| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z_hUNCwXrZKI4D4o@cassiopeiae>
Date: Fri, 11 Apr 2025 01:28:52 +0200
From: Danilo Krummrich <dakr@...nel.org>
To: Benno Lossin <benno.lossin@...ton.me>
Cc: Abdiel Janulgue <abdiel.janulgue@...il.com>, a.hindborg@...nel.org,
rust-for-linux@...r.kernel.org, Miguel Ojeda <ojeda@...nel.org>,
Alex Gaynor <alex.gaynor@...il.com>,
Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Alice Ryhl <aliceryhl@...gle.com>, Trevor Gross <tmgross@...ch.edu>,
Valentin Obst <kernel@...entinobst.de>,
open list <linux-kernel@...r.kernel.org>,
Christoph Hellwig <hch@....de>,
Marek Szyprowski <m.szyprowski@...sung.com>,
Robin Murphy <robin.murphy@....com>, airlied@...hat.com,
"open list:DMA MAPPING HELPERS" <iommu@...ts.linux.dev>
Subject: Re: [PATCH v2 2/3] rust: dma: convert the read/write macros to
return Result
On Thu, Apr 10, 2025 at 10:58:10PM +0000, Benno Lossin wrote:
> On Thu Apr 10, 2025 at 5:34 PM CEST, Danilo Krummrich wrote:
> > On Thu, Apr 10, 2025 at 03:11:01PM +0000, Benno Lossin wrote:
> >> On Thu Apr 10, 2025 at 1:54 PM CEST, Danilo Krummrich wrote:
> >> > On Thu, Apr 10, 2025 at 11:58:17AM +0300, Abdiel Janulgue wrote:
> >> >> @@ -78,13 +74,14 @@ impl Drop for DmaSampleDriver {
> >> >> fn drop(&mut self) {
> >> >> dev_info!(self.pdev.as_ref(), "Unload DMA test driver.\n");
> >> >>
> >> >> - let _ = || -> Result {
> >> >> - for (i, value) in TEST_VALUES.into_iter().enumerate() {
> >> >> - assert_eq!(kernel::dma_read!(self.ca[i].h), value.0);
> >> >> - assert_eq!(kernel::dma_read!(self.ca[i].b), value.1);
> >> >> - }
> >> >> - Ok(())
> >> >> - }();
> >> >> + for (i, value) in TEST_VALUES.into_iter().enumerate() {
> >> >> + let val0 = kernel::dma_read!(self.ca[i].h);
> >> >> + let val1 = kernel::dma_read!(self.ca[i].b);
> >> >> + assert!(val0.is_ok());
> >> >> + assert!(val1.is_ok());
> >> >> + assert_eq!(val0.unwrap(), value.0);
> >> >> + assert_eq!(val1.unwrap(), value.1);
> >> >
> >> > Maybe use if-let to avoid the unwrap?
> >> >
> >> > if let Ok(val0) = val0 {
> >> > assert_eq!(val0, value.0);
> >> > }
> >> >
> >> > I know it's a bit pointless, since we know it must be ok, but the educational
> >> > message of the example should be to check and not to unwrap, so maybe that's
> >> > better.
> >>
> >> The if-let will silently ignore any errors, so I don't think that it's
> >> fit for example code either.
> >
> > Yes, but we still have the assert!() before, so the full sequence would be:
> >
> > assert!(val0.is_ok());
> >
> > if let Ok(val0) = val0 {
> > assert_eq!(val0, value.0);
> > }
>
> Ah right, missed that.
>
> > The intention would be to avoid patterns that shouldn't be used in "real" code;
> > assert!() should be obvious not to use for real code.
>
> Yeah, I'm not sure if this is that valuable. I think having "real code"
> is better, but I don't have any idea what to do in this case.
>
> Why does this sample do the validation in the `drop` method in the first
> place?
I assume there is no specific reason, maybe Abdiel wanted to have a bit more
lifecycle for the allocation than just probe().
I guess we could just move it to probe(). Alternatively we can also keep it in a
closure or function and only assert! once for the returned Result.
> I guess the same code on the C side would do this in `remove` or
> whatever the equivalent thing is there, but would there be the option to
> report an error? Or is `remove` an infallible operation? In that case
> `assert!` probably is still the best option.
remove() is and has to be infallible, yes.
Powered by blists - more mailing lists