The current version of virtiofsd is 1.10.1.
cargo-vet does not verify reviewers' identity. You have to fully trust the source the audits are from.
- ub-risk-3 (implies ub-risk-4)
A designated unsafe code reviewer has audited the unsafe code in this crate. It has been found to pose a significant risk of causing undefined behavior.
UB-RISK-3 crates are suitable for select applications:
- Safety documentation may not be adequately comprehensive or precise. Unsafe APIs can be used soundly with a decent amount of caution.
- Unsafe blocks may rely on under-documented or inferred invariants and preconditions. The reasoning required to justify them may rely on specific interpretations of undefined behavior that are under-specified. Those interpretations must not actively cause UB, and should be unlikely to begin causing UB in the future.
- Undefined behavior may be possible under uncommon circumstances.
UB-RISK-3 crates may not uphold the typical standards required for unsafe code, but are still used because they have been widely adopted and will inevitably be leveraged by indirect dependencies. These crates may exhibit undefined behavior under "uncommon circumstances", which is ultimately up to reviewer discretion. A decent amount of experience with unsafe code will be required to avoid undefined behavior.
Implied by other criteria
A designated unsafe code reviewer has audited the unsafe code in this crate. It has been found to pose a high risk of causing undefined behavior.
UB-RISK-4 crates are unsuitable except in specific situations:
- Safety documentation may be nonexistent. Unsafe APIs may be difficult to use safely even with experience writing unsafe code and specific domain expertise.
- Unsafe blocks may rely on undocumented invarianats or platform-specific behavior. It may be difficult or impossible to reason about all possible situations that may cause undefined behavior. Even a best-effort review is expected to miss at least some possible unsoundness.
- Undefined behavior may be possible under common circumstances.
UB-RISK-4 crates may have APIs that are difficult to use without causing undefined behavior. They may require a large amount of domain expertise to use correctly, have large unsafe APIs with insufficient documentation, or perform many operations from safe code that could cause undefined behavior.
- does-not-implement-crypto (implies crypto-safe)
Inspection reveals that the crate in question does not attempt to implement any cryptographic algorithms on its own.
Note that certification of this does not require an expert on all forms of cryptography: it's expected for crates we import to be "good enough" citizens, so they'll at least be forthcoming if they try to implement something cryptographic. When in doubt, please ask an expert.
Implied by other criteria
All crypto algorithms in this crate have been reviewed by a relevant expert.
Note: If a crate does not implement crypto, use
does-not-implement-crypto, which implies
crypto-safe, but does not require expert review in order to audit for.
May have been packaged automatically without a review
Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories. There is absolutely no guarantee that the repository URL declared by the crate belongs to the crate, or that the code in the repository is the code inside the published tarball.
To review the actual code of the crate, it's best to use
cargo crev open virtiofsd. Alternatively, you can download the tarball of virtiofsd v1.10.1 or view the source online.