[−][src]Trait std::os::fortanix_sgx::usercalls::alloc::UserSafeSized
A type that can be safely read from or written to userspace.
Non-exhaustive list of specific requirements for reading and writing:
- Type is
Copy(and therefore also notDrop). Copies will be created when copying from/to userspace. Destructors will not be called. - No references or Rust-style owned pointers (
Vec,Arc, etc.). When reading from userspace, references into enclave memory must not be created. Also, only enclave memory is considered managed by the Rust compiler's static analysis. When reading from userspace, there can be no guarantee that the value correctly adheres to the expectations of the type. When writing to userspace, memory addresses of data in enclave memory must not be leaked for confidentiality reasons.UserandUserRefare also not allowed for the same reasons. - No fat pointers. When reading from userspace, the size or vtable pointer could be automatically interpreted and used by the code. When writing to userspace, memory addresses of data in enclave memory (such as vtable pointers) must not be leaked for confidentiality reasons.
Non-exhaustive list of specific requirements for reading from userspace:
- Any bit pattern is valid for this type (no
enums). There can be no guarantee that the value correctly adheres to the expectations of the type, so any value must be valid for this type.
Non-exhaustive list of specific requirements for writing to userspace:
- No pointers to enclave memory. Memory addresses of data in enclave memory must not be leaked for confidentiality reasons.
- No internal padding. Padding might contain previously-initialized secret data stored at that memory location and must not be leaked for confidentiality reasons.