| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aFmodsQK6iatXKoZ@tardis.local>
Date: Mon, 23 Jun 2025 12:18:14 -0700
From: Boqun Feng <boqun.feng@...il.com>
To: Benno Lossin <lossin@...nel.org>
Cc: Alice Ryhl <aliceryhl@...gle.com>, Danilo Krummrich <dakr@...nel.org>,
Daniel Almeida <daniel.almeida@...labora.com>,
Miguel Ojeda <ojeda@...nel.org>,
Alex Gaynor <alex.gaynor@...il.com>, Gary Guo <gary@...yguo.net>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Andreas Hindborg <a.hindborg@...nel.org>,
Trevor Gross <tmgross@...ch.edu>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Krzysztof Wilczy´nski <kwilczynski@...nel.org>,
linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org,
linux-pci@...r.kernel.org
Subject: Re: [PATCH v4 3/6] rust: irq: add support for non-threaded IRQs and
handlers
On Mon, Jun 23, 2025 at 10:31:16AM -0700, Boqun Feng wrote:
> On Mon, Jun 23, 2025 at 05:26:14PM +0200, Benno Lossin wrote:
> > On Mon Jun 23, 2025 at 5:10 PM CEST, Alice Ryhl wrote:
> > > On Mon, Jun 9, 2025 at 12:47 PM Danilo Krummrich <dakr@...nel.org> wrote:
> > >> On Sun, Jun 08, 2025 at 07:51:08PM -0300, Daniel Almeida wrote:
> > >> > + dev: &'a Device<Bound>,
> > >> > + irq: u32,
> > >> > + flags: Flags,
> > >> > + name: &'static CStr,
> > >> > + handler: T,
> > >> > + ) -> impl PinInit<Self, Error> + 'a {
> > >> > + let closure = move |slot: *mut Self| {
> > >> > + // SAFETY: The slot passed to pin initializer is valid for writing.
> > >> > + unsafe {
> > >> > + slot.write(Self {
> > >> > + inner: Devres::new(
> > >> > + dev,
> > >> > + RegistrationInner {
> > >> > + irq,
> > >> > + cookie: slot.cast(),
> > >> > + },
> > >> > + GFP_KERNEL,
> > >> > + )?,
> > >> > + handler,
> > >> > + _pin: PhantomPinned,
> > >> > + })
> > >> > + };
> > >> > +
> > >> > + // SAFETY:
> > >> > + // - The callbacks are valid for use with request_irq.
> > >> > + // - If this succeeds, the slot is guaranteed to be valid until the
> > >> > + // destructor of Self runs, which will deregister the callbacks
> > >> > + // before the memory location becomes invalid.
> > >> > + let res = to_result(unsafe {
> > >> > + bindings::request_irq(
> > >> > + irq,
> > >> > + Some(handle_irq_callback::<T>),
> > >> > + flags.into_inner() as usize,
> > >> > + name.as_char_ptr(),
> > >> > + slot.cast(),
> > >> > + )
> > >> > + });
> > >> > +
> > >> > + if res.is_err() {
> > >> > + // SAFETY: We are returning an error, so we can destroy the slot.
> > >> > + unsafe { core::ptr::drop_in_place(&raw mut (*slot).handler) };
> > >> > + }
> > >> > +
> > >> > + res
> > >> > + };
> > >> > +
> > >> > + // SAFETY:
> > >> > + // - if this returns Ok, then every field of `slot` is fully
> > >> > + // initialized.
> > >> > + // - if this returns an error, then the slot does not need to remain
> > >> > + // valid.
> > >> > + unsafe { pin_init_from_closure(closure) }
> > >>
> > >> Can't we use try_pin_init!() instead, move request_irq() into the initializer of
> > >> RegistrationInner and initialize inner last?
> > >
> > > We need a pointer to the entire struct when calling
> > > bindings::request_irq. I'm not sure this allows you to easily get one?
> > > I don't think using container_of! here is worth it.
> >
> > There is the `&this in` syntax (`this` is of type `NonNull<Self>`):
> >
> > try_pin_init!(&this in Self {
> > inner: Devres::new(
> > dev,
> > RegistrationInner {
> > irq,
> > cookie: this.as_ptr().cast(),
> > },
> > GFP_KERNEL,
> > )?,
> > handler,
> > _pin: {
> > to_result(unsafe {
> > bindings::request_irq(
> > irq,
> > Some(handle_irq_callback::<T>),
> > flags.into_inner() as usize,
> > name.as_char_ptr(),
> > slot.as_ptr().cast(),
>
> this is "this" instead of "slot", right?
>
> > )
> > })?;
> > PhantomPinned
> > },
> > })
> >
> > Last time around, I also asked this question and you replied with that
> > we need to abort the initializer when `request_irq` returns false and
> > avoid running `Self::drop` (thus we can't do it using `pin_chain`).
> >
> > I asked what we could do instead and you mentioned the `_: {}`
> > initializers and those would indeed solve it, but we can abuse the
> > `_pin` field for that :)
> >
>
> Hmm.. but if request_irq() fails, aren't we going to call `drop` on
> `inner`, which drops the `Devres` which will eventually call
> `RegistrationInner::drop()`? And that's a `free_irq()` without
> `request_irq()` succeeded.
>
This may however work ;-) Because at `request_irq()` time, all it needs
is ready, and if it fails, `RegistrationInner` won't construct.
try_pin_init!(&this in Self {
handler,
inner: Devres::new(
dev,
RegistrationInner {
// Needs to use `handler` address as cookie, same for
// request_irq().
cookie: &raw (*(this.as_ptr().cast()).handler),
irq: {
to_result(unsafe { bindings::request_irq(...) })?;
irq
}
},
GFP_KERNEL,
)?,
_pin: PhantomPinned
})
Regards,
Boqun
> Regards,
> Boqun
>
> > ---
> > Cheers,
> > Benno
Powered by blists - more mailing lists