lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20260130113457.21521-1-heesu0025.kim@lge.com>
Date: Fri, 30 Jan 2026 20:34:57 +0900
From: heesu0025.kim@....com
To: aliceryhl@...gle.com
Cc: a.hindborg@...nel.org,
	arve@...roid.com,
	bjorn3_gh@...tonmail.com,
	boqun.feng@...il.com,
	brauner@...nel.org,
	cmllamas@...gle.com,
	dakr@...nel.org,
	daniel.almeida@...labora.com,
	gary@...yguo.net,
	gregkh@...uxfoundation.org,
	heesu0025.kim@....com,
	ht.hong@....com,
	jongan.kim@....com,
	jungsu.hwang@....com,
	kernel-team@...roid.com,
	linux-kernel@...r.kernel.org,
	lossin@...nel.org,
	ojeda@...nel.org,
	rust-for-linux@...r.kernel.org,
	sanghun.lee@....com,
	seulgi.lee@....com,
	sunghoon.kim@....com,
	tamird@...il.com,
	tkjos@...roid.com,
	tmgross@...ch.edu,
	viresh.kumar@...aro.org,
	vitaly.wool@...sulko.se,
	yury.norov@...il.com
Subject: Re: [PATCH v2 2/3] rust: pid: add Pid abstraction and init_pid_ns helper

On Thu, Jan 29, 2026 at 10:32:26AM +0000, Alice Ryhl wrote:
> On Thu, Jan 29, 2026 at 05:41:18PM +0900, jongan.kim@....com wrote:
>> From: HeeSu Kim <heesu0025.kim@....com>
>> 
>> Add a new Pid abstraction in rust/kernel/pid.rs that wraps the
>> kernel's struct pid and provides safe Rust interfaces for:
>> - find_vpid_with_guard: Find a pid by number under RCU protection
>> - pid_task_with_guard: Get the task associated with a pid under RCU
>>   protection
>> 
>> Also add init_pid_ns() helper function to pid_namespace.rs to get
>> a reference to the init PID namespace.
>> 
>> These abstractions use lifetime-bounded references tied to RCU guards
>> to ensure memory safety when accessing RCU-protected data structures.
>> 
>> Signed-off-by: HeeSu Kim <heesu0025.kim@....com>
>
> This looks really nice, thanks!
>
>> +//! Process identifiers (PIDs).
>> +//!
>> +//! C header: [`include/linux/pid.h`](srctree/include/linux/pid.h)
>> +
>> +use crate::{bindings, ffi::c_int, sync::rcu, task::Task, types::Opaque};
>
> Currently we use this formatting for imports:
>
> use crate::{
>     bindings,
>     ffi::c_int,
>     sync::rcu,
>     task::Task,
>     types::Opaque, //
> };
>
>> +/// Wraps the kernel's `struct pid`.
>> +///
>> +/// This structure represents the Rust abstraction for a C `struct pid`.
>> +/// A `Pid` represents a process identifier that can be looked up in different
>> +/// PID namespaces.
>> +#[repr(transparent)]
>> +pub struct Pid {
>> +    inner: Opaque<bindings::pid>,
>> +}
>
> I would implement Send, Sync, and AlwaysRefCounted for Pid too.
>
>> +            // SAFETY: `find_vpid` returns a valid pointer under RCU protection,
>> +            // and `Pid` is `#[repr(transparent)]` over `bindings::pid`.
>> +            Some(unsafe { &*(ptr as *const Self) })
>
> It would be nice to extract this cast into a Pid::from_raw().
>
>> +            // SAFETY: `pid_task` returns a valid pointer under RCU protection,
>> +            // and `Task` is `#[repr(transparent)]` over `bindings::task_struct`.
>> +            Some(unsafe { &*task_ptr.cast() })
>
> I think it would be nice to add a Task::from_raw() to avoid the cast
> here.
>
> 	Some(unsafe { Task::from_raw(task_ptr) })
>
>> +    pub fn pid_task_with_guard<'a>(&'a self, _rcu_guard: &'a rcu::Guard) -> Option<&'a Task> {
>> +    pub fn find_vpid_with_guard<'a>(nr: i32, _rcu_guard: &'a rcu::Guard) -> Option<&'a Self> {
>
> I think we can drop the 'with_guard' suffixes of these.
>
>> +/// Returns a reference to the init PID namespace.
>> +///
>> +/// This is the root PID namespace that exists throughout the lifetime of the kernel.
>> +#[inline]
>> +pub fn init_pid_ns() -> &'static PidNamespace {
>> +    // SAFETY: `init_pid_ns` is a global static that is valid for the lifetime of the kernel.
>> +    unsafe { PidNamespace::from_ptr(core::ptr::addr_of!(bindings::init_pid_ns)) }
>
> Simplifies to:
>
> 	PidNamespace::from_ptr(&raw const bindings::init_pid_ns)
>
> Alice

Thanks for the detailed review and feedback.

I agree with your suggestions. While our immediate use case only requires
RCU-protected access, implementing Send, Sync, and AlwaysRefCounted makes
sense from the broader rust/kernel perspective, as these abstractions
will likely be used in various contexts across the kernel.

I will incorporate all suggestions in the next revision.

Best Regards,
Heesu Kim

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ