lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aFq3P_4XgP0dUrAS@Mac.home>
Date: Tue, 24 Jun 2025 07:33:35 -0700
From: Boqun Feng <boqun.feng@...il.com>
To: Alice Ryhl <aliceryhl@...gle.com>
Cc: Benno Lossin <lossin@...nel.org>,
	Daniel Almeida <daniel.almeida@...labora.com>,
	Danilo Krummrich <dakr@...nel.org>, Miguel Ojeda <ojeda@...nel.org>,
	Alex Gaynor <alex.gaynor@...il.com>, Gary Guo <gary@...yguo.net>,
	Björn Roy Baron <bjorn3_gh@...tonmail.com>,
	Andreas Hindborg <a.hindborg@...nel.org>,
	Trevor Gross <tmgross@...ch.edu>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"Rafael J. Wysocki" <rafael@...nel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Bjorn Helgaas <bhelgaas@...gle.com>,
	Krzysztof Wilczy´nski <kwilczynski@...nel.org>,
	linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org,
	linux-pci@...r.kernel.org
Subject: Re: [PATCH v4 3/6] rust: irq: add support for non-threaded IRQs and
 handlers

On Tue, Jun 24, 2025 at 02:50:23PM +0100, Alice Ryhl wrote:
> On Tue, Jun 24, 2025 at 1:46 PM Benno Lossin <lossin@...nel.org> wrote:
> >
> > On Tue Jun 24, 2025 at 2:31 PM CEST, Daniel Almeida wrote:
> > > On 23 Jun 2025, at 16:28, Benno Lossin <lossin@...nel.org> wrote:
> > >> On Mon Jun 23, 2025 at 9:18 PM CEST, Boqun Feng wrote:
> > >>>    try_pin_init!(&this in Self {
> > >>>        handler,
> > >>>        inner: Devres::new(
> > >>>            dev,
> > >>>            RegistrationInner {
> > >>>                // Needs to use `handler` address as cookie, same for
> > >>>                // request_irq().
> > >>>                cookie: &raw (*(this.as_ptr().cast()).handler),
> > >>>                irq: {
> > >>>                     to_result(unsafe { bindings::request_irq(...) })?;
> > >>>  irq
> > >>> }
> > >>>             },
> > >>>             GFP_KERNEL,
> > >>>        )?,
> > >>>        _pin: PhantomPinned
> > >>>    })
> > >>
> > >> Well yes and no, with the Devres changes, the `cookie` can just be the
> > >> address of the `RegistrationInner` & we can do it this way :)
> > >>
> > >> ---
> > >> Cheers,
> > >> Benno
> > >
> > >
> > > No, we need this to be the address of the the whole thing (i.e.
> > > Registration<T>), otherwise you can’t access the handler in the irq
> > > callback.

You only need the access of `handler` in the irq callback, right? I.e.
passing the address of `handler` would suffice (of course you need
to change the irq callback as well).

> >
> > Gotcha, so you keep the cookie field, but you should still be able to
> > use `try_pin_init` & the devres improvements to avoid the use of
> > `pin_init_from_closure`.
> 
> It sounds like this is getting too complicated and that
> `pin_init_from_closure` is the simpler way to go.

Even if we use `pin_init_from_closure`, we still need the other
`try_pin_init` anyway for `Devres::new()` (or alternatively we can
implement a `RegistrationInner::new()`).

Below is what would look like with the Devres changes in mind:


    try_pin_init!(&this in Self {
        handler,
        inner: <- Devres::new(
            dev,
            try_pin_init!( RegistrationInner {
                // Needs to use `handler` address as cookie, same for
                // request_irq().
                cookie: &raw (*(this.as_ptr().cast()).handler),
		// @Benno, would this "this" work here?
                irq: {
                     to_result(unsafe { bindings::request_irq(...) })?;
                     irq
		}
             }),
        )?,
        _pin: PhantomPinned
    })


Besides, working on this made me realize that we have to request_irq()
before `Devres::new()`, otherwise we may leak the irq resource,
considering the follow code from the current `pin_init_from_closure`
approach:

        let closure = move |slot: *mut Self| {
            // SAFETY: The slot passed to pin initializer is valid for writing.
            unsafe {
                slot.write(Self {
                    inner: Devres::new(
                        dev,
                        RegistrationInner {
                            irq,
                            cookie: slot.cast(),
                        },
                        GFP_KERNEL,
                    )?,
                    handler,
                    _pin: PhantomPinned,
                })
            };

`dev` can be unbound at here, right? If so, the devm callback will
revoke the `RegistrationInner`, `RegistrationInner::drop()` will then
call `free_irq()` before `request_irq()`, the best case is that we would
request_irq() with no one going to free it.

            // SAFETY:
            // - The callbacks are valid for use with request_irq.
            // - If this succeeds, the slot is guaranteed to be valid until the
            // destructor of Self runs, which will deregister the callbacks
            // before the memory location becomes invalid.
            let res = to_result(unsafe {
                bindings::request_irq(
                    irq,
                    Some(handle_irq_callback::<T>),
                    flags.into_inner() as usize,
                    name.as_char_ptr(),
                    slot.cast(),
                )
            });
            ...
        }

So seems to me the order of initialization has to be:

1. Initialize the `handler`.
2. `request_irq()`, i.e initialize the `RegistrationInner`.
3. `Devres::new()`, i.e initialize the `Devres`.

Regards,
Boqun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ