| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <DB7F39EC-5F7D-49DA-BF2B-6200998B45E2@collabora.com>
Date: Tue, 24 Jun 2025 09:31:24 -0300
From: Daniel Almeida <daniel.almeida@...labora.com>
To: Benno Lossin <lossin@...nel.org>
Cc: Boqun Feng <boqun.feng@...il.com>,
Alice Ryhl <aliceryhl@...gle.com>,
Danilo Krummrich <dakr@...nel.org>,
Miguel Ojeda <ojeda@...nel.org>,
Alex Gaynor <alex.gaynor@...il.com>,
Gary Guo <gary@...yguo.net>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Andreas Hindborg <a.hindborg@...nel.org>,
Trevor Gross <tmgross@...ch.edu>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Krzysztof Wilczy´nski <kwilczynski@...nel.org>,
linux-kernel@...r.kernel.org,
rust-for-linux@...r.kernel.org,
linux-pci@...r.kernel.org
Subject: Re: [PATCH v4 3/6] rust: irq: add support for non-threaded IRQs and
handlers
> On 23 Jun 2025, at 16:28, Benno Lossin <lossin@...nel.org> wrote:
>
> On Mon Jun 23, 2025 at 9:18 PM CEST, Boqun Feng wrote:
>> On Mon, Jun 23, 2025 at 10:31:16AM -0700, Boqun Feng wrote:
>>> On Mon, Jun 23, 2025 at 05:26:14PM +0200, Benno Lossin wrote:
>>>> On Mon Jun 23, 2025 at 5:10 PM CEST, Alice Ryhl wrote:
>>>>> On Mon, Jun 9, 2025 at 12:47 PM Danilo Krummrich <dakr@...nel.org> wrote:
>>>>>> On Sun, Jun 08, 2025 at 07:51:08PM -0300, Daniel Almeida wrote:
>>>>>>> + dev: &'a Device<Bound>,
>>>>>>> + irq: u32,
>>>>>>> + flags: Flags,
>>>>>>> + name: &'static CStr,
>>>>>>> + handler: T,
>>>>>>> + ) -> impl PinInit<Self, Error> + 'a {
>>>>>>> + let closure = move |slot: *mut Self| {
>>>>>>> + // SAFETY: The slot passed to pin initializer is valid for writing.
>>>>>>> + unsafe {
>>>>>>> + slot.write(Self {
>>>>>>> + inner: Devres::new(
>>>>>>> + dev,
>>>>>>> + RegistrationInner {
>>>>>>> + irq,
>>>>>>> + cookie: slot.cast(),
>>>>>>> + },
>>>>>>> + GFP_KERNEL,
>>>>>>> + )?,
>>>>>>> + handler,
>>>>>>> + _pin: PhantomPinned,
>>>>>>> + })
>>>>>>> + };
>>>>>>> +
>>>>>>> + // SAFETY:
>>>>>>> + // - The callbacks are valid for use with request_irq.
>>>>>>> + // - If this succeeds, the slot is guaranteed to be valid until the
>>>>>>> + // destructor of Self runs, which will deregister the callbacks
>>>>>>> + // before the memory location becomes invalid.
>>>>>>> + let res = to_result(unsafe {
>>>>>>> + bindings::request_irq(
>>>>>>> + irq,
>>>>>>> + Some(handle_irq_callback::<T>),
>>>>>>> + flags.into_inner() as usize,
>>>>>>> + name.as_char_ptr(),
>>>>>>> + slot.cast(),
>>>>>>> + )
>>>>>>> + });
>>>>>>> +
>>>>>>> + if res.is_err() {
>>>>>>> + // SAFETY: We are returning an error, so we can destroy the slot.
>>>>>>> + unsafe { core::ptr::drop_in_place(&raw mut (*slot).handler) };
>>>>>>> + }
>>>>>>> +
>>>>>>> + res
>>>>>>> + };
>>>>>>> +
>>>>>>> + // SAFETY:
>>>>>>> + // - if this returns Ok, then every field of `slot` is fully
>>>>>>> + // initialized.
>>>>>>> + // - if this returns an error, then the slot does not need to remain
>>>>>>> + // valid.
>>>>>>> + unsafe { pin_init_from_closure(closure) }
>>>>>>
>>>>>> Can't we use try_pin_init!() instead, move request_irq() into the initializer of
>>>>>> RegistrationInner and initialize inner last?
>>>>>
>>>>> We need a pointer to the entire struct when calling
>>>>> bindings::request_irq. I'm not sure this allows you to easily get one?
>>>>> I don't think using container_of! here is worth it.
>>>>
>>>> There is the `&this in` syntax (`this` is of type `NonNull<Self>`):
>>>>
>>>> try_pin_init!(&this in Self {
>>>> inner: Devres::new(
>>>> dev,
>>>> RegistrationInner {
>>>> irq,
>>>> cookie: this.as_ptr().cast(),
>>>> },
>>>> GFP_KERNEL,
>>>> )?,
>>>> handler,
>>>> _pin: {
>>>> to_result(unsafe {
>>>> bindings::request_irq(
>>>> irq,
>>>> Some(handle_irq_callback::<T>),
>>>> flags.into_inner() as usize,
>>>> name.as_char_ptr(),
>>>> slot.as_ptr().cast(),
>>>
>>> this is "this" instead of "slot", right?
>>>
>>>> )
>>>> })?;
>>>> PhantomPinned
>>>> },
>>>> })
>>>>
>>>> Last time around, I also asked this question and you replied with that
>>>> we need to abort the initializer when `request_irq` returns false and
>>>> avoid running `Self::drop` (thus we can't do it using `pin_chain`).
>>>>
>>>> I asked what we could do instead and you mentioned the `_: {}`
>>>> initializers and those would indeed solve it, but we can abuse the
>>>> `_pin` field for that :)
>>>>
>>>
>>> Hmm.. but if request_irq() fails, aren't we going to call `drop` on
>>> `inner`, which drops the `Devres` which will eventually call
>>> `RegistrationInner::drop()`? And that's a `free_irq()` without
>>> `request_irq()` succeeded.
>>>
>>
>> This may however work ;-) Because at `request_irq()` time, all it needs
>> is ready, and if it fails, `RegistrationInner` won't construct.
>>
>> try_pin_init!(&this in Self {
>> handler,
>> inner: Devres::new(
>> dev,
>> RegistrationInner {
>> // Needs to use `handler` address as cookie, same for
>> // request_irq().
>> cookie: &raw (*(this.as_ptr().cast()).handler),
>> irq: {
>> to_result(unsafe { bindings::request_irq(...) })?;
>> irq
>> }
>> },
>> GFP_KERNEL,
>> )?,
>> _pin: PhantomPinned
>> })
>
> Well yes and no, with the Devres changes, the `cookie` can just be the
> address of the `RegistrationInner` & we can do it this way :)
>
> ---
> Cheers,
> Benno
No, we need this to be the address of the the whole thing (i.e.
Registration<T>), otherwise you can’t access the handler in the irq
callback.
— Daniel
Powered by blists - more mailing lists