no SIZE constant anymore in the new TpmSized as no stack allocation is required:
/// Provides a `dyn`-safe way to get the exact size of a zero-copy cast object.
pub trait TpmSizedCast {
/// Returns the exact serialized size of the object.
fn len(&self) -> usize;
/// Returns `true` if the object has a serialized length of zero.
fn is_empty(&self) -> bool {
self.len() == 0
}
}
This ought to be renamed as TpmSized as full migration is over :-) Applies also to all other *Cast.
In the end of the day this is superior despite adding up a new trick to my sack of random macro hacks:
tpm_integer!(u8, TpmUint8, Unsigned);
tpm_integer!(i8, TpmInt8, Signed);
tpm_integer!(u16, TpmUint16, Unsigned);
tpm_integer!(i32, TpmInt32, Signed);
tpm_integer!(u32, TpmUint32, Unsigned);
tpm_integer!(u64, TpmUint64, Unsigned);
Now the names match TCG specification names, and they are also first fully zerocopy migrated types. This way previously redundant looking field now is actually self-documenting field.
Other zerocopy types will get the nasty “Cast” postfix up until migration is complete (e.g., TpmBufferCast).
For the record, the last field is used to address exactly one quirk related to TCG specs: TPM_CLOCK_TIME
, meaning that “invalid discriminant error” needs too versions :-/
I’m sure we would get numbers going from zero to six, and “get this complex science” as e.g., most of have ability to read, and understand nuances such as the difference between slower and faster… This is DailyWTF proximity enough level bad definition that I tend to like that TPM_CLOCK_TIME exist…
Great now I think I have solid base traits in place i.e., TpmCast, TpmCastMut, TpmHasCast and TpmHasCastMut:
I also relaxed the contribution guidelines just a little bit:
//! * `alloc` is disallowed.
//! * Dependencies are disallowed.
//! * Developer dependencies are disallowed.
-//! * Panics are disallowed.
+//! * Panics are allowed disallowed by default, except concrete type casts in
+//! `TpmCast::as_slice` is allowed to use `unwrap` as long as
+//! `TpmCast::from_slice` meets the documented contract.
This starts to “feel right” when it comes to “zerocopy”:
pub trait TpmCast<'a>: Sized {
fn cast(slice: &'a [u8]) -> TpmResult<Self>;
fn as_slice(&self) -> &'a [u8];
}
And pretty analogus to pre-existing TpmBuild and TpmParse i.e., they provide clone semantics and this is like hierarchical pointer.
It’s pretty easy to squeeze in because I only really have to edit macros for the most part. I have already basic types, and buffers and lists will follow the same patterns.
Another more fun Rust related activity is figuring out how to nail batch file transfer test planning with emulated serial port that throttles the speed to a target BPS (in future also should have also signal noise emulation):
const ADJECTIVES: &[&str] = &["Quiet", "Loud", "Fast", "Slow", "Bright", "Dark"];
const NOUNS: &[&str] = &["One", "Two", "Three", "Four", "Five,", "Six"];
const EXTENSIONS: &[&str] = &["dat", "BIN", "log", "TMP", "txt"];
struct MockPort<R: Read, W: Write> {
r: R,
w: W,
bits_per_second: u32,
next_byte_due: Instant,
}
It generates 10 pseudorandom filenames and 100 KiB payloads.
Just solved a Rust sudoku for the next version of tpm2-protocol
I think this is quite clever trick to surpass some of the limitation of syntax tree macros:
macro_rules! tpm_integer {
($ty:ty) => {
pub mod $ty {
#[derive(Clone, Copy, Debug)]
pub struct TpmView<'a> {
pub slice: &'a [u8],
}
}
};
}
Further, TpmView
implements a trait called TpmView
. This circulates around limitation that type cannot be used to name things in syntax tree macros.
Otherwise, unless moving into procedural macros, I’d end up ugly declarations along the lines of:
tpm_integer!(u8, TpmViewU8, Unsigned);
tpm_integer!(i8, TpmViewI8, Signed);
tpm_integer!(u16, TpmViewU16, Unsigned);
tpm_integer!(i32, TpmViewI32, Signed);
tpm_integer!(u32, TpmViewU32, Unsigned);
tpm_integer!(u64, TpmViewU64, Unsigned);
Transparency has been the single biggest blocker in moving forward with zerocopy parser and this sort of “nails it”.
EDIT
I was wrong in that you could type as module name. However, the trick does still resolve the name coflict with the original type and view type. The minor inconvience of having to repeat it twice is totally acceptable vs having to manually name stuff:
tpm_integer!(u8, u8, Unsigned);
tpm_integer!(i8, i8, Signed);
tpm_integer!(u16, u16, Unsigned);
tpm_integer!(i32, i32, Signed);
tpm_integer!(u32, u32, Unsigned);
tpm_integer!(u64, u64, Unsigned);
This is absolutely sustainable for me :-) I.e. second parameter is name of the module.
Here’s a working proof of concept: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-protocol.git/commit/?h=zerocopy&id=42f61d9d85e17f784f71c8ac64ee6adbb7171997