Skip to main content


sev-iocuddle is next. And let's actually skip ahead because there's an iocuddle crate right here. And let's look at that. So iocuddle is a library for building runtime safe iocuddle interfaces. So if you've ever used iocuddle, it's a sycall that you can use on Linux. And it stands for IO control. And the original purpose for IO control was for doing things like setting terminal modes on a particular like your standard out or whatever. So you could set colors or you know, buffering or whatever. It's also used for control things like buffering on sockets and various other things. However, since that time, iocuddle has vastly expanded in its use, because it's sort of like the, if you want to do some operation on some file descriptor, you can define an iocuddle for it, like that's the standard way to extend the Linux kernel. And so today, there's literally hundreds, probably 1000s of these iocuddle, is usually how it's pronounced. The problem with iocuddle is that they are they rely specifically on C language features, which are very, very unsafe to use. And so what we actually want is we want a sort of safe wrapper around iocuddle, that allows us to define everything up front, and then all of our safety is guaranteed by the type system. And so iocuddle is a crate for doing this. And the the way iocuddle works is that iocuddle itself does not define any iocuddle, it just defines a framework for declaring iocuddle. And then you an example of declaring an iocuddle is here. So here's three of them on the screen right now. So this I've highlighted one iocuddle. Right now this is using classic mode. And you basically define the semantics of how that I iocuddle works. And then the resulting code can be safe, because it guarantees all the invariants of that iocuddle. And there's also a non classic mode. So there are two different sort of like eras for iocuddle. Early on in the Linux kernel, we would just basically define a number for your iocuddle. And then there would be no typing enforced. And then over time, they decided to be more systematic. And so they would have, let me find an example of a non classic modern interface, here at the bottom, as modern interfaces. So first of all, you would define a group. And that group number would say that all iocuddle within this group are related in some way. And then you would define whether it was a read iocuddle, a write iocuddle, or a write read iocuddle. And that would define the semantics around mutability of the objects that are passed in, and so forth. And basically, we use all this information we can to create a safe Rust interface, the resulting const that's used then can, let me see an example of it actually being used. Here's one. So you basically define the const, which has all the invariants of the iocuddleitself. And now you can safely call this on a file, like this tty at the top, because because we've wrapped it all in a safe way, it also means that the definition of the iocuddle is done once in a central place, and is then enforced by the type system for every other invocation. If we didn't do this, it means that every time we would try to call an iocuddle we would have to do all sorts of unsafe things. And this allows us to just do it in one place. And so if we go back now to the sev-iocuddle crate, this is also a crate we probably don't really want to maintain anymore, because this is the older versions of SEV. But you can see in here that we have, so here's one of the some of the KVM iocuddle that we've defined. And so we use iocuddle to do this, and these are SEV related iocuddle. But again, we don't actually use this crate anymore. We do use iocuddle in other places. So this is not the only place we use iocuddle, this is just a set of sev-iocuddle that we're no longer using.