src/protocol/services/key.rs b/src/qos_core/src/protocol/services/key.rs index a0094e7fb..59b369543 100644 --- a/src/qos_core/src/protocol/services/key.rs +++ b/src/qos_core/src/protocol/services/key.rs @@ -142,7 +142,8 @@ fn export_key_internal( fn validate_manifest( new_manifest_envelope: &ManifestEnvelope, old_manifest_envelope: &ManifestEnvelope, - _attestation_doc: &AttestationDoc, + #[allow(unused_variables)] + attestation_doc: &AttestationDoc, ) -> Result<(), ProtocolError> { // 2. Check the signatures over the New Manifest. Ensures that K Manifest // Set Members approved the New Manifest. @@ -221,7 +222,7 @@ fn validate_manifest( #[cfg(not(feature = "mock"))] { qos_nsm::nitro::verify_attestation_doc_against_user_input( - _attestation_doc, + attestation_doc, &new_manifest_envelope.manifest.qos_hash(), &new_manifest_envelope.manifest.enclave.pcr0, &new_manifest_envelope.manifest.enclave.pcr1, diff --git a/src/qos_core/src/protocol/state.rs b/src/qos_core/src/protocol/state.rs index 6df388528..f9d56c606 100644 --- a/src/qos_core/src/protocol/state.rs +++ b/src/qos_core/src/protocol/state.rs @@ -185,6 +185,7 @@ impl ProtocolState { attestor: Box, handles: Handles, app_addr: SocketAddress, + #[allow(unused_variables)] test_only_init_phase_override: Option, ) -> Self { let provisioner = SecretBuilder::new(); diff --git a/src/qos_enclave/src/main.rs b/src/qos_enclave/src/main.rs index 400b145fb..2b87c491c 100644 --- a/src/qos_enclave/src/main.rs +++ b/src/qos_enclave/src/main.rs @@ -137,16 +137,16 @@ fn boot() -> String { }) .ok_or_exit_with_errno(None); - return get_id_by_name(enclave_name) - .or_else(|_| Err("Failed to parse enclave name")) - .unwrap(); + get_id_by_name(enclave_name) + .map_err(|_| "Failed to parse enclave name") + .unwrap() } fn shutdown(enclave_id: String, sig_num: i32) { println!("Got signal: {}", sig_num); println!("Shutting down Enclave"); let mut comm = enclave_proc_connect_to_single(&enclave_id) - .or_else(|_| Err("Failed to send command to Enclave")) + .map_err(|_| "Failed to send command to Enclave") .unwrap(); // TODO: Replicate output of old CLI on invalid enclave IDs. @@ -155,7 +155,7 @@ fn shutdown(enclave_id: String, sig_num: i32) { None, &mut comm, ) - .or_else(|_| Err("Unable to terminate Enclave")); + .map_err(|_| "Unable to terminate Enclave"); exit(0); } @@ -190,23 +190,23 @@ fn handle_signals() -> c_int { unsafe { sigaddset(&mut mask, SIGINT) }; unsafe { sigaddset(&mut mask, SIGTERM) }; unsafe { sigprocmask(SIG_BLOCK, &mask, ptr::null_mut()) }; - let signal = unsafe { sigwaitinfo(&mask, ptr::null_mut()) } as i32; - return signal; + // return signal + (unsafe { sigwaitinfo(&mask, ptr::null_mut()) }) as i32 } fn main() { println!("Booting Nitro Enclave:"); - //TODO: Implement ability to allow skipping boot - //let allow_skip: _ = std::env::var("ALLOW_SKIP_BOOT") - // .unwrap_or("false".to_string()) - // .trim().parse::().unwrap(); - //boot(allow_skip); + // TODO: Implement ability to allow skipping boot + // let allow_skip: _ = std::env::var("ALLOW_SKIP_BOOT") + // .unwrap_or("false".to_string()) + // .trim().parse::().unwrap(); + // boot(allow_skip); let enclave_id = boot(); match healthy() { - Ok(_) => eprintln!("{}", "Enclave is healthy"), + Ok(_) => eprintln!("Enclave is healthy"), Err(e) => eprintln!("Enclave is sad: {}", e), }; diff --git a/src/qos_system/src/lib.rs b/src/qos_system/src/lib.rs index 91d9f7f47..f41e967b5 100644 --- a/src/qos_system/src/lib.rs +++ b/src/qos_system/src/lib.rs @@ -91,6 +91,8 @@ pub fn freopen( freopen( filename_cs.as_ptr(), mode_cs.as_ptr(), + // TODO clippy says the pointer casting is unecessary + // is this true for all configurations and platforms? fdopen(file, mode_cs.as_ptr() as *const i8), ) } @@ -164,22 +166,22 @@ pub fn check_hwrng(rng_expected: &str) -> Result<(), SystemError> { Ok(()) } -#[cfg(any(target_env = "musl"))] -type ioctl_num_type = ::libc::c_int; -#[cfg(not(any(target_env = "musl")))] -type ioctl_num_type = ::libc::c_ulong; +#[cfg(target_env = "musl")] +type IoctlNumType = ::libc::c_int; +#[cfg(not(target_env = "musl"))] +type IoctlNumType = ::libc::c_ulong; -const IOCTL_VM_SOCKETS_GET_LOCAL_CID: ioctl_num_type = 0x7b9; +const IOCTL_VM_SOCKETS_GET_LOCAL_CID: IoctlNumType = 0x7b9; pub fn get_local_cid() -> Result { use libc::ioctl; let f = match File::open("/dev/vsock") { Ok(f) => f, - Err(e) => return Err(SystemError{ message: format!("Failed to open /dev/vsock") }), + Err(_e) => return Err(SystemError{ message: "Failed to open /dev/vsock".to_string() }), }; let mut cid = 0; if unsafe { ioctl(f.as_raw_fd(), IOCTL_VM_SOCKETS_GET_LOCAL_CID, &mut cid) } == -1 { return Err(SystemError{ message: "Failed to fetch local CID".to_string() }); } - return Ok(cid); + Ok(cid) }