lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <C35B5306-98C6-447B-A239-9D6A6C548A4F@nvidia.com>
Date: Thu, 2 Oct 2025 13:32:02 +0000
From: Joel Fernandes <joelagnelf@...dia.com>
To: Alexandre Courbot <acourbot@...dia.com>
CC: Yury Norov <yury.norov@...il.com>, Danilo Krummrich <dakr@...nel.org>,
	Miguel Ojeda <ojeda@...nel.org>, "rust-for-linux@...r.kernel.org"
	<rust-for-linux@...r.kernel.org>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>, Alexandre Courbot <acourbot@...dia.com>
Subject: Re: [RFC PATCH 0/2] rust: bounded integer types and use in register
 macro



> On Oct 1, 2025, at 11:03 PM, Alexandre Courbot <acourbot@...dia.com> wrote:
> 
> On Thu Oct 2, 2025 at 7:07 AM JST, Joel Fernandes wrote:
>> Hi Alex,
>> 
>> Nice!
>> 
>>> On 10/1/2025 11:03 AM, Alexandre Courbot wrote:
>>> For convenience, this PoC is based on drm-rust-next. If we decide to
>>> proceed with it, we would do it after the patchset extracting and moving
>>> the bitfield logic [3] lands, as the two would conflict heavily.
>> 
>> I would strongly prefer this as well, to avoid conflicts. On initial look, this
>> seems to be in the right direction and solves the pain points we were seeing.
>> 
>> -            .set_sec(if sec { 1 } else { 0 });
>> +            .set_sec_bounded(BoundedInt::new(if sec { 1 } else { 0 }));
>> 
>> Here, I would prefer if we did not add _bounded, since the idea is to solve the
>> problems in the macro's setters itself (make it infallible, not panicking etc).
>> So we can just modify those?
> 
> Oh absolutely, the and goal is to replace the existing accessors. For
> this RFC I went the lazy way and added new ones, otherwise I would have
> had to update more call sites in nova-core.

Ack.

> 
>> 
>> Also, BoundedInt sounds like a good name to me IMO.
>> 
>> Also, since TryFrom trait is implemented in the first patch, then in nova we can
>> just do the following?
>>  .set_foo(value.try_into()?);
> 
> Yes! That does work indeed and is more concise. And we can also make
> things less verbose on the caller side by adding a new generic setter in
> the form of:
> 
>    fn try_set_field<T: TryInto<BoundedInt<..>>(self, value:T) -> Result
> 
> This setter could try to perform the conversion itself and return an
> error as needed, and the caller would just need to call e.g.
> 
>    .try_set_foo(value)?;
> 
> instead of building the BoundedInt themselves.

Ack, this would be a great addition too, we should do it IMO.

Thanks!

- Joel



> 
> There are also many other improvements that can be done, like having
> fields with a round number of bits be represented by the relevant
> primitive directly instead of a BoundedInt, but that will requires some
> more macro magic.
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ