summaryrefslogtreecommitdiff
path: root/rust
diff options
context:
space:
mode:
Diffstat (limited to 'rust')
-rw-r--r--rust/Makefile2
-rw-r--r--rust/kernel/acpi.rs4
-rw-r--r--rust/kernel/debugfs/traits.rs55
-rw-r--r--rust/kernel/opp.rs114
-rw-r--r--rust/kernel/sync/atomic.rs12
-rw-r--r--rust/kernel/sync/lock.rs41
-rw-r--r--rust/kernel/sync/lock/global.rs5
7 files changed, 131 insertions, 102 deletions
diff --git a/rust/Makefile b/rust/Makefile
index 3e545c1a0ff4..7842ad0a4ea7 100644
--- a/rust/Makefile
+++ b/rust/Makefile
@@ -298,7 +298,7 @@ bindgen_skip_c_flags := -mno-fp-ret-in-387 -mpreferred-stack-boundary=% \
-fno-inline-functions-called-once -fsanitize=bounds-strict \
-fstrict-flex-arrays=% -fmin-function-alignment=% \
-fzero-init-padding-bits=% -mno-fdpic \
- --param=% --param asan-%
+ --param=% --param asan-% -fno-isolate-erroneous-paths-dereference
# Derived from `scripts/Makefile.clang`.
BINDGEN_TARGET_x86 := x86_64-linux-gnu
diff --git a/rust/kernel/acpi.rs b/rust/kernel/acpi.rs
index 37e1161c1298..9b8efa623130 100644
--- a/rust/kernel/acpi.rs
+++ b/rust/kernel/acpi.rs
@@ -39,9 +39,7 @@ impl DeviceId {
pub const fn new(id: &'static CStr) -> Self {
let src = id.to_bytes_with_nul();
build_assert!(src.len() <= Self::ACPI_ID_LEN, "ID exceeds 16 bytes");
- // Replace with `bindings::acpi_device_id::default()` once stabilized for `const`.
- // SAFETY: FFI type is valid to be zero-initialized.
- let mut acpi: bindings::acpi_device_id = unsafe { core::mem::zeroed() };
+ let mut acpi: bindings::acpi_device_id = pin_init::zeroed();
let mut i = 0;
while i < src.len() {
acpi.id[i] = src[i];
diff --git a/rust/kernel/debugfs/traits.rs b/rust/kernel/debugfs/traits.rs
index ab009eb254b3..92054fed2136 100644
--- a/rust/kernel/debugfs/traits.rs
+++ b/rust/kernel/debugfs/traits.rs
@@ -4,14 +4,11 @@
//! Traits for rendering or updating values exported to DebugFS.
use crate::prelude::*;
+use crate::sync::atomic::{Atomic, AtomicBasicOps, AtomicType, Relaxed};
use crate::sync::Mutex;
use crate::uaccess::UserSliceReader;
use core::fmt::{self, Debug, Formatter};
use core::str::FromStr;
-use core::sync::atomic::{
- AtomicI16, AtomicI32, AtomicI64, AtomicI8, AtomicIsize, AtomicU16, AtomicU32, AtomicU64,
- AtomicU8, AtomicUsize, Ordering,
-};
/// A trait for types that can be written into a string.
///
@@ -50,7 +47,7 @@ pub trait Reader {
fn read_from_slice(&self, reader: &mut UserSliceReader) -> Result;
}
-impl<T: FromStr> Reader for Mutex<T> {
+impl<T: FromStr + Unpin> Reader for Mutex<T> {
fn read_from_slice(&self, reader: &mut UserSliceReader) -> Result {
let mut buf = [0u8; 128];
if reader.len() > buf.len() {
@@ -66,37 +63,21 @@ impl<T: FromStr> Reader for Mutex<T> {
}
}
-macro_rules! impl_reader_for_atomic {
- ($(($atomic_type:ty, $int_type:ty)),*) => {
- $(
- impl Reader for $atomic_type {
- fn read_from_slice(&self, reader: &mut UserSliceReader) -> Result {
- let mut buf = [0u8; 21]; // Enough for a 64-bit number.
- if reader.len() > buf.len() {
- return Err(EINVAL);
- }
- let n = reader.len();
- reader.read_slice(&mut buf[..n])?;
+impl<T: AtomicType + FromStr> Reader for Atomic<T>
+where
+ T::Repr: AtomicBasicOps,
+{
+ fn read_from_slice(&self, reader: &mut UserSliceReader) -> Result {
+ let mut buf = [0u8; 21]; // Enough for a 64-bit number.
+ if reader.len() > buf.len() {
+ return Err(EINVAL);
+ }
+ let n = reader.len();
+ reader.read_slice(&mut buf[..n])?;
- let s = core::str::from_utf8(&buf[..n]).map_err(|_| EINVAL)?;
- let val = s.trim().parse::<$int_type>().map_err(|_| EINVAL)?;
- self.store(val, Ordering::Relaxed);
- Ok(())
- }
- }
- )*
- };
+ let s = core::str::from_utf8(&buf[..n]).map_err(|_| EINVAL)?;
+ let val = s.trim().parse::<T>().map_err(|_| EINVAL)?;
+ self.store(val, Relaxed);
+ Ok(())
+ }
}
-
-impl_reader_for_atomic!(
- (AtomicI16, i16),
- (AtomicI32, i32),
- (AtomicI64, i64),
- (AtomicI8, i8),
- (AtomicIsize, isize),
- (AtomicU16, u16),
- (AtomicU32, u32),
- (AtomicU64, u64),
- (AtomicU8, u8),
- (AtomicUsize, usize)
-);
diff --git a/rust/kernel/opp.rs b/rust/kernel/opp.rs
index 2c763fa9276d..f9641c639fff 100644
--- a/rust/kernel/opp.rs
+++ b/rust/kernel/opp.rs
@@ -87,7 +87,7 @@ use core::{marker::PhantomData, ptr};
use macros::vtable;
-/// Creates a null-terminated slice of pointers to [`Cstring`]s.
+/// Creates a null-terminated slice of pointers to [`CString`]s.
fn to_c_str_array(names: &[CString]) -> Result<KVec<*const u8>> {
// Allocated a null-terminated vector of pointers.
let mut list = KVec::with_capacity(names.len() + 1, GFP_KERNEL)?;
@@ -443,66 +443,70 @@ impl<T: ConfigOps + Default> Config<T> {
///
/// The returned [`ConfigToken`] will remove the configuration when dropped.
pub fn set(self, dev: &Device) -> Result<ConfigToken> {
- let (_clk_list, clk_names) = match &self.clk_names {
- Some(x) => {
- let list = to_c_str_array(x)?;
- let ptr = list.as_ptr();
- (Some(list), ptr)
- }
- None => (None, ptr::null()),
- };
+ let clk_names = self.clk_names.as_deref().map(to_c_str_array).transpose()?;
+ let regulator_names = self
+ .regulator_names
+ .as_deref()
+ .map(to_c_str_array)
+ .transpose()?;
+
+ let set_config = || {
+ let clk_names = clk_names.as_ref().map_or(ptr::null(), |c| c.as_ptr());
+ let regulator_names = regulator_names.as_ref().map_or(ptr::null(), |c| c.as_ptr());
+
+ let prop_name = self
+ .prop_name
+ .as_ref()
+ .map_or(ptr::null(), |p| p.as_char_ptr());
+
+ let (supported_hw, supported_hw_count) = self
+ .supported_hw
+ .as_ref()
+ .map_or((ptr::null(), 0), |hw| (hw.as_ptr(), hw.len() as u32));
+
+ let (required_dev, required_dev_index) = self
+ .required_dev
+ .as_ref()
+ .map_or((ptr::null_mut(), 0), |(dev, idx)| (dev.as_raw(), *idx));
+
+ let mut config = bindings::dev_pm_opp_config {
+ clk_names,
+ config_clks: if T::HAS_CONFIG_CLKS {
+ Some(Self::config_clks)
+ } else {
+ None
+ },
+ prop_name,
+ regulator_names,
+ config_regulators: if T::HAS_CONFIG_REGULATORS {
+ Some(Self::config_regulators)
+ } else {
+ None
+ },
+ supported_hw,
+ supported_hw_count,
- let (_regulator_list, regulator_names) = match &self.regulator_names {
- Some(x) => {
- let list = to_c_str_array(x)?;
- let ptr = list.as_ptr();
- (Some(list), ptr)
- }
- None => (None, ptr::null()),
- };
+ required_dev,
+ required_dev_index,
+ };
- let prop_name = self
- .prop_name
- .as_ref()
- .map_or(ptr::null(), |p| p.as_char_ptr());
-
- let (supported_hw, supported_hw_count) = self
- .supported_hw
- .as_ref()
- .map_or((ptr::null(), 0), |hw| (hw.as_ptr(), hw.len() as u32));
-
- let (required_dev, required_dev_index) = self
- .required_dev
- .as_ref()
- .map_or((ptr::null_mut(), 0), |(dev, idx)| (dev.as_raw(), *idx));
-
- let mut config = bindings::dev_pm_opp_config {
- clk_names,
- config_clks: if T::HAS_CONFIG_CLKS {
- Some(Self::config_clks)
- } else {
- None
- },
- prop_name,
- regulator_names,
- config_regulators: if T::HAS_CONFIG_REGULATORS {
- Some(Self::config_regulators)
- } else {
- None
- },
- supported_hw,
- supported_hw_count,
+ // SAFETY: The requirements are satisfied by the existence of [`Device`] and its safety
+ // requirements. The OPP core guarantees not to access fields of [`Config`] after this
+ // call and so we don't need to save a copy of them for future use.
+ let ret = unsafe { bindings::dev_pm_opp_set_config(dev.as_raw(), &mut config) };
- required_dev,
- required_dev_index,
+ to_result(ret).map(|()| ConfigToken(ret))
};
- // SAFETY: The requirements are satisfied by the existence of [`Device`] and its safety
- // requirements. The OPP core guarantees not to access fields of [`Config`] after this call
- // and so we don't need to save a copy of them for future use.
- let ret = unsafe { bindings::dev_pm_opp_set_config(dev.as_raw(), &mut config) };
+ // Ensure the closure does not accidentally drop owned data; if violated, the compiler
+ // produces E0525 with e.g.:
+ //
+ // ```
+ // closure is `FnOnce` because it moves the variable `clk_names` out of its environment
+ // ```
+ let _: &dyn Fn() -> _ = &set_config;
- to_result(ret).map(|()| ConfigToken(ret))
+ set_config()
}
/// Config's clk callback.
diff --git a/rust/kernel/sync/atomic.rs b/rust/kernel/sync/atomic.rs
index 016a6bcaf080..3afc376be42d 100644
--- a/rust/kernel/sync/atomic.rs
+++ b/rust/kernel/sync/atomic.rs
@@ -22,9 +22,10 @@ mod predefine;
pub use internal::AtomicImpl;
pub use ordering::{Acquire, Full, Relaxed, Release};
+pub(crate) use internal::{AtomicArithmeticOps, AtomicBasicOps, AtomicExchangeOps};
use crate::build_error;
-use internal::{AtomicArithmeticOps, AtomicBasicOps, AtomicExchangeOps, AtomicRepr};
+use internal::AtomicRepr;
use ordering::OrderingType;
/// A memory location which can be safely modified from multiple execution contexts.
@@ -306,6 +307,15 @@ where
}
}
+impl<T: AtomicType + core::fmt::Debug> core::fmt::Debug for Atomic<T>
+where
+ T::Repr: AtomicBasicOps,
+{
+ fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
+ core::fmt::Debug::fmt(&self.load(Relaxed), f)
+ }
+}
+
impl<T: AtomicType> Atomic<T>
where
T::Repr: AtomicExchangeOps,
diff --git a/rust/kernel/sync/lock.rs b/rust/kernel/sync/lock.rs
index 27202beef90c..cb00fdb94ffd 100644
--- a/rust/kernel/sync/lock.rs
+++ b/rust/kernel/sync/lock.rs
@@ -11,7 +11,7 @@ use crate::{
types::{NotThreadSafe, Opaque, ScopeGuard},
};
use core::{cell::UnsafeCell, marker::PhantomPinned, pin::Pin};
-use pin_init::{pin_data, pin_init, PinInit};
+use pin_init::{pin_data, pin_init, PinInit, Wrapper};
pub mod mutex;
pub mod spinlock;
@@ -115,6 +115,7 @@ pub struct Lock<T: ?Sized, B: Backend> {
_pin: PhantomPinned,
/// The data protected by the lock.
+ #[pin]
pub(crate) data: UnsafeCell<T>,
}
@@ -127,9 +128,13 @@ unsafe impl<T: ?Sized + Send, B: Backend> Sync for Lock<T, B> {}
impl<T, B: Backend> Lock<T, B> {
/// Constructs a new lock initialiser.
- pub fn new(t: T, name: &'static CStr, key: Pin<&'static LockClassKey>) -> impl PinInit<Self> {
+ pub fn new(
+ t: impl PinInit<T>,
+ name: &'static CStr,
+ key: Pin<&'static LockClassKey>,
+ ) -> impl PinInit<Self> {
pin_init!(Self {
- data: UnsafeCell::new(t),
+ data <- UnsafeCell::pin_init(t),
_pin: PhantomPinned,
// SAFETY: `slot` is valid while the closure is called and both `name` and `key` have
// static lifetimes so they live indefinitely.
@@ -240,6 +245,31 @@ impl<'a, T: ?Sized, B: Backend> Guard<'a, T, B> {
cb()
}
+
+ /// Returns a pinned mutable reference to the protected data.
+ ///
+ /// The guard implements [`DerefMut`] when `T: Unpin`, so for [`Unpin`]
+ /// types [`DerefMut`] should be used instead of this function.
+ ///
+ /// [`DerefMut`]: core::ops::DerefMut
+ /// [`Unpin`]: core::marker::Unpin
+ ///
+ /// # Examples
+ ///
+ /// ```
+ /// # use kernel::sync::{Mutex, MutexGuard};
+ /// # use core::{pin::Pin, marker::PhantomPinned};
+ /// struct Data(PhantomPinned);
+ ///
+ /// fn example(mutex: &Mutex<Data>) {
+ /// let mut data: MutexGuard<'_, Data> = mutex.lock();
+ /// let mut data: Pin<&mut Data> = data.as_mut();
+ /// }
+ /// ```
+ pub fn as_mut(&mut self) -> Pin<&mut T> {
+ // SAFETY: `self.lock.data` is structurally pinned.
+ unsafe { Pin::new_unchecked(&mut *self.lock.data.get()) }
+ }
}
impl<T: ?Sized, B: Backend> core::ops::Deref for Guard<'_, T, B> {
@@ -251,7 +281,10 @@ impl<T: ?Sized, B: Backend> core::ops::Deref for Guard<'_, T, B> {
}
}
-impl<T: ?Sized, B: Backend> core::ops::DerefMut for Guard<'_, T, B> {
+impl<T: ?Sized, B: Backend> core::ops::DerefMut for Guard<'_, T, B>
+where
+ T: Unpin,
+{
fn deref_mut(&mut self) -> &mut Self::Target {
// SAFETY: The caller owns the lock, so it is safe to deref the protected data.
unsafe { &mut *self.lock.data.get() }
diff --git a/rust/kernel/sync/lock/global.rs b/rust/kernel/sync/lock/global.rs
index d65f94b5caf2..38b448032799 100644
--- a/rust/kernel/sync/lock/global.rs
+++ b/rust/kernel/sync/lock/global.rs
@@ -106,7 +106,10 @@ impl<B: GlobalLockBackend> core::ops::Deref for GlobalGuard<B> {
}
}
-impl<B: GlobalLockBackend> core::ops::DerefMut for GlobalGuard<B> {
+impl<B: GlobalLockBackend> core::ops::DerefMut for GlobalGuard<B>
+where
+ B::Item: Unpin,
+{
fn deref_mut(&mut self) -> &mut Self::Target {
&mut self.inner
}
generated by cgit (git 2.34.1) at 2025-12-03 19:52:24 +0000