Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1134439rwb; Tue, 27 Sep 2022 08:51:43 -0700 (PDT) X-Google-Smtp-Source: AMsMyM40QnBj4weQB0P/xodqJOZa+N7SwYcbFWiKtgPkd7uG+kiT9/LkHwaNS5jWm9WDR9+zOaXG X-Received: by 2002:a17:90b:4d82:b0:202:9030:e482 with SMTP id oj2-20020a17090b4d8200b002029030e482mr5437983pjb.110.1664293903621; Tue, 27 Sep 2022 08:51:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664293903; cv=none; d=google.com; s=arc-20160816; b=hHaxN/a70L7FFJGmy23VyPKMyYv52z5BhfNTF+lPnX7UhvLZsNq3vlqYJ/fViivb2l ivTwFGRcyW5ZGHsdbxgmmJtlQ0AGnrd9E1S+D5UUwH6ABpOAv+iAhhEaZVzSgjPVYYUF o/ao21/wIGF3tqe9+4o4BKrVmES4ssHlSFrfrgFa2EwL66Lct5jRVodAzEXE6ihE6wYH NiuxWIO0zkDmW787zZlmuwpQk3f+RtR3ZiqB0xOmyKbhSPPBQr14Ay0AQcLrAKIMU85W TAiXuuH4Zfsb/WIGzQbbwrMQdSsomftMfzQwc9Z/L7LJW+gRKsn1OO6Nj6wMvAGIs7LX cwQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=TUGMZoFYFoHDZJYWzaIuE6u06usrctQB8r3AoeeFKDk=; b=acN4IbJipYkQ/HwkOwvh5YV1wDgnOja5vdrQvD1ewRurkMhvbNqDeE/pLP7sixPnCl GxeqTIrmfjIi/3MnNlkVmfglY5FsPOHxCGAYLMIXG+mzKnsuPQD1j+jEZfXfEUOec8C3 1gG9YxPxsNsmzKVTZZX8YAcrrLtgVx2i8o4iby3KbXRXyunEFhwNBFQ9v8RmeQY2TVth 1XD9kK68xJTxZo587hXF18FlcitpQr8ktVu2Vu5YqF+FSIWmcL21YFoV6qMePxjCTZ48 PeNEVoBzRzaJoXkpq1CvrzkDtITjUVV8oqFgg796n1Ezo0iEZwSDYLFfq5GwNacUaR5n HhUA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=lYb4nELx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 32-20020a631260000000b0042bc0600864si2181285pgs.536.2022.09.27.08.51.31; Tue, 27 Sep 2022 08:51:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=lYb4nELx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232632AbiI0Piy (ORCPT + 99 others); Tue, 27 Sep 2022 11:38:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52274 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232736AbiI0Pid (ORCPT ); Tue, 27 Sep 2022 11:38:33 -0400 Received: from mail-vs1-xe32.google.com (mail-vs1-xe32.google.com [IPv6:2607:f8b0:4864:20::e32]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F3F251CE15E; Tue, 27 Sep 2022 08:37:02 -0700 (PDT) Received: by mail-vs1-xe32.google.com with SMTP id m66so10005929vsm.12; Tue, 27 Sep 2022 08:37:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=TUGMZoFYFoHDZJYWzaIuE6u06usrctQB8r3AoeeFKDk=; b=lYb4nELxXqmlc7EGzml+Eu3QkgdG8gCYbaYfSADphVKjQKUWjdiiBEuNR90lhN/sou VNISjYxkC/VQlbZUkEj32sI0PymuhWR3C5r/r7tNcHc/GDv7zhdtjH+hrgUwTU15bR7s S/wuQiNw2bszt+WguK8q1I73PmRtZpjls1GKHtdE8/yMzTnIBAWRu3TAyig95OC2vx2q Bn4slTdpyOi4lEYSQP3T78YJmrX6+ayRYr5qe1yxdwzFcNBLR0aFlmy2TRBsvZ0tvBrA 6Exxs/xPGEmocwv4D2MLnwaOYtuvKgutzCG2gKPCVD/k0Kyt9qUKd2tJemQIoIgy/5fn 22LQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=TUGMZoFYFoHDZJYWzaIuE6u06usrctQB8r3AoeeFKDk=; b=qZXqdYDGbFFbHJB+2mtzsog9ipbNKE+0V4iWetsO0GxLsTL231GRx/rqUUMYY0wPXu BUXpt5yqgAEnMKiKeKh2xuuAqLxLGn1Vyr0KojnwxP7i9KsftJ6h0WgDm7NgzVvH7/eV g2WZP//qzm1yMU1ykyeBDSYVBEPOn9pQUHpcfB8TcHdWS6KFPspBwKQSQlnCgu3CbthV rJ008rtDbfAgOdmFU+FNAjU1EMlKtx0u5GVBBf6PFoXq4YY7xRF/5lGpOzZ0AhUoktcL iviqAE52XfO5wqQ2m7LIc07c5SXM1q5KiiL6bgak38XoHfo+ucEIGWc6P15XTmBsPk7L 8GWQ== X-Gm-Message-State: ACrzQf16vRNorxk7cWW86eHhUqpusM6Qov9F77HoU7SAxy6DMElEoT5A TeH6Q8B3oVrajJ7Yq2K/cHANkknDIov7vaQoyKI= X-Received: by 2002:a67:fc44:0:b0:398:30ac:1c95 with SMTP id p4-20020a67fc44000000b0039830ac1c95mr11484950vsq.16.1664292979806; Tue, 27 Sep 2022 08:36:19 -0700 (PDT) MIME-Version: 1.0 References: <20220927131518.30000-1-ojeda@kernel.org> <20220927131518.30000-13-ojeda@kernel.org> In-Reply-To: From: Alex Gaynor Date: Tue, 27 Sep 2022 10:36:08 -0500 Message-ID: Subject: Re: [PATCH v10 12/27] rust: add `kernel` crate To: Greg Kroah-Hartman Cc: Miguel Ojeda , Linus Torvalds , rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, patches@lists.linux.dev, Jarkko Sakkinen , Wedson Almeida Filho , Geoffrey Thomas , Finn Behrens , Adam Bratschi-Kaye , Sven Van Asbroeck , Gary Guo , Boris-Chengbiao Zhou , Boqun Feng , Fox Chen , Viktor Garske , Dariusz Sosnowski , =?UTF-8?Q?L=C3=A9o_Lanteri_Thauvin?= , Niklas Mohrin , Milan Landaverde , Morgan Bartlett , Maciej Falkowski , =?UTF-8?B?TsOhbmRvciBJc3R2w6FuIEtyw6Fjc2Vy?= , David Gow , John Baublitz , =?UTF-8?Q?Bj=C3=B6rn_Roy_Baron?= Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 27, 2022 at 10:22 AM Greg Kroah-Hartman wrote: > > On Tue, Sep 27, 2022 at 03:14:43PM +0200, Miguel Ojeda wrote: > > +unsafe impl GlobalAlloc for KernelAllocator { > > + unsafe fn alloc(&self, layout: Layout) -> *mut u8 { > > + // `krealloc()` is used instead of `kmalloc()` because the latter is > > + // an inline function and cannot be bound to as a result. > > + unsafe { bindings::krealloc(ptr::null(), layout.size(), bindings::GFP_KERNEL) as *mut u8 } > > This feels "odd" to me. Why not just use __kmalloc() instead of > krealloc()? I think that will get you the same kasan tracking, and > should be a tiny bit faster (1-2 less function calls). > This may literally be the oldest code in the project :-). To the best of my recollection, it's krealloc simply because that seemed like a public API that worked. I don't think it even occurred to use to look at __kmalloc. > I guess it probably doesn't matter right now, just curious, and not a > big deal at all. > > Other minor comments: > > > > +/// Contains the C-compatible error codes. > > +pub mod code { > > + /// Out of memory. > > + pub const ENOMEM: super::Error = super::Error(-(crate::bindings::ENOMEM as i32)); > > +} > > You'll be adding other error values here over time, right? > Yes -- this is the most minimal set that's needed for the initial patch set. The full branch has every error constant bound. > > > +/// A [`Result`] with an [`Error`] error type. > > +/// > > +/// To be used as the return type for functions that may fail. > > +/// > > +/// # Error codes in C and Rust > > +/// > > +/// In C, it is common that functions indicate success or failure through > > +/// their return value; modifying or returning extra data through non-`const` > > +/// pointer parameters. In particular, in the kernel, functions that may fail > > +/// typically return an `int` that represents a generic error code. We model > > +/// those as [`Error`]. > > +/// > > +/// In Rust, it is idiomatic to model functions that may fail as returning > > +/// a [`Result`]. Since in the kernel many functions return an error code, > > +/// [`Result`] is a type alias for a [`core::result::Result`] that uses > > +/// [`Error`] as its error type. > > +/// > > +/// Note that even if a function does not return anything when it succeeds, > > +/// it should still be modeled as returning a `Result` rather than > > +/// just an [`Error`]. > > +pub type Result = core::result::Result; > > What about functions that do have return functions of: > >= 0 number of bytes read/written/consumed/whatever > < 0 error code > > Would that use Result or Error as a type? Or is it best just to not try > to model that mess in Rust calls? :) > We'd model that as a `Result`. Negative values would become `Err(EWHATEVER)` and non-negative values would be `Ok(n)`. Then at the boundaries of Rust/C code we'd convert as appropriate. > > +macro_rules! pr_info ( > > + ($($arg:tt)*) => ( > > + $crate::print_macro!($crate::print::format_strings::INFO, $($arg)*) > > + ) > > +); > > In the long run, using "raw" print macros like this is usually not the > thing to do. Drivers always have a device to reference the message to, > and other things like filesystems and subsystems have a prefix to use as > well. > > Hopefully not many will use these as-is and we can wrap them properly > later on. > > Then there's the whole dynamic debug stuff, but that's a different > topic. > > Anyway, all looks sane to me, sorry for the noise: > > Reviewed-by: Greg Kroah-Hartman Cheers, Alex -- All that is necessary for evil to succeed is for good people to do nothing.