Received: by 2002:a05:6358:11c7:b0:104:8066:f915 with SMTP id i7csp1962790rwl; Sat, 8 Apr 2023 05:28:45 -0700 (PDT) X-Google-Smtp-Source: AKy350aqmXo2tmpeWx1A/8bS48O0KHXHnkdIWtTlwqKFtjyETHMvubvbpbrZIlg2uAThqUvfIgqf X-Received: by 2002:a17:903:32ca:b0:1a1:97b5:c660 with SMTP id i10-20020a17090332ca00b001a197b5c660mr6044997plr.20.1680956925273; Sat, 08 Apr 2023 05:28:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680956925; cv=none; d=google.com; s=arc-20160816; b=XJmJhyDt5lTYKBh7fqlp9txY+Rw5Df7xkMXW7t+xT6FJUBOTVST/oPbW5EIepW5Krm Ti95Q2znBG65c+n6wDZONRY0WbeADpEMp40fIO8Jh5PyeFQB8cIGzIh2qy9hNE5zwhfb Fd4gvbD+g0X+YFBiRO2/utmbH89d+HjAhv1sDEoidwydL9CnZHh7qrTvc7ufblGKcvkf /a9iiilTU2vx1ONWzKktvPbz33ikICJ29HdwqjKA6+cFtodHUeQQc9PK+51kBS6xfO8R zEW70vQpGsN4pK9V9QMSyrX01xF/jji5POTlxxGBspNjH6ILp4YqbBef2+HPoWQm5EhC KEAg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :feedback-id:references:in-reply-to:message-id:subject:cc:from:to :dkim-signature:date; bh=Wx+mkXJAMUZ55C6ki8WnDTtKcBxXLup6TKxHAyI1Z5o=; b=vZ7lGrpWm3W/zAmsFXoYoX4aC43nkiS6eQYirXCF/dJ2iyHOtcpxDj4JnSr95I+Ygm uO1p08LHjlbFJNGJLecoSwCo4CB3bl99wQHh7FIwPpbDsYPRDCcTCDVqEdk0GB2Ve5w7 NWoHwUZ+177orxjXFAR5hGKADPcSCK4xT7liQpNG8Ma3Vlj+J7FyoIW4pP8j8R3JMGt0 XWZAssDky9E0mE34Yl1Zv+wqYW7I9l9tkElsszcws9ZOpynGF/ys/fLDhguojbTQP3HT 5BsT2nLZKZTAR3PY46Fg4bdrxwa4gER7qrLfIylrhm9i/iag4Jmv5CTsK0NypGff+u8Q V71Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=LdlqORiS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s4-20020a170902a50400b001a1d47f6116si6024811plq.88.2023.04.08.05.28.33; Sat, 08 Apr 2023 05:28:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=LdlqORiS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231150AbjDHM12 (ORCPT + 99 others); Sat, 8 Apr 2023 08:27:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34956 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231286AbjDHM1E (ORCPT ); Sat, 8 Apr 2023 08:27:04 -0400 Received: from mail-40133.protonmail.ch (mail-40133.protonmail.ch [185.70.40.133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7050CFF31 for ; Sat, 8 Apr 2023 05:26:43 -0700 (PDT) Date: Sat, 08 Apr 2023 12:26:12 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1680956785; x=1681215985; bh=Wx+mkXJAMUZ55C6ki8WnDTtKcBxXLup6TKxHAyI1Z5o=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=LdlqORiSsNmxoIt4QRBloMSFoxTFyK6z0FRrncl/KmcMtLQebpjtxrOqTAeV+aSOa jOYaEZSgrxlwJHNrTMlLJAPfgiC9ivEVVTp44iEucDd7TetLNo1h+fVtuJRhsxMeWH +vsN4BlH7TRFQxqOBlt/RttSqT3zYaxNhlTRLRoYzN3+zKmvp1M1lF9jZVVtdtBo+/ 3V1dlq0lhm4BJjgVcwUcN2coxWhS/8KFrebSFZYDcnoE7w8RhlXWQqq0CG5vKh5wCe OqxKRf9ZR+DH8ohdsRBy3DnOEQx70CdQLsE/vAvGhmb7hAnkPSrDdq/2z6myjOK6AM 2+sNyW3knxJZg== To: Miguel Ojeda , Alex Gaynor , Wedson Almeida Filho , Boqun Feng , Gary Guo , =?utf-8?Q?Bj=C3=B6rn_Roy_Baron?= , Alice Ryhl , Andreas Hindborg From: Benno Lossin Cc: rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org, patches@lists.linux.dev, Benno Lossin , Alice Ryhl , Andreas Hindborg Subject: [PATCH v7 11/15] rust: init: add `Zeroable` trait and `init::zeroed` function Message-ID: <20230408122429.1103522-12-y86-dev@protonmail.com> In-Reply-To: <20230408122429.1103522-1-y86-dev@protonmail.com> References: <20230408122429.1103522-1-y86-dev@protonmail.com> Feedback-ID: 40624463:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_MSPIKE_H2, SPF_HELO_PASS,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add the `Zeroable` trait which marks types that can be initialized by writing `0x00` to every byte of the type. Also add the `init::zeroed` function that creates an initializer for a `Zeroable` type that writes `0x00` to every byte. Signed-off-by: Benno Lossin Reviewed-by: Alice Ryhl Reviewed-by: Gary Guo Reviewed-by: Andreas Hindborg --- rust/kernel/init.rs | 97 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 95 insertions(+), 2 deletions(-) diff --git a/rust/kernel/init.rs b/rust/kernel/init.rs index 99751375e7c8..ffd539e2f5ef 100644 --- a/rust/kernel/init.rs +++ b/rust/kernel/init.rs @@ -195,8 +195,14 @@ use crate::{ }; use alloc::boxed::Box; use core::{ - alloc::AllocError, cell::Cell, convert::Infallible, marker::PhantomDat= a, mem::MaybeUninit, - pin::Pin, ptr, + alloc::AllocError, + cell::Cell, + convert::Infallible, + marker::PhantomData, + mem::MaybeUninit, + num::*, + pin::Pin, + ptr::{self, NonNull}, }; #[doc(hidden)] @@ -1323,3 +1329,90 @@ pub unsafe trait PinnedDrop: __internal::HasPinData = { /// automatically. fn drop(self: Pin<&mut Self>, only_call_from_drop: __internal::OnlyCal= lFromDrop); } + +/// Marker trait for types that can be initialized by writing just zeroes. +/// +/// # Safety +/// +/// The bit pattern consisting of only zeroes is a valid bit pattern for t= his type. In other words, +/// this is not UB: +/// +/// ```rust,ignore +/// let val: Self =3D unsafe { core::mem::zeroed() }; +/// ``` +pub unsafe trait Zeroable {} + +/// Create a new zeroed T. +/// +/// The returned initializer will write `0x00` to every byte of the given = `slot`. +#[inline] +pub fn zeroed() -> impl Init { + // SAFETY: Because `T: Zeroable`, all bytes zero is a valid bit patter= n for `T` + // and because we write all zeroes, the memory is initialized. + unsafe { + init_from_closure(|slot: *mut T| { + slot.write_bytes(0, 1); + Ok(()) + }) + } +} + +macro_rules! impl_zeroable { + ($($({$($generics:tt)*})? $t:ty, )*) =3D> { + $(unsafe impl$($($generics)*)? Zeroable for $t {})* + }; +} + +impl_zeroable! { + // SAFETY: All primitives that are allowed to be zero. + bool, + char, + u8, u16, u32, u64, u128, usize, + i8, i16, i32, i64, i128, isize, + f32, f64, + + // SAFETY: These are ZSTs, there is nothing to zero. + {} PhantomData, core::marker::PhantomPinned, Infallible,= (), + + // SAFETY: Type is allowed to take any value, including all zeros. + {} MaybeUninit, + + // SAFETY: All zeros is equivalent to `None` (option layout optimizati= on guarantee). + Option, Option, Option, Option, + Option, Option, + Option, Option, Option, Option, + Option, Option, + + // SAFETY: All zeros is equivalent to `None` (option layout optimizati= on guarantee). + // + // In this case we are allowed to use `T: ?Sized`, since all zeros is = the `None` variant. + {} Option>, + {} Option>, + + // SAFETY: `null` pointer is valid. + // + // We cannot use `T: ?Sized`, since the VTABLE pointer part of fat poi= nters is not allowed to be + // null. + // + // When `Pointee` gets stabilized, we could use + // `T: ?Sized where ::Metadata: Zeroable` + {} *mut T, {} *const T, + + // SAFETY: `null` pointer is valid and the metadata part of these fat = pointers is allowed to be + // zero. + {} *mut [T], {} *const [T], *mut str, *const str, + + // SAFETY: `T` is `Zeroable`. + {} [T; N], {} Wrapping, +} + +macro_rules! impl_tuple_zeroable { + ($(,)?) =3D> {}; + ($first:ident, $($t:ident),* $(,)?) =3D> { + // SAFETY: All elements are zeroable and padding can be zero. + unsafe impl<$first: Zeroable, $($t: Zeroable),*> Zeroable for ($fi= rst, $($t),*) {} + impl_tuple_zeroable!($($t),* ,); + } +} + +impl_tuple_zeroable!(A, B, C, D, E, F, G, H, I, J); -- 2.39.2