ci: add nopanic check for apple-other (#524)

rust-random · Oct 16, 2024 · 203e3c3 · 203e3c3
1 parent bafc6e0
commit 203e3c3
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 19 deletions.
diff --git a/.github/workflows/nopanic.yaml b/.github/workflows/nopanic.yaml
@@ -27,6 +27,7 @@ jobs:
           # We need Nightly for the rust-std component for wasm32-wasip2
           toolchain: nightly-2024-10-14
           targets: wasm32-wasip1, wasm32-wasip2
+      - uses: Swatinem/rust-cache@v2
 
       - name: Build (linux_android_with_fallback.rs)
         run: cargo build --release
@@ -82,6 +83,7 @@ jobs:
           toolchain: stable
           components: rust-src
           targets: aarch64-unknown-linux-gnu,x86_64-unknown-netbsd,x86_64-unknown-freebsd,x86_64-pc-solaris
+      - uses: Swatinem/rust-cache@v2
       # TODO: use pre-compiled cross after a new (post-0.2.5) release
       - name: Install cross
         run: cargo install cross --git https://github.com/cross-rs/cross
@@ -110,14 +112,21 @@ jobs:
 
   macos:
     name: macOS
-    runs-on: ubuntu-latest
+    runs-on: macos-14
     steps:
       - uses: actions/checkout@v4
       - uses: dtolnay/rust-toolchain@master
         with:
           toolchain: stable
+          targets: aarch64-apple-ios
+      - uses: Swatinem/rust-cache@v2
 
       - name: Build (getentropy.rs)
-        run: cargo build --release
+        run: cargo build --release --target=aarch64-apple-darwin
       - name: Check (getentropy.rs)
-        run: ret=$(grep panic target/release/libgetrandom_wrapper.so; echo $?); [ $ret -eq 1 ]
+        run: ret=$(grep -c panic target/aarch64-apple-darwin/release/libgetrandom_wrapper.dylib); (( $ret == 1))
+
+      - name: Build (apple-other.rs)
+        run: cargo build --release --target=aarch64-apple-ios
+      - name: Check (apple-other.rs)
+        run: ret=$(grep -c panic target/aarch64-apple-ios/release/libgetrandom_wrapper.dylib); (( $ret == 1))
diff --git a/nopanic_check/Cargo.toml b/nopanic_check/Cargo.toml
@@ -16,6 +16,7 @@ getrandom = { path = ".." }
 
 [profile.release]
 panic = "abort"
+strip = true
 
 [lints.rust.unexpected_cfgs]
 level = "warn"

diff --git a/src/apple-other.rs b/src/apple-other.rs
@@ -2,23 +2,12 @@
 use crate::Error;
 use core::{ffi::c_void, mem::MaybeUninit};
 
-// libsystem contains the libc of Darwin, and every binary ends up linked against it either way. This
-// makes it a more lightweight choice compared to `Security.framework`.
-extern "C" {
-    // This RNG uses a thread-local CSPRNG to provide data, which is seeded by the operating system's root CSPRNG.
-    // Its the best option after `getentropy` on modern Darwin-based platforms that also avoids the
-    // high startup costs and linking of Security.framework.
-    //
-    // While its just an implementation detail, `Security.framework` just calls into this anyway.
-    fn CCRandomGenerateBytes(bytes: *mut c_void, size: usize) -> i32;
-}
-
 pub fn getrandom_inner(dest: &mut [MaybeUninit<u8>]) -> Result<(), Error> {
-    let ret = unsafe { CCRandomGenerateBytes(dest.as_mut_ptr().cast::<c_void>(), dest.len()) };
-    // kCCSuccess (from CommonCryptoError.h) is always zero.
-    if ret != 0 {
-        Err(Error::IOS_SEC_RANDOM)
-    } else {
+    let dst_ptr = dest.as_mut_ptr().cast::<c_void>();
+    let ret = unsafe { libc::CCRandomGenerateBytes(dst_ptr, dest.len()) };
+    if ret == libc::kCCSuccess {
         Ok(())
+    } else {
+        Err(Error::IOS_SEC_RANDOM)
     }
 }