Merge pull request #7 from YuhanLiin/remove-enable-cs

cr1901 · web-flow · commit 9d0503e3ce18 · 2022-01-06T15:53:54.000-05:00
Remove enable_cs due to unsoundness
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+### Removed
+- `enable_cs` removed due to soundness hole when interacting with `Clone` and
+  `interrupt::free`.
+
 ## [v0.2.2] - 2020-04-23
 
 ### Changed
diff --git a/Cargo.toml b/Cargo.toml
@@ -7,7 +7,7 @@ keywords = ["msp430", "interrupt", "register", "peripheral"]
 license = "MIT OR Apache-2.0"
 name = "msp430"
 repository = "https://github.com/rust-embedded/msp430"
-version = "0.2.2"
+version = "0.3.0"
 
 [dependencies.bare-metal]
 features = ["const-fn"]
diff --git a/src/interrupt.rs b/src/interrupt.rs
@@ -23,7 +23,9 @@ pub fn disable() {
 ///
 /// # Safety
 ///
-/// - Do not call this function inside an `interrupt::free` critical section
+/// - In any function `f()` that calls `enable`, `CriticalSection` or `&CriticalSection` tokens cannot be used in `f()`'s body after the 
+///   call to `enable`. If `f()` owns `CriticalSection` tokens, it is recommended to [`drop`](https://doc.rust-lang.org/nightly/core/mem/fn.drop.html)
+///   these tokens before calling `enable`.
 #[inline(always)]
 pub unsafe fn enable() {
     match () {
@@ -40,13 +42,6 @@ pub unsafe fn enable() {
     }
 }
 
-/// Safely enables all interrupts by consuming a `CriticalSection`, which ensures that subsequent
-/// code cannot borrow from a `Mutex` without creating a new critical section.
-#[inline(always)]
-pub fn enable_cs(_cs: CriticalSection) {
-    unsafe { enable() };
-}
-
 /// Execute closure `f` in an interrupt-free context.
 ///
 /// This as also known as a "critical section".
