[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <C0A689E8-4192-4851-9650-5B76F5A30086@collabora.com>
Date: Sat, 9 Nov 2024 20:33:09 -0300
From: Daniel Almeida <daniel.almeida@...labora.com>
To: Christian dos Santos de Lima <christiansantoslima21@...il.com>
Cc: rust-for-linux@...r.kernel.org,
linux-kernel@...r.kernel.org,
Miguel Ojeda <ojeda@...nel.org>,
Alex Gaynor <alex.gaynor@...il.com>,
Boqun Feng <boqun.feng@...il.com>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Benno Lossin <benno.lossin@...ton.me>,
Andreas Hindborg <a.hindborg@...nel.org>,
Alice Ryhl <aliceryhl@...gle.com>,
Trevor Gross <tmgross@...ch.edu>,
~lkcamp/patches@...ts.sr.ht,
Abdiel Janulgue <abdiel.janulgue@...il.com>
Subject: Re: [PATCH v3] rust: transmute: Add implementation for FromBytes
trait
+cc Abdiel
Hi Christian,
> On 9 Nov 2024, at 02:54, Christian dos Santos de Lima <christiansantoslima21@...il.com> wrote:
>
> Add implementation and documentation for FromBytes trait.
>
> Add new feature block in order to allow using ToBytes
> and bound to from_bytes_mut function. I'm adding this feature
> because is possible create a value with disallowed bit pattern
> and as_byte_mut could create such value by mutating the array and
> accessing the original value. So adding ToBytes this can be avoided.
I’ve read this a couple of times. It’s hard to understand what you’re trying to say.
There are some grammar errors, but the even the key idea is hard to understand. IOW,
I had to go on Github to get the extra context needed to understand this part below:
> possible create a value with disallowed bit pattern
> and as_byte_mut could create such value by mutating the array and
> accessing the original value. So adding ToBytes this can be avoided.
Also, core::simd::ToBytes? Maybe Bjorn meant a new kernel::transmute::ToBytes trait?
Christian, are you aware of Abdiel’s dma_alloc_coherent patch [0]? How is this patch
an improvement over the simpler code below, for example?
> + fn cpu_buf(&self) -> &[T]
> + {
> + // SAFETY: The pointer is valid due to type invariant on `CoherentAllocation` and
> + // is valid for reads for `self.count * size_of::<T>` bytes.
> + unsafe { core::slice::from_raw_parts(self.cpu_addr, self.count) }
> + }
> +
> + fn cpu_buf_mut(&mut self) -> &mut [T]
> + {
> + // SAFETY: The pointer is valid due to type invariant on `CoherentAllocation` and
> + // is valid for reads for `self.count * size_of::<T>` bytes.
> + unsafe { core::slice::from_raw_parts_mut(self.cpu_addr, self.count) }
> + }
I believe that most users would have a pointer to memory allocated on the C side, as you can
see from Abdiel’s excerpt above. Without a user, it’s hard to know why we need this, specially
given the simd::ToBytes bound.
Just my 2c.
— Daniel
[0] https://lore.kernel.org/rust-for-linux/20241105104726.3111058-3-abdiel.janulgue@gmail.com/
Powered by blists - more mailing lists