lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20250817.161804.1331850210190243752.fujita.tomonori@gmail.com>
Date: Sun, 17 Aug 2025 16:18:04 +0900 (JST)
From: FUJITA Tomonori <fujita.tomonori@...il.com>
To: lyude@...hat.com
Cc: rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org,
 tglx@...utronix.de, a.hindborg@...nel.org, fujita.tomonori@...il.com,
 daniel.almeida@...labora.com, boqun.feng@...il.com, frederic@...nel.org,
 anna-maria@...utronix.de, jstultz@...gle.com, sboyd@...nel.org,
 ojeda@...nel.org, alex.gaynor@...il.com, gary@...yguo.net,
 bjorn3_gh@...tonmail.com, lossin@...nel.org, aliceryhl@...gle.com,
 tmgross@...ch.edu, dakr@...nel.org
Subject: Re: [PATCH v7 6/7] rust: time: Add Instant::from_nanos()

On Wed, 13 Aug 2025 18:42:21 -0400
Lyude Paul <lyude@...hat.com> wrote:

> For implementing Rust bindings which can return a point in time.
> 
> Signed-off-by: Lyude Paul <lyude@...hat.com>
> Reviewed-by: Daniel Almeida <daniel.almeida@...labora.com>
> 
> ---
> V4:
> * Turn from_nanos() into an unsafe function in order to ensure that we
>   uphold the invariants of Instant
> V5:
> * Add debug_assert!() to from_nanos
> 
>  rust/kernel/time.rs | 23 +++++++++++++++++++++++
>  1 file changed, 23 insertions(+)
> 
> diff --git a/rust/kernel/time.rs b/rust/kernel/time.rs
> index 64c8dcf548d63..75088d080b834 100644
> --- a/rust/kernel/time.rs
> +++ b/rust/kernel/time.rs
> @@ -200,6 +200,29 @@ pub fn elapsed(&self) -> Delta {
>      pub(crate) fn as_nanos(&self) -> i64 {
>          self.inner
>      }
> +
> +    /// Create an [`Instant`] from a time duration specified in nanoseconds without checking if it
> +    /// is positive.

Can we create Instant (a specific poin in time) from a time duraiton?

The caller (the 7th patch) creates Instant from C side's Instant? 

> +    /// # Panics
> +    ///
> +    /// On debug builds, this function will panic if `nanos` violates our safety contract.
> +    ///
> +    /// # Safety
> +    ///
> +    /// The caller promises that `nanos` is in the range from 0 to `KTIME_MAX`.

No conclusion has been made yet, but using a mathematical integer
interval or a Rust range expression might be a better fit here:

https://lore.kernel.org/lkml/87ms9ktoly.fsf@kernel.org/

> +    #[expect(unused)]
> +    #[inline]
> +    pub(crate) unsafe fn from_nanos(nanos: i64) -> Self {

If this function creates Instant from C side's Instant, from_ktime()
might be better?


> +        debug_assert!(nanos >= 0);
> +
> +        // INVARIANT: Our safety contract ensures that `nanos` is in the range from 0 to
> +        // `KTIME_MAX`.
> +        Self {
> +            inner: nanos as bindings::ktime_t,
> +            _c: PhantomData,
> +        }
> +    }
>  }
>  
>  impl<C: ClockSource> core::ops::Sub for Instant<C> {
> -- 
> 2.50.0
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ