On 7/14/23 06:13, Asahi Lina wrote:
We want to be able to handle dynamic lock class creation and using
pointers to things that aren't a real lock_class_key as lock classes.
Doing this by casting around Rust references is difficult without
accidentally invoking UB.
Instead, switch LockClassKey to being a raw pointer wrapper around a
lock_class_key, which means there is no UB possible on the Rust side
just by creating and consuming these objects. The C code also should
never actually dereference lock classes, only use their address
(possibly with an offset).
We still provide a dummy ZST version of this wrapper, to be used when
lockdep is disabled.
Signed-off-by: Asahi Lina <lina@xxxxxxxxxxxxx>
---
[...]
diff --git a/rust/kernel/sync/lockdep.rs b/rust/kernel/sync/lockdep.rs
index cb68b18dc0ad..d8328f4275fb 100644
--- a/rust/kernel/sync/lockdep.rs
+++ b/rust/kernel/sync/lockdep.rs
@@ -9,19 +9,36 @@
/// Represents a lockdep class. It's a wrapper around C's `lock_class_key`.
#[repr(transparent)]
-pub struct LockClassKey(Opaque<bindings::lock_class_key>);
+pub struct StaticLockClassKey(Opaque<bindings::lock_class_key>);
-impl LockClassKey {
+impl StaticLockClassKey {
/// Creates a new lock class key.
pub const fn new() -> Self {
Self(Opaque::uninit())
}
+ /// Returns the lock class key reference for this static lock class.
+ pub const fn key(&self) -> LockClassKey {
+ LockClassKey(self.0.get())
`Opaque::get` is not a `const fn` so this will not compile.
+ }
+}
+
+// SAFETY: `bindings::lock_class_key` just represents an opaque memory location, and is never
+// actually dereferenced.
+unsafe impl Sync for StaticLockClassKey {}
+
+/// A reference to a lock class key. This is a raw pointer to a lock_class_key,
+/// which is required to have a static lifetime.
+#[derive(Copy, Clone)]
+pub struct LockClassKey(*mut bindings::lock_class_key);
+
+impl LockClassKey {
pub(crate) fn as_ptr(&self) -> *mut bindings::lock_class_key {
I think this can be made into a `const fn`. What do you all think?
- self.0.get()
+ self.0
}
}
[...]
