| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d6b29e56-9ac2-40ee-8994-8517adc73f34@nvidia.com> Date: Mon, 27 Oct 2025 15:11:01 -0400 From: Joel Fernandes <joelagnelf@...dia.com> To: Alexandre Courbot <acourbot@...dia.com>, Alice Ryhl <aliceryhl@...gle.com>, David Airlie <airlied@...il.com>, Simona Vetter <simona@...ll.ch>, Miguel Ojeda <ojeda@...nel.org>, Alex Gaynor <alex.gaynor@...il.com>, Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>, Björn Roy Baron <bjorn3_gh@...tonmail.com>, Benno Lossin <lossin@...nel.org>, Andreas Hindborg <a.hindborg@...nel.org>, Trevor Gross <tmgross@...ch.edu> Cc: John Hubbard <jhubbard@...dia.com>, Alistair Popple <apopple@...dia.com>, Timur Tabi <ttabi@...dia.com>, Edwin Peer <epeer@...dia.com>, nouveau@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org, rust-for-linux@...r.kernel.org, Danilo Krummrich <dakr@...nel.org> Subject: Re: [PATCH v2 5/7] gpu: nova-core: add extra integer conversion functions and traits On 10/27/2025 3:09 PM, Joel Fernandes wrote: [...] >> +/// Extension trait providing guaranteed lossless conversion to `Self` from `T`. >> +/// >> +/// The standard library's `From` implementations do not cover conversions that are not portable or >> +/// future-proof. For instance, even though it is safe today, `From<usize>` is not implemented for >> +/// [`u64`] because of the possibility to support larger-than-64bit architectures in the future. >> +/// >> +/// The workaround is to either deal with the error handling of [`TryFrom`] for an operation that >> +/// technically cannot fail, or to use the `as` keyword, which can silently strip data if the >> +/// destination type is smaller than the source. >> +/// >> +/// Both options are hardly acceptable for the kernel. It is also a much more architecture >> +/// dependent environment, supporting only 32 and 64 bit architectures, with some modules >> +/// explicitly depending on a specific bus width that could greatly benefit from infallible >> +/// conversion operations. >> +/// >> +/// Thus this extension trait that provides, for the architecture the kernel is built for, safe >> +/// conversion between types for which such conversion is lossless. >> +/// >> +/// In other words, this trait is implemented if, for the current build target and with `t: T`, the >> +/// `t as Self` operation is completely lossless. >> +/// >> +/// Prefer this over the `as` keyword to ensure no lossy conversions are performed. >> +/// >> +/// If you need to perform a conversion in `const` context, use [`u64_as_usize`], >> +/// [`u32_as_usize`], [`usize_as_u64`], etc. >> +/// >> +/// # Examples >> +/// >> +/// ``` >> +/// use crate::num::FromAs; >> +/// >> +/// assert_eq!(usize::from_as(0xf00u32), 0xf00u32 as usize); > > This `from_as()` syntax will be very confusing for users IMO, honestly we should > just keep it as `from()`, otherwise there is confusion and ambiguity around > whether someone should use `::from()` or `::from_as()`. Please let us just keep > all infallible conversions to use `from()`/`into()` and all infallible ones to s/infallible ones/fallible ones/. Sorry, thanks, - Joel
Powered by blists - more mailing lists