| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAH5fLggaX18dAzWqLLkn9ii+hpu14u4aY5vd=kSCkk6LvsW-eA@mail.gmail.com>
Date: Wed, 4 Jun 2025 09:48:46 +0200
From: Alice Ryhl <aliceryhl@...gle.com>
To: Benno Lossin <lossin@...nel.org>
Cc: Daniel Almeida <daniel.almeida@...labora.com>, Miguel Ojeda <ojeda@...nel.org>,
Alex Gaynor <alex.gaynor@...il.com>, Boqun Feng <boqun.feng@...il.com>,
Gary Guo <gary@...yguo.net>, Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Benno Lossin <benno.lossin@...ton.me>, Andreas Hindborg <a.hindborg@...nel.org>,
Trevor Gross <tmgross@...ch.edu>, Danilo Krummrich <dakr@...nel.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>, "Rafael J. Wysocki" <rafael@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>, linux-kernel@...r.kernel.org,
rust-for-linux@...r.kernel.org
Subject: Re: [PATCH v3 1/2] rust: irq: add support for request_irq()
On Wed, Jun 4, 2025 at 9:37 AM Benno Lossin <lossin@...nel.org> wrote:
>
> On Mon Jun 2, 2025 at 5:20 PM CEST, Alice Ryhl wrote:
> > On Wed, May 14, 2025 at 10:04:43PM +0200, Benno Lossin wrote:
> >> On Wed May 14, 2025 at 9:20 PM CEST, Daniel Almeida wrote:
> >> > + )
> >> > + });
> >> > +
> >> > + if res.is_err() {
> >> > + // SAFETY: We are returning an error, so we can destroy the slot.
> >> > + unsafe { core::ptr::drop_in_place(addr_of_mut!((*slot).handler)) };
> >> > + }
> >> > +
> >> > + res
> >> > + };
> >> > +
> >> > + // SAFETY:
> >> > + // - if this returns Ok, then every field of `slot` is fully
> >> > + // initialized.
> >> > + // - if this returns an error, then the slot does not need to remain
> >> > + // valid.
> >> > + unsafe { pin_init_from_closure(closure) }
> >>
> >> Please don't use `pin_init_from_closure`, instead do this:
> >>
> >> pin_init!(Self {
> >> irq,
> >> handler,
> >> _pin: PhantomPinned
> >> })
> >> .pin_chain(|this| {
> >> // SAFETY: TODO: correct FFI safety requirements
> >> to_result(unsafe {
> >> bindings::request_irq(...)
> >> })
> >> })
> >>
> >> The `pin_chain` function is exactly for this use-case, doing some
> >> operation that might fail after initializing & it will drop the value
> >> when the closure fails.
> >
> > No, that doesn't work. Using pin_chain will call free_irq if the call to
> > request_irq fails, which is incorrect.
>
> Good catch. That's a bit annoying then... I wonder if there is a
> primitive missing in pin-init that could help with this... Any ideas?
I believe initializers for underscore fields would do it. We could
potentially abuse the _pin field, but frankly I think that's too
confusing to the reader.
Alice
Powered by blists - more mailing lists