| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9ecadaa2-0f6b-411f-9faf-0ecc93b26bc2@gmail.com>
Date: Sun, 8 Feb 2026 08:55:40 +0100
From: Dirk Behme <dirk.behme@...il.com>
To: Jason Hall <jason.kei.hall@...il.com>,
Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
Cc: rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org,
Joe Perches <joe@...ches.com>, Boqun Feng <boqun@...nel.org>,
Björn Roy Baron <bjorn.roy.baron@...il.com>,
Benno Lossin <benno.lossin@...ton.me>,
Andreas Hindborg <a.hindborg@...nel.org>, Alice Ryhl <aliceryhl@...gle.com>,
Trevor Gross <tmgross@...ch.edu>, Danilo Krummrich <dakru@...nel.org>,
Dirk Behme <dirk.behme@...bosch.com>, Andy Whitcroft <apw@...onical.com>,
Dwaipayan Ray <dwaipayanray1@...il.com>,
Lukas Bulwahn <lukas.bulwahn@...il.com>, Miguel Ojeda <ojeda@...nel.org>
Subject: Re: [PATCH v9 2/2] scripts: checkpatch: add RUST_UNWRAP lint
On 07.02.26 23:49, Jason Hall wrote:
> Warn against the use of .unwrap() and .expect() unless accompanied by
> a '// PANIC:' comment. This enforces safety standards in the Rust-
> for-Linux project until upstream Clippy lints are integrated.
I wonder if we could add some outcome from the mailing list discussion
to the commit message? E.g. what we consider to be false positives,
the handling of them and what we suppose to be fixed etc.
> Suggested-by: Miguel Ojeda <ojeda@...nel.org>
> Link: https://github.com/Rust-for-linux/linux/issues/1191
> Signed-off-by: Jason Hall <jason.kei.hall@...il.com>
> ---
> scripts/rust_checkpatch.pl | 16 +++++++++++++++-
> 1 file changed, 15 insertions(+), 1 deletion(-)
>
> diff --git a/scripts/rust_checkpatch.pl b/scripts/rust_checkpatch.pl
> index 56c1bc29d3f2..fa7adaed264c 100644
> --- a/scripts/rust_checkpatch.pl
> +++ b/scripts/rust_checkpatch.pl
> @@ -9,7 +9,21 @@ use warnings;
> sub process_rust {
> my ($line, $rawline, $herecurr) = @_;
>
> - # Reserve for future Rust-specific lints
> + # Check for Rust unwrap/expect usage.
> + # We skip lines that are already comments, assert macros (common in tests),
> + # or have a '// PANIC:' justification.
> + if ($line =~ /^\+/) {
> + if ($line =~ /(?:\.|::)(?:unwrap|expect)\s*\(/ &&
Whats about the `.expect()` topic discussed in
https://lore.kernel.org/rust-for-linux/a798e6a368639f7a1ce633a6dfecd088d6ed4123.camel@perches.com/T/#m00723ad673727036e5fcf96a35f2f231ec9de31f
https://lore.kernel.org/rust-for-linux/a798e6a368639f7a1ce633a6dfecd088d6ed4123.camel@perches.com/T/#m5604274a633ef33eb474f95b54f797843d0fe1dd
?
> + $rawline !~ /\/\/\s*PANIC:/ &&
> + $line !~ /^\+\s*\/\// &&
> + $line !~ /^\+\s*assert/) {
> + return ("RUST_UNWRAP",
> + "unwrap() and expect() should generally be avoided in Rust kernel code.\n" .
> + "If the use is intended, please justify it with a '// PANIC:' comment.\n" .
> + "See: https://rust.docs.kernel.org/kernel/error/type.Result.html#error-codes-in-c-and-rust\n" .
> + $herecurr);
> + }
> + }
> return ();
> }
Just for the logs:
Running this on e.g.
https://lore.kernel.org/rust-for-linux/20260207-binder-shrink-vec-v3-v3-3-8ff388563427@cock.li/
gives
$ ./scripts/checkpatch.pl
0001-rust-alloc-add-KUnit-tests-for-Vec-shrink-operations.patch
WARNING: unwrap() and expect() should generally be avoided in Rust
kernel code.
If the use is intended, please justify it with a '// PANIC:' comment.
See:
https://rust.docs.kernel.org/kernel/error/type.Result.html#error-codes-in-c-and-rust
#52: FILE: rust/kernel/alloc/kvec.rs:1524:
+ let mut v: VVec<u32> = VVec::with_capacity(initial_capacity,
GFP_KERNEL).unwrap();
...
total: 0 errors, 21 warnings, 189 lines checked
(note: all 21 warnings are from `unwrap()`)
I'm not sure if it makes me happy to ignore these 21 warnings as false
positives ;)
Best regards
Dirk
Powered by blists - more mailing lists