From d54d4c2329f6eaeefff9adead009f92d3e307cfb Mon Sep 17 00:00:00 2001 From: Daniel Bittman Date: Mon, 25 Nov 2024 19:18:22 -0800 Subject: [PATCH] Cleanup. --- Cargo.lock | 4 +- src/bin/bootstrap/src/main.rs | 2 +- src/runtime/dynlink/src/arch/x86_64.rs | 8 +-- src/runtime/dynlink/src/compartment.rs | 3 +- src/runtime/dynlink/src/context.rs | 2 +- src/runtime/dynlink/src/library.rs | 3 +- src/runtime/monitor/src/init.rs | 65 ++----------------- src/runtime/monitor/src/main.rs | 4 +- src/runtime/monitor/src/mon/compartment.rs | 6 +- .../monitor/src/mon/compartment/runcomp.rs | 2 +- src/runtime/monitor/src/mon/space.rs | 23 ++++--- src/runtime/monitor/src/mon/thread/cleaner.rs | 1 - src/runtime/rt-impl/Cargo.toml | 4 -- src/runtime/rt-impl/src/lib.rs | 1 + src/runtime/rt-impl/src/preinit.rs | 5 +- src/runtime/rt-impl/src/runtime/core.rs | 32 ++++++--- src/runtime/rt-impl/src/runtime/thread/tcb.rs | 2 +- src/runtime/rt-impl/src/syms.rs | 41 ++++++------ src/runtime/rt/build.rs | 10 ++- src/runtime/rt/src/lib.rs | 3 +- src/runtime/secgate/secgate-macros/src/lib.rs | 4 -- src/runtime/secgate/src/lib.rs | 2 - 22 files changed, 93 insertions(+), 134 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4c277746..bea3e82c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4139,9 +4139,9 @@ dependencies = [ [[package]] name = "scoped-tls-hkt" -version = "0.1.4" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ddc765d3410d9f6c6ca071bf0b67f6b01e3ec4595dc3892f02677e75819dddc" +checksum = "e9603871ffe5df3ac39cb624790c296dbd47a400d202f56bf3e414045099524d" [[package]] name = "scopeguard" diff --git a/src/bin/bootstrap/src/main.rs b/src/bin/bootstrap/src/main.rs index 45d064cf..82c60df8 100644 --- a/src/bin/bootstrap/src/main.rs +++ b/src/bin/bootstrap/src/main.rs @@ -132,7 +132,7 @@ fn start_runtime(_runtime_monitor: ObjID, _runtime_library: ObjID) -> ! { extern crate twizzler_minruntime; fn main() { let subscriber = FmtSubscriber::builder() - .with_max_level(Level::DEBUG) + .with_max_level(Level::INFO) .finish(); tracing::subscriber::set_global_default(subscriber).expect("setting default subscriber failed"); diff --git a/src/runtime/dynlink/src/arch/x86_64.rs b/src/runtime/dynlink/src/arch/x86_64.rs index 667bf99c..0188cc03 100644 --- a/src/runtime/dynlink/src/arch/x86_64.rs +++ b/src/runtime/dynlink/src/arch/x86_64.rs @@ -3,9 +3,9 @@ use crate::tls::{Tcb, TlsRegion}; pub(crate) const MINIMUM_TLS_ALIGNMENT: usize = 32; pub use elf::abi::{ - R_X86_64_64 as REL_SYMBOLIC, R_X86_64_COPY as REL_COPY, R_X86_64_DTPMOD64 as REL_DTPMOD, - R_X86_64_DTPOFF64 as REL_DTPOFF, R_X86_64_GLOB_DAT as REL_GOT, R_X86_64_JUMP_SLOT as REL_PLT, - R_X86_64_RELATIVE as REL_RELATIVE, R_X86_64_TPOFF64 as REL_TPOFF, + R_X86_64_64 as REL_SYMBOLIC, R_X86_64_DTPMOD64 as REL_DTPMOD, R_X86_64_DTPOFF64 as REL_DTPOFF, + R_X86_64_GLOB_DAT as REL_GOT, R_X86_64_JUMP_SLOT as REL_PLT, R_X86_64_RELATIVE as REL_RELATIVE, + R_X86_64_TPOFF64 as REL_TPOFF, }; /// Get a pointer to the current thread control block, using the thread pointer. @@ -22,7 +22,7 @@ impl TlsRegion { /// Get a pointer to the thread control block for this TLS region. /// /// # Safety - /// The TCB must actually contain runtime data of type T, and be initialized. + /// The TCB must actually contain runtime data of type T, and be initialized. pub unsafe fn get_thread_control_block(&self) -> *mut Tcb { self.get_thread_pointer_value() as *mut _ } diff --git a/src/runtime/dynlink/src/compartment.rs b/src/runtime/dynlink/src/compartment.rs index 53fa0ce3..dfe35db9 100644 --- a/src/runtime/dynlink/src/compartment.rs +++ b/src/runtime/dynlink/src/compartment.rs @@ -7,7 +7,6 @@ use std::{ use petgraph::stable_graph::NodeIndex; use talc::{ErrOnOom, Talc}; -use tracing::info; use crate::{context::NewCompartmentFlags, engines::Backing, library::LibraryId, tls::TlsInfo}; @@ -87,6 +86,6 @@ impl Debug for Compartment { impl Drop for Compartment { fn drop(&mut self) { - info!("dynlink: drop compartment {:?}", self); + tracing::debug!("dynlink: drop compartment {:?}", self); } } diff --git a/src/runtime/dynlink/src/context.rs b/src/runtime/dynlink/src/context.rs index a6f81de7..56c41202 100644 --- a/src/runtime/dynlink/src/context.rs +++ b/src/runtime/dynlink/src/context.rs @@ -1,6 +1,6 @@ //! Management of global context. -use std::{collections::HashMap, fmt::Display, ops::Index}; +use std::{collections::HashMap, fmt::Display}; use petgraph::stable_graph::{NodeIndex, StableDiGraph}; use stable_vec::StableVec; diff --git a/src/runtime/dynlink/src/library.rs b/src/runtime/dynlink/src/library.rs index 794cb72a..37bbff79 100644 --- a/src/runtime/dynlink/src/library.rs +++ b/src/runtime/dynlink/src/library.rs @@ -4,7 +4,6 @@ use std::fmt::{Debug, Display}; use elf::{ abi::{DT_FLAGS_1, PT_PHDR, PT_TLS, STB_WEAK}, - dynamic::Dyn, endian::NativeEndian, segment::{Elf64_Phdr, ProgramHeader}, ParseError, @@ -351,7 +350,7 @@ impl Debug for Library { impl Drop for Library { fn drop(&mut self) { - tracing::info!("dynlink: drop library: {:?}", self); + tracing::debug!("dynlink: drop library: {:?}", self); } } diff --git a/src/runtime/monitor/src/init.rs b/src/runtime/monitor/src/init.rs index c390cdce..0211d466 100644 --- a/src/runtime/monitor/src/init.rs +++ b/src/runtime/monitor/src/init.rs @@ -19,70 +19,13 @@ impl InitDynlinkContext { } extern "C-unwind" { - fn __is_monitor() -> Option<*mut c_void>; + // Defined by the runtime. Returns a pointer to the runtime init info struct if the runtime is + // in monitor mode, otherwise returns null. + fn __is_monitor() -> *mut c_void; } pub(crate) fn bootstrap_dynlink_context() -> Option { - let info = unsafe { - __is_monitor() - .unwrap() - .cast::() - .as_mut() - .unwrap() - }; + let info = unsafe { __is_monitor().cast::().as_mut().unwrap() }; let ctx = info.ctx as *mut Context; Some(InitDynlinkContext { ctx }) } - -/* -#[no_mangle] -pub unsafe extern "C" fn monitor_entry_from_bootstrap2(rtinfo_ptr: *const RuntimeInfo) { - let rtinfo = unsafe { rtinfo_ptr.as_ref().unwrap() }; - if rtinfo.kind != RUNTIME_INIT_MONITOR { - twizzler_abi::klog_println!("cannot initialize monitor without monitor runtime init info"); - twizzler_rt_abi::core::twz_rt_abort(); - } - let rt_init_info_ptr = rtinfo.init_info.monitor.cast(); - - unsafe { - RTINFO = Some(rt_init_info_ptr); - twizzler_rt_abi::core::rt0::rust_entry(rtinfo_ptr) - } -} - -/* -#[cfg(target_arch = "x86_64")] -#[naked] -#[no_mangle] -pub unsafe extern "C" fn monitor_entry_from_bootstrap(p: *const RuntimeInfo) -> ! { - core::arch::naked_asm!("jmp monitor_entry_from_bootstrap2") -}*/ - -#[cfg(target_arch = "x86_64")] -core::arch::global_asm!("monitor_entry_from_bootstrap: jmp monitor_entry_from_bootstrap2"); - -*/ -/* -#[allow(improper_ctypes)] -extern "C" { - fn twizzler_call_lang_start( - main: fn(), - argc: isize, - argv: *const *const u8, - sigpipe: u8, - ) -> isize; -} - -#[cfg(not(test))] -#[no_mangle] -pub extern "C" fn main(argc: i32, argv: *const *const u8) -> i32 { - //TODO: sigpipe? - unsafe { twizzler_call_lang_start(crate::main, argc as isize, argv, 0) as i32 } -} - -// TODO: we should probably get this for real. -#[cfg(not(test))] -#[no_mangle] -pub extern "C" fn _init() {} - -*/ diff --git a/src/runtime/monitor/src/main.rs b/src/runtime/monitor/src/main.rs index 0095ff0c..148f1d0a 100644 --- a/src/runtime/monitor/src/main.rs +++ b/src/runtime/monitor/src/main.rs @@ -35,7 +35,7 @@ pub fn main() { // For early init, if something breaks, we really want to see everything... std::env::set_var("RUST_BACKTRACE", "full"); let subscriber = FmtSubscriber::builder() - .with_max_level(Level::DEBUG) + .with_max_level(Level::INFO) .with_target(false) .with_span_events(FmtSpan::ACTIVE) .finish(); @@ -98,7 +98,7 @@ fn monitor_init() -> miette::Result<()> { { let comp: CompartmentHandle = CompartmentLoader::new("montest", test_name, NewCompartmentFlags::empty()) - .args(&["montest", "--nocapture"]) + .args(&["montest"]) .load() .into_diagnostic()?; let mut eb = 0; diff --git a/src/runtime/monitor/src/mon/compartment.rs b/src/runtime/monitor/src/mon/compartment.rs index 196fec0f..f9c33b6e 100644 --- a/src/runtime/monitor/src/mon/compartment.rs +++ b/src/runtime/monitor/src/mon/compartment.rs @@ -1,4 +1,4 @@ -use std::{collections::HashMap, ffi::CStr, io::BufRead}; +use std::{collections::HashMap, ffi::CStr}; use dynlink::{ compartment::CompartmentId, @@ -291,7 +291,7 @@ impl super::Monitor { // parse args let args_bytes = arg_bytes.split_inclusive(|b| *b == 0); - let mut args = args_bytes + let args = args_bytes .map(CStr::from_bytes_with_nul) .try_collect::>() .map_err(|_| LoadCompartmentError::Unknown)?; @@ -299,7 +299,7 @@ impl super::Monitor { // parse env let envs_bytes = env_bytes.split_inclusive(|b| *b == 0); - let mut env = envs_bytes + let env = envs_bytes .map(CStr::from_bytes_with_nul) .try_collect::>() .map_err(|_| LoadCompartmentError::Unknown)?; diff --git a/src/runtime/monitor/src/mon/compartment/runcomp.rs b/src/runtime/monitor/src/mon/compartment/runcomp.rs index a8ffb5ce..4bb26896 100644 --- a/src/runtime/monitor/src/mon/compartment/runcomp.rs +++ b/src/runtime/monitor/src/mon/compartment/runcomp.rs @@ -61,7 +61,7 @@ pub struct RunComp { impl Drop for RunComp { fn drop(&mut self) { - //tracing::warn!("todo: runcomp drop"); + // TODO: check if we need to do anything. } } diff --git a/src/runtime/monitor/src/mon/space.rs b/src/runtime/monitor/src/mon/space.rs index d534b284..0b03d042 100644 --- a/src/runtime/monitor/src/mon/space.rs +++ b/src/runtime/monitor/src/mon/space.rs @@ -52,9 +52,9 @@ fn mapflags_into_prot(flags: MapFlags) -> Protections { } extern "C-unwind" { - fn __monitor_get_slot() -> Option; - fn __monitor_get_pair() -> Option<(usize, usize)>; - fn __monitor_release_pair(pair: (usize, usize)); + fn __monitor_get_slot() -> isize; + fn __monitor_get_pair(one: *mut usize, two: *mut usize) -> bool; + fn __monitor_release_pair(one: usize, two: usize); fn __monitor_release_slot(slot: usize); } @@ -73,7 +73,10 @@ impl Space { Some(item) => item, None => { // Not yet mapped, so allocate a slot and map it. - let slot = unsafe { __monitor_get_slot() }.ok_or(MapError::OutOfResources)?; + let slot = unsafe { __monitor_get_slot() } + .try_into() + .ok() + .ok_or(MapError::OutOfResources)?; let Ok(_) = sys_object_map( None, @@ -180,12 +183,14 @@ pub(crate) struct UnmapOnDrop { impl Drop for UnmapOnDrop { fn drop(&mut self) { - if sys_object_unmap(None, self.slot, UnmapFlags::empty()).is_ok() { - unsafe { + match sys_object_unmap(None, self.slot, UnmapFlags::empty()) { + Ok(_) => unsafe { __monitor_release_slot(self.slot); + }, + Err(_e) => { + // TODO: once the kernel-side works properly, uncomment this. + //tracing::warn!("failed to unmap slot {}: {}", self.slot, e); } - } else { - tracing::warn!("failed to unmap slot {}", self.slot); } } } @@ -193,7 +198,7 @@ impl Drop for UnmapOnDrop { /// Map an object into the address space, without tracking it. This leaks the mapping, but is useful /// for bootstrapping. See the object mapping gate comments for more details. pub fn early_object_map(info: MapInfo) -> MappedObjectAddrs { - let slot = unsafe { __monitor_get_slot() }.unwrap(); + let slot = unsafe { __monitor_get_slot() }.try_into().unwrap(); sys_object_map( None, diff --git a/src/runtime/monitor/src/mon/thread/cleaner.rs b/src/runtime/monitor/src/mon/thread/cleaner.rs index 1d060455..8b3f5fca 100644 --- a/src/runtime/monitor/src/mon/thread/cleaner.rs +++ b/src/runtime/monitor/src/mon/thread/cleaner.rs @@ -105,7 +105,6 @@ impl Waits { } } -#[tracing::instrument(skip(data, recv))] fn cleaner_thread_main(data: Pin>, mut recv: Receiver) { // TODO (dbittman): when we have support for async thread events, we can use that API. let mut ops = Vec::new(); diff --git a/src/runtime/rt-impl/Cargo.toml b/src/runtime/rt-impl/Cargo.toml index 30969270..328de74b 100644 --- a/src/runtime/rt-impl/Cargo.toml +++ b/src/runtime/rt-impl/Cargo.toml @@ -25,7 +25,3 @@ stable-vec = "0.4.1" lru = "0.12.4" paste = "1" printf-compat = { version = "0.1", default-features = false } - -[features] -runtime = [] -default = ["runtime"] diff --git a/src/runtime/rt-impl/src/lib.rs b/src/runtime/rt-impl/src/lib.rs index ace6bb9c..7ffcc1f0 100644 --- a/src/runtime/rt-impl/src/lib.rs +++ b/src/runtime/rt-impl/src/lib.rs @@ -25,4 +25,5 @@ pub use error::*; pub mod preinit; +#[allow(non_snake_case)] pub mod syms; diff --git a/src/runtime/rt-impl/src/preinit.rs b/src/runtime/rt-impl/src/preinit.rs index 850b2e2c..f464fdc7 100644 --- a/src/runtime/rt-impl/src/preinit.rs +++ b/src/runtime/rt-impl/src/preinit.rs @@ -42,7 +42,10 @@ macro_rules! preinit_println { #[track_caller] pub fn preinit_abort() -> ! { - unsafe { core::intrinsics::abort() } + #[allow(unused_unsafe)] + unsafe { + core::intrinsics::abort() + } } #[track_caller] diff --git a/src/runtime/rt-impl/src/runtime/core.rs b/src/runtime/rt-impl/src/runtime/core.rs index 86f6c364..e869f83a 100644 --- a/src/runtime/rt-impl/src/runtime/core.rs +++ b/src/runtime/rt-impl/src/runtime/core.rs @@ -1,6 +1,10 @@ //! Implements the core runtime functions. -use std::{ffi::c_void, sync::OnceLock}; +use std::{ + collections::BTreeMap, + ffi::{c_char, c_void, CStr, CString}, + sync::{Mutex, OnceLock}, +}; use dynlink::context::runtime::RuntimeInitInfo; use monitor_api::{RuntimeThreadControl, SharedCompConfig}; @@ -23,9 +27,6 @@ use crate::{ runtime::RuntimeState, }; -#[thread_local] -static TLS_TEST: usize = 3222; - #[derive(Copy, Clone)] struct PtrToInfo(*mut c_void); unsafe impl Send for PtrToInfo {} @@ -63,6 +64,22 @@ impl ReferenceRuntime { .map(|x| x.0 as *mut _ as *mut c_void) } + pub fn cgetenv(&self, name: &CStr) -> *const c_char { + // TODO: this approach is very simple, but it leaks if the environment changes a lot. + static ENVMAP: Mutex> = Mutex::new(BTreeMap::new()); + let Ok(name) = name.to_str() else { + return core::ptr::null(); + }; + let Ok(val) = std::env::var(name) else { + return core::ptr::null(); + }; + let mut envmap = ENVMAP.lock().unwrap(); + envmap + .entry(val.to_string()) + .or_insert_with(|| CString::new(val.to_string()).unwrap()) + .as_ptr() + } + pub fn runtime_entry( &self, rtinfo: *const RuntimeInfo, @@ -79,7 +96,7 @@ impl ReferenceRuntime { .as_ref() .unwrap() }; - MON_RTINFO.set(Some(PtrToInfo(init_info as *const _ as *mut _))); + let _ = MON_RTINFO.set(Some(PtrToInfo(init_info as *const _ as *mut _))); self.init_for_monitor(init_info); } RUNTIME_INIT_COMP => { @@ -91,7 +108,7 @@ impl ReferenceRuntime { .as_ref() .unwrap() }; - MON_RTINFO.set(None); + let _ = MON_RTINFO.set(None); self.init_for_compartment(init_info); } x => { @@ -114,11 +131,10 @@ impl ReferenceRuntime { // TODO: control this with env vars tracing::subscriber::set_global_default( tracing_subscriber::fmt() - .with_max_level(Level::DEBUG) + .with_max_level(Level::INFO) .finish(), ) .unwrap(); - preinit_println!("====== {}", TLS_TEST); if self.state().contains(RuntimeState::IS_MONITOR) { self.init_slots(); None diff --git a/src/runtime/rt-impl/src/runtime/thread/tcb.rs b/src/runtime/rt-impl/src/runtime/thread/tcb.rs index 3ec0ffbd..e24571de 100644 --- a/src/runtime/rt-impl/src/runtime/thread/tcb.rs +++ b/src/runtime/rt-impl/src/runtime/thread/tcb.rs @@ -72,7 +72,7 @@ pub(crate) static TLS_GEN_MGR: RwLock = RwLock::new(TlsGenMgr { }); impl TlsGenMgr { - pub fn need_new_gen(&self, mygen: Option) -> bool { + pub fn _need_new_gen(&self, mygen: Option) -> bool { let cc = monitor_api::get_comp_config(); let template = unsafe { cc.get_tls_template().as_ref().unwrap() }; mygen.is_some_and(|mygen| mygen == template.gen) diff --git a/src/runtime/rt-impl/src/syms.rs b/src/runtime/rt-impl/src/syms.rs index 57003ab1..f3796e45 100644 --- a/src/runtime/rt-impl/src/syms.rs +++ b/src/runtime/rt-impl/src/syms.rs @@ -69,10 +69,7 @@ macro_rules! check_ffi_type { }; } -use std::{ - ffi::{c_void, CStr}, - os::fd::RawFd, -}; +use std::ffi::{c_void, CStr}; use tracing::warn; // core.h @@ -136,7 +133,7 @@ check_ffi_type!(twz_rt_cross_compartment_entry); pub unsafe extern "C-unwind" fn twz_rt_set_upcall_handler( handler: Option, ) { - set_upcall_handler(handler); + let _ = set_upcall_handler(handler); } check_ffi_type!(twz_rt_set_upcall_handler, _); @@ -594,16 +591,8 @@ pub unsafe extern "C-unwind" fn free(ptr: *mut core::ffi::c_void) { #[no_mangle] pub unsafe extern "C-unwind" fn getenv(name: *const core::ffi::c_char) -> *const core::ffi::c_char { - let tp = dynlink::tls::get_current_thread_control_block::<()>(); - twizzler_abi::klog_println!("GETENV: {:p}, tp={:p}", name, tp); let n = unsafe { CStr::from_ptr(name.cast()) }; - warn!( - "called c:getenv with name = {:p}: `{:?}`: not yet implemented", - name, n - ); - static ONE: &CStr = c"1"; - core::ptr::null_mut() - //ONE.as_ptr().cast() + OUR_RUNTIME.cgetenv(n) } #[no_mangle] @@ -651,8 +640,11 @@ pub unsafe extern "C-unwind" fn fprintf( } #[no_mangle] -pub unsafe extern "C-unwind" fn __monitor_get_slot() -> Option { - OUR_RUNTIME.allocate_slot() +pub unsafe extern "C-unwind" fn __monitor_get_slot() -> isize { + match OUR_RUNTIME.allocate_slot() { + Some(s) => s.try_into().unwrap_or(-1), + None => -1, + } } #[no_mangle] @@ -661,13 +653,18 @@ pub unsafe extern "C-unwind" fn __monitor_release_slot(slot: usize) { } #[no_mangle] -pub unsafe extern "C-unwind" fn __monitor_release_pair(slots: (usize, usize)) { - OUR_RUNTIME.release_pair(slots); +pub unsafe extern "C-unwind" fn __monitor_release_pair(one: usize, two: usize) { + OUR_RUNTIME.release_pair((one, two)); } #[no_mangle] -pub unsafe extern "C-unwind" fn __monitor_get_slot_pair() -> Option<(usize, usize)> { - OUR_RUNTIME.allocate_pair() +pub unsafe extern "C-unwind" fn __monitor_get_slot_pair(one: *mut usize, two: *mut usize) -> bool { + let Some((a, b)) = OUR_RUNTIME.allocate_pair() else { + return false; + }; + one.write(a); + two.write(b); + true } #[no_mangle] @@ -681,6 +678,6 @@ pub unsafe extern "C-unwind" fn __is_monitor_ready() -> bool { } #[no_mangle] -pub unsafe extern "C-unwind" fn __is_monitor() -> Option<*mut c_void> { - OUR_RUNTIME.is_monitor() +pub unsafe extern "C-unwind" fn __is_monitor() -> *mut c_void { + OUR_RUNTIME.is_monitor().unwrap_or(core::ptr::null_mut()) } diff --git a/src/runtime/rt/build.rs b/src/runtime/rt/build.rs index 98c59486..32709e4f 100644 --- a/src/runtime/rt/build.rs +++ b/src/runtime/rt/build.rs @@ -1,4 +1,10 @@ fn main() { - println!("cargo::rustc-link-lib=twz_rt"); - println!("cargo::rustc-link-search=target/dynamic/x86_64-unknown-twizzler/release"); + if let Ok(target) = std::env::var("TARGET") { + if let Ok(profile) = std::env::var("PROFILE") { + println!( + "cargo::rustc-link-search=target/dynamic/{}/{}", + target, profile + ); + } + } } diff --git a/src/runtime/rt/src/lib.rs b/src/runtime/rt/src/lib.rs index 8b137891..f2c2d482 100644 --- a/src/runtime/rt/src/lib.rs +++ b/src/runtime/rt/src/lib.rs @@ -1 +1,2 @@ - +#[link(name = "twz_rt")] +extern "C-unwind" {} diff --git a/src/runtime/secgate/secgate-macros/src/lib.rs b/src/runtime/secgate/secgate-macros/src/lib.rs index 7abbe214..f1f59dba 100644 --- a/src/runtime/secgate/secgate-macros/src/lib.rs +++ b/src/runtime/secgate/secgate-macros/src/lib.rs @@ -1,4 +1,3 @@ -#![feature(c_str_literals)] #![feature(iterator_try_collect)] #![feature(proc_macro_diagnostic)] // syn doesn't allow us to easily fix this. @@ -167,12 +166,10 @@ fn handle_secure_gate( let Info { mod_name, - fn_name, internal_fn_name, .. } = names; tree.sig.ident = parse_quote!(#internal_fn_name); - //tree.vis = parse_quote!(pub(crate)); if entry_only { Ok(quote::quote! { @@ -280,7 +277,6 @@ fn build_entry(tree: &ItemFn, names: &Info) -> Result