| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87iko1b213.fsf@kernel.org>
Date: Sat, 22 Mar 2025 14:58:16 +0100
From: Andreas Hindborg <a.hindborg@...nel.org>
To: FUJITA Tomonori <fujita.tomonori@...il.com>
Cc: linux-kernel@...r.kernel.org, Daniel Almeida
<daniel.almeida@...labora.com>, Boqun Feng <boqun.feng@...il.com>, Gary
Guo <gary@...yguo.net>, Fiona Behrens <me@...enk.dev>,
rust-for-linux@...r.kernel.org, netdev@...r.kernel.org, andrew@...n.ch,
hkallweit1@...il.com, tmgross@...ch.edu, ojeda@...nel.org,
alex.gaynor@...il.com, bjorn3_gh@...tonmail.com,
benno.lossin@...ton.me, a.hindborg@...sung.com, aliceryhl@...gle.com,
anna-maria@...utronix.de, frederic@...nel.org, tglx@...utronix.de,
arnd@...db.de, jstultz@...gle.com, sboyd@...nel.org, mingo@...hat.com,
peterz@...radead.org, juri.lelli@...hat.com,
vincent.guittot@...aro.org, dietmar.eggemann@....com,
rostedt@...dmis.org, bsegall@...gle.com, mgorman@...e.de,
vschneid@...hat.com, tgunders@...hat.com, david.laight.linux@...il.com
Subject: Re: [PATCH v11 4/8] rust: time: Introduce Instant type
FUJITA Tomonori <fujita.tomonori@...il.com> writes:
> Introduce a type representing a specific point in time. We could use
> the Ktime type but C's ktime_t is used for both timestamp and
> timedelta. To avoid confusion, introduce a new Instant type for
> timestamp.
>
> Rename Ktime to Instant and modify their methods for timestamp.
>
> Implement the subtraction operator for Instant:
>
> Delta = Instant A - Instant B
>
> Tested-by: Daniel Almeida <daniel.almeida@...labora.com>
> Reviewed-by: Boqun Feng <boqun.feng@...il.com>
> Reviewed-by: Gary Guo <gary@...yguo.net>
> Reviewed-by: Fiona Behrens <me@...enk.dev>
> Signed-off-by: FUJITA Tomonori <fujita.tomonori@...il.com>
Reviewed-by: Andreas Hindborg <a.hindborg@...nel.org>
As Boqun mentioned, we should make this generic over `ClockId` when the
hrtimer patches land.
One question regarding overflow below.
> ---
> rust/kernel/time.rs | 77 +++++++++++++++++++++++----------------------
> 1 file changed, 39 insertions(+), 38 deletions(-)
>
> diff --git a/rust/kernel/time.rs b/rust/kernel/time.rs
> index 622cd01e24d7..d64a05a4f4d1 100644
> --- a/rust/kernel/time.rs
> +++ b/rust/kernel/time.rs
> @@ -5,6 +5,22 @@
> //! This module contains the kernel APIs related to time and timers that
> //! have been ported or wrapped for usage by Rust code in the kernel.
> //!
> +//! There are two types in this module:
> +//!
> +//! - The [`Instant`] type represents a specific point in time.
> +//! - The [`Delta`] type represents a span of time.
> +//!
> +//! Note that the C side uses `ktime_t` type to represent both. However, timestamp
> +//! and timedelta are different. To avoid confusion, we use two different types.
> +//!
> +//! A [`Instant`] object can be created by calling the [`Instant::now()`] function.
> +//! It represents a point in time at which the object was created.
> +//! By calling the [`Instant::elapsed()`] method, a [`Delta`] object representing
> +//! the elapsed time can be created. The [`Delta`] object can also be created
> +//! by subtracting two [`Instant`] objects.
> +//!
> +//! A [`Delta`] type supports methods to retrieve the duration in various units.
> +//!
> //! C header: [`include/linux/jiffies.h`](srctree/include/linux/jiffies.h).
> //! C header: [`include/linux/ktime.h`](srctree/include/linux/ktime.h).
>
> @@ -31,59 +47,44 @@ pub fn msecs_to_jiffies(msecs: Msecs) -> Jiffies {
> unsafe { bindings::__msecs_to_jiffies(msecs) }
> }
>
> -/// A Rust wrapper around a `ktime_t`.
> +/// A specific point in time.
> +///
> +/// # Invariants
> +///
> +/// The `inner` value is in the range from 0 to `KTIME_MAX`.
> #[repr(transparent)]
> #[derive(Copy, Clone, PartialEq, PartialOrd, Eq, Ord)]
> -pub struct Ktime {
> +pub struct Instant {
> inner: bindings::ktime_t,
> }
>
> -impl Ktime {
> - /// Create a `Ktime` from a raw `ktime_t`.
> - #[inline]
> - pub fn from_raw(inner: bindings::ktime_t) -> Self {
> - Self { inner }
> - }
> -
> +impl Instant {
> /// Get the current time using `CLOCK_MONOTONIC`.
> #[inline]
> - pub fn ktime_get() -> Self {
> - // SAFETY: It is always safe to call `ktime_get` outside of NMI context.
> - Self::from_raw(unsafe { bindings::ktime_get() })
> - }
> -
> - /// Divide the number of nanoseconds by a compile-time constant.
> - #[inline]
> - fn divns_constant<const DIV: i64>(self) -> i64 {
> - self.to_ns() / DIV
> - }
> -
> - /// Returns the number of nanoseconds.
> - #[inline]
> - pub fn to_ns(self) -> i64 {
> - self.inner
> + pub fn now() -> Self {
> + // INVARIANT: The `ktime_get()` function returns a value in the range
> + // from 0 to `KTIME_MAX`.
> + Self {
> + // SAFETY: It is always safe to call `ktime_get()` outside of NMI context.
> + inner: unsafe { bindings::ktime_get() },
> + }
> }
>
> - /// Returns the number of milliseconds.
> + /// Return the amount of time elapsed since the [`Instant`].
> #[inline]
> - pub fn to_ms(self) -> i64 {
> - self.divns_constant::<NSEC_PER_MSEC>()
> + pub fn elapsed(&self) -> Delta {
> + Self::now() - *self
> }
> }
>
> -/// Returns the number of milliseconds between two ktimes.
> -#[inline]
> -pub fn ktime_ms_delta(later: Ktime, earlier: Ktime) -> i64 {
> - (later - earlier).to_ms()
> -}
> -
> -impl core::ops::Sub for Ktime {
> - type Output = Ktime;
> +impl core::ops::Sub for Instant {
> + type Output = Delta;
>
> + // By the type invariant, it never overflows.
> #[inline]
> - fn sub(self, other: Ktime) -> Ktime {
> - Self {
> - inner: self.inner - other.inner,
> + fn sub(self, other: Instant) -> Delta {
> + Delta {
> + nanos: self.inner - other.inner,
If this never overflows by invariant, would it make sense to use
`unchecked_sub` or `wraping_sub`? That would remove the overflow check.
Best regards,
Andreas Hindborg
Powered by blists - more mailing lists