Unify headers of safety comments

framework/libs/ktest/src/lib.rs

@@ -200,7 +200,7 @@ macro_rules! ktest_array {
         }
         let item_size = core::mem::size_of::<KtestItem>();
         let l = (__ktest_array_end as usize - __ktest_array as usize) / item_size;
-        // Safety: __ktest_array is a static section consisting of KtestItem.
+        // SAFETY: __ktest_array is a static section consisting of KtestItem.
         unsafe { core::slice::from_raw_parts(__ktest_array as *const KtestItem, l) }
     }};
 }

framework/libs/linux-bzimage/setup/src/console.rs

@@ -12,13 +12,13 @@ static mut STDOUT: Stdout = Stdout {
     serial_port: unsafe { SerialPort::new(0x0) },
 };
 
-/// safety: this function must only be called once
+/// SAFETY: this function must only be called once
 pub unsafe fn init() {
     STDOUT = Stdout::init();
 }
 
 impl Stdout {
-    /// safety: this function must only be called once
+    /// SAFETY: this function must only be called once
     pub unsafe fn init() -> Self {
         let mut serial_port = unsafe { SerialPort::new(0x3F8) };
         serial_port.init();
@@ -35,7 +35,7 @@ impl Write for Stdout {
 
 /// This is used when dyn Trait is not supported or fmt::Arguments is fragile to use in PIE.
 ///
-/// Safety: init() must be called before print_str() and there should be no race conditions.
+/// SAFETY: init() must be called before print_str() and there should be no race conditions.
 pub unsafe fn print_str(s: &str) {
     STDOUT.write_str(s).unwrap();
 }
@@ -46,7 +46,7 @@ unsafe fn print_char(c: char) {
 
 /// This is used when dyn Trait is not supported or fmt::Arguments is fragile to use in PIE.
 ///
-/// Safety: init() must be called before print_hex() and there should be no race conditions.
+/// SAFETY: init() must be called before print_hex() and there should be no race conditions.
 pub unsafe fn print_hex(n: u64) {
     print_str("0x");
     for i in (0..16).rev() {
@@ -65,7 +65,7 @@ pub unsafe fn print_hex(n: u64) {
 
 /// Glue code for print!() and println!() macros.
 ///
-/// Safety: init() must be called before print_fmt() and there should be no race conditions.
+/// SAFETY: init() must be called before print_fmt() and there should be no race conditions.
 pub unsafe fn print_fmt(args: fmt::Arguments) {
     STDOUT.write_fmt(args).unwrap();
 }

framework/libs/linux-bzimage/setup/src/loader.rs

@@ -22,7 +22,7 @@ fn load_segment(file: &xmas_elf::ElfFile, program: &xmas_elf::program::ProgramHe
     let SegmentData::Undefined(header_data) = program.get_data(file).unwrap() else {
         panic!("[setup] Unexpected segment data type!");
     };
-    // Safety: the physical address from the ELF file is valid
+    // SAFETY: the physical address from the ELF file is valid
     let dst_slice = unsafe {
         core::slice::from_raw_parts_mut(program.physical_addr as *mut u8, program.mem_size as usize)
     };
@@ -40,7 +40,7 @@ fn load_segment(file: &xmas_elf::ElfFile, program: &xmas_elf::program::ProgramHe
         print_hex(program.mem_size as u64);
         print_str("\n");
     }
-    // Safety: the ELF file is valid
+    // SAFETY: the ELF file is valid
     // dst_slice[..program.file_size as usize].copy_from_slice(header_data);
     unsafe {
         memcpy(

framework/libs/linux-bzimage/setup/src/main.rs

@@ -38,7 +38,7 @@ fn get_payload(boot_params: &BootParams) -> &'static [u8] {
     let loaded_offset = x86::get_image_loaded_offset();
     let payload_offset = (loaded_offset + hdr.payload_offset as isize) as usize;
     let payload_length = hdr.payload_length as usize;
-    // Safety: the payload_offset and payload_length is valid if we assume that the
+    // SAFETY: the payload_offset and payload_length is valid if we assume that the
     // boot_params struct is correct.
     unsafe { core::slice::from_raw_parts_mut(payload_offset as *mut u8, payload_length) }
 }

framework/libs/linux-bzimage/setup/src/x86/amd64_efi/efi.rs

@@ -47,10 +47,10 @@ fn efi_phase_boot(
     system_table: SystemTable<Boot>,
     boot_params_ptr: *mut BootParams,
 ) -> ! {
-    // Safety: this init function is only called once.
+    // SAFETY: this init function is only called once.
     unsafe { crate::console::init() };
 
-    // Safety: this is the right time to apply relocations.
+    // SAFETY: this is the right time to apply relocations.
     unsafe { apply_rela_dyn_relocations() };
 
     uefi_services::println!("[EFI stub] Relocations applied.");

framework/libs/linux-bzimage/setup/src/x86/amd64_efi/relocation.rs

@@ -43,7 +43,7 @@ fn get_rela_array() -> &'static [Elf64Rela] {
         print_hex(end as u64);
         print_str("\n");
     }
-    // Safety: the linker will ensure that the symbols are valid.
+    // SAFETY: the linker will ensure that the symbols are valid.
     unsafe { core::slice::from_raw_parts(start, len) }
 }
 

framework/libs/linux-bzimage/setup/src/x86/legacy_i386/mod.rs

@@ -14,7 +14,7 @@ pub const ASTER_ENTRY_POINT: u32 = 0x8001000;
 
 #[export_name = "_bzimage_entry_32"]
 extern "cdecl" fn bzimage_entry(boot_params_ptr: u32) -> ! {
-    // Safety: this init function is only called once.
+    // SAFETY: this init function is only called once.
     unsafe { crate::console::init() };
 
     // println!("[setup] bzImage loaded at {:#x}", x86::relocation::get_image_loaded_offset());
@@ -24,13 +24,13 @@ extern "cdecl" fn bzimage_entry(boot_params_ptr: u32) -> ! {
         print_str("\n");
     }
 
-    // Safety: the boot_params_ptr is a valid pointer to be borrowed.
+    // SAFETY: the boot_params_ptr is a valid pointer to be borrowed.
     let boot_params = unsafe { &*(boot_params_ptr as *const BootParams) };
-    // Safety: the payload_offset and payload_length is valid.
+    // SAFETY: the payload_offset and payload_length is valid.
     let payload = crate::get_payload(boot_params);
     crate::loader::load_elf(payload);
 
-    // Safety: the entrypoint and the ptr is valid.
+    // SAFETY: the entrypoint and the ptr is valid.
     unsafe { call_aster_entrypoint(ASTER_ENTRY_POINT, boot_params_ptr.try_into().unwrap()) };
 }