Add strict_provenance and replace to_bits with expose_addr

Unstable feature strict_provenace is used. This is used to require
more strict pointer operations. The case is explained in

rust-lang/rust#95228

"If you ever want to treat something as a Real Pointer that can be
Offset and Dereferenced, there must be an unbroken chain of custody
from that pointer to the original allocation you are trying to access
using only pointer->pointer operations. If at any point you turn a
pointer into an integer, that integer cannot be turned back into a
pointer. This includes usize as ptr, transmute, type punning with raw
pointer reads/writes, whatever. Just assume the memory "knows" it
contains a pointer and that writing to it as a non-pointer makes it
forget."

This commit includes replacement of to_bits() calls with calls to
expose_addr().

Signed-off-by: Markku Kylänpää <markku.kylanpaa@vtt.fi>

Author: ttemjk

libhapp/src/device.rs

@@ -279,7 +279,7 @@ impl Device {
                      MapFlags::MAP_SHARED,
                      self.device_file.as_ref().unwrap().as_raw_fd(),
                      addr as off_t) } {
-                return Ok(ptr.to_bits());
+                return Ok(ptr.expose_addr());
         }
 
         return Err(Error::Device);

libhapp/src/lib.rs

@@ -4,6 +4,7 @@
 // Copyright (C) 2022 VTT Technical Research Centre of Finland Ltd
 
 #![feature(ptr_to_from_bits)]
+#![feature(strict_provenance)]
 
 extern crate std;
 

libhapp/src/memory.rs

@@ -104,15 +104,17 @@ impl MemoryArea {
     }
 
     fn base_addr(&self) -> uintptr {
-        self.base.to_bits()
+        self.base.expose_addr()
     }
 
     fn size(&self) -> usize {
         self.size
     }
 
     fn top(&self) -> uintptr {
-        unsafe { self.base.add(self.base_offset + self.free_offset).to_bits() }
+        unsafe {
+	    self.base.add(self.base_offset + self.free_offset).expose_addr()
+	}
     }
 
     fn alloc_page(&mut self) -> Result<Page, Error> {
@@ -207,7 +209,7 @@ impl <'a>Page<'a>  {
     }
 
     fn base_addr(&self) -> uintptr {
-        self.content.as_ptr().to_bits()
+        self.content.as_ptr().expose_addr()
     }
 
     pub(crate) fn write(&mut self,
@@ -278,7 +280,7 @@ impl <'a>Memory<'a> {
             let priv_mem = MemoryArea::new(base, pm_size);
             // Allocate the root page table. Since this is the first allocation
             // it will always be at offset 0.
-            let root_page = base.to_bits();
+            let root_page = base.expose_addr();
             Ok(Self {device:   device,
                      mappings: None,
                      root_pgt: root_page,
@@ -310,7 +312,7 @@ impl <'a>Memory<'a> {
         }
 
         let offset = PageTable::index(page_addr, 0) * PageTableEntry::SIZE;
-        let addr   = pt.entries.as_ptr().to_bits() + offset;
+        let addr   = pt.entries.as_ptr().expose_addr() + offset;
         assert!(addr != 0);
         return Ok(PageTableEntry::wrap(addr));
     }