devices: remove user_command from proxy device

The only device that used user_command was Serial. This change makes
Serial device use a thread to read from its input instead of using
user_command.

BUG=chromium:1033787
TEST=./build_test
     run crosvm with stdio serial with and without sandbox

Change-Id: Ia0f2ee83d94ad2fee3f1f4f89aa734b976e33507
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1966435
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Auto-Submit: Zach Reizner <zachr@chromium.org>

2 files changed, 29 insertions, 18 deletions

diff --git a/sys_util/src/errno.rs b/sys_util/src/errno.rs
index cf54aae..607d6b3 100644
--- a/sys_util/src/errno.rs
+++ b/sys_util/src/errno.rs
@@ -40,11 +40,17 @@ impl From<io::Error> for Error {
     }
 }
 
+impl From<Error> for io::Error {
+    fn from(e: Error) -> io::Error {
+        io::Error::from_raw_os_error(e.0)
+    }
+}
+
 impl std::error::Error for Error {}
 
 impl Display for Error {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-        io::Error::from_raw_os_error(self.0).fmt(f)
+        Into::<io::Error>::into(*self).fmt(f)
     }
 }
 
diff --git a/sys_util/src/terminal.rs b/sys_util/src/terminal.rs
index eb5141c..89456f9 100644
--- a/sys_util/src/terminal.rs
+++ b/sys_util/src/terminal.rs
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-use std::io::StdinLock;
+use std::io::Stdin;
 use std::mem::zeroed;
 use std::os::unix::io::RawFd;
 
@@ -37,6 +37,26 @@ fn modify_mode<F: FnOnce(&mut termios)>(fd: RawFd, f: F) -> Result<()> {
     Ok(())
 }
 
+/// Safe only when the FD given is valid and reading the fd will have no Rust safety implications.
+unsafe fn read_raw(fd: RawFd, out: &mut [u8]) -> Result<usize> {
+    let ret = read(fd, out.as_mut_ptr() as *mut _, out.len());
+    if ret < 0 {
+        return errno_result();
+    }
+
+    Ok(ret as usize)
+}
+
+/// Read raw bytes from stdin.
+///
+/// This will block depending on the underlying mode of stdin. This will ignore the usual lock
+/// around stdin that the stdlib usually uses. If other code is using stdin, it is undefined who
+/// will get the underlying bytes.
+pub fn read_raw_stdin(out: &mut [u8]) -> Result<usize> {
+    // Safe because reading from stdin shouldn't have any safety implications.
+    unsafe { read_raw(STDIN_FILENO, out) }
+}
+
 /// Trait for file descriptors that are TTYs, according to `isatty(3)`.
 ///
 /// This is marked unsafe because the implementation must promise that the returned RawFd is a valid
@@ -66,25 +86,10 @@ pub unsafe trait Terminal {
             clear_fd_flags(self.tty_fd(), O_NONBLOCK)
         }
     }
-
-    /// Reads up to `out.len()` bytes from this terminal without any buffering.
-    ///
-    /// This may block, depending on if non-blocking was enabled with `set_non_block` or if there
-    /// are any bytes to read. If there is at least one byte that is readable, this will not block.
-    fn read_raw(&self, out: &mut [u8]) -> Result<usize> {
-        // Safe because read will only modify the pointer up to the length we give it and we check
-        // the return result.
-        let ret = unsafe { read(self.tty_fd(), out.as_mut_ptr() as *mut _, out.len()) };
-        if ret < 0 {
-            return errno_result();
-        }
-
-        Ok(ret as usize)
-    }
 }
 
 // Safe because we return a genuine terminal fd that never changes and shares our lifetime.
-unsafe impl<'a> Terminal for StdinLock<'a> {
+unsafe impl Terminal for Stdin {
     fn tty_fd(&self) -> RawFd {
         STDIN_FILENO
     }