From b13ad7e80bed802468aac2d876d372c1bcde565c Mon Sep 17 00:00:00 2001
From: Dario Nieuwenhuis <dirbaio@dirbaio.net>
Date: Tue, 7 May 2024 23:21:55 +0200
Subject: Fix PeripheralRef soundness issue allowing &T.

Fix soundness issue introduced in a previous soundness fix https://github.com/embassy-rs/embassy/pull/2602 .
PeripheralRef must not implement DerefMut itself, but the blanket impl must still require DerefMut. Otherwise
you can create two instances of a driver on the same uart by using `&my_uart`.
---
 embassy-hal-internal/src/peripheral.rs | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'embassy-hal-internal')

diff --git a/embassy-hal-internal/src/peripheral.rs b/embassy-hal-internal/src/peripheral.rs
index f03f41507..0b0f13338 100644
--- a/embassy-hal-internal/src/peripheral.rs
+++ b/embassy-hal-internal/src/peripheral.rs
@@ -1,5 +1,5 @@
 use core::marker::PhantomData;
-use core::ops::Deref;
+use core::ops::{Deref, DerefMut};
 
 /// An exclusive reference to a peripheral.
 ///
@@ -155,7 +155,7 @@ pub trait Peripheral: Sized {
     }
 }
 
-impl<'b, T: Deref> Peripheral for T
+impl<'b, T: DerefMut> Peripheral for T
 where
     T::Target: Peripheral,
 {
@@ -163,6 +163,15 @@ where
 
     #[inline]
     unsafe fn clone_unchecked(&self) -> Self::P {
-        self.deref().clone_unchecked()
+        T::Target::clone_unchecked(self)
+    }
+}
+
+impl<'b, T: Peripheral> Peripheral for PeripheralRef<'_, T> {
+    type P = T::P;
+
+    #[inline]
+    unsafe fn clone_unchecked(&self) -> Self::P {
+        T::clone_unchecked(self)
     }
 }
-- 
cgit