Hi Linus,
This is the first "fixes" PR for Rust.
While it may be a bit early to have a "fixes" branch, I guessed it
would not hurt to start practicing how to do things for the future when
we may get actual users. And since the opportunity presented itself,
I wanted to also use this PR to bring up a "policy" topic and ideally
get kernel maintainers to think about it.
The PR contains a fix for a soundness issue, i.e. it closes a hole that
would allow somebody to write safe Rust code that is able to trigger
undefined behavior.
There are no actual cases of callers triggering this, so it is possible
to argue this is not a fix, which is fair. In other words, virtually
all C code suffers from these soundness holes, but obviously they are
not considered bugs. It is precisely this extra "layer" of protection
that Rust gives to source code that we think is valuable to the kernel.
On the other hand, others may argue they want soundness fixes to land,
and possibly even backported to stable, because they may run patched
kernels, out-of-tree modules, etc. and they may want to know if they
have a problem, even if that breaks their build.
Personally, for what is worth, I would support treating them as fixes.
But I do not want to create extra work for others until we have at
least some real users. So perhaps it should not go to stable?
The commit has been in linux-next for a week in a new branch called
rust-fixes. No conflicts expected. No changes to the C side.
Please pull -- thanks!
Cheers,
Miguel
The following changes since commit 5dc4c995db9eb45f6373a956eb1f69460e69e6d4:
Linux 6.2-rc4 (2023-01-15 09:22:43 -0600)
are available in the Git repository at:
https://github.com/Rust-for-Linux/linux tags/rust-fixes-6.2
for you to fetch changes up to 6618d69aa129a8fc613e64775d5019524c6f231b:
rust: print: avoid evaluating arguments in `pr_*` macros in `unsafe` blocks (2023-01-16 00:54:35 +0100)
----------------------------------------------------------------
Rust fixes for v6.2
A soundness fix:
- Avoid evaluating arguments in 'pr_*' macros in 'unsafe' blocks.
----------------------------------------------------------------
Miguel Ojeda (1):
rust: print: avoid evaluating arguments in `pr_*` macros in `unsafe` blocks
rust/kernel/print.rs | 29 ++++++++++++++++++-----------
1 file changed, 18 insertions(+), 11 deletions(-)
The pull request you sent on Tue, 24 Jan 2023 20:33:34 +0100:
> https://github.com/Rust-for-Linux/linux tags/rust-fixes-6.2
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/246dc53fb2461dbcd66d4d1d914246a581edad29
Thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html