Received: by 2002:ab2:1149:0:b0:1f3:1f8c:d0c6 with SMTP id z9csp2074695lqz; Tue, 2 Apr 2024 06:41:59 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVGIpP0NCD+QC8AfDtyZF8xAjM/vfyqXdWzaImxrrALy4ifdHimK60KDaSngGg7LE/iE6TJAhiRMvOzIBvp8Yqwmc2rEBfGlJSv3deqtw== X-Google-Smtp-Source: AGHT+IGBENSrWtfmor8K9ZOdVxzwqUQ84L0sEz5hs/J1+8QlLns8wcbpZyTsFS8uh+xXKmoN80EU X-Received: by 2002:a17:902:c94f:b0:1e0:e85a:21ff with SMTP id i15-20020a170902c94f00b001e0e85a21ffmr14096554pla.32.1712065319604; Tue, 02 Apr 2024 06:41:59 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712065319; cv=pass; d=google.com; s=arc-20160816; b=QTZVee5eHTZrZ6a5i7UTj+SxYfH+gjGgrBkblGvSP6j0VQSpDKIjhaTklFW9fClIr4 OQWOak/IdMqwlReuUCM30Y75EUXeMEPbQ3ahDtHOJ9a0EJQ5udI8nYXo50jyJA/MPly2 mzf2tjlJ4WIGLDqV1DMzhASx+b5OQOGJiglvo94fwUyHhOndwQW7e668/4zAkSlkgzHu QLviKKHcIAEuxI6UFUY3aLLw0FMjgAEYBwjdhFXX3M62F8oCPd6KFILdx5pRWRahC3Ra 3k9nLrusIdMxZfY2aXaHsx2L1dbb4XtE60F3SzoDCKdn4pqNx7/eYj/xbdGnvzPJJ04f wPMA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=uCfbKJeKL+mMpegNJFQm0U53hM3icUzLYitSMM1i5xQ=; fh=QkmDssyHhKq4CzNnD1uWD3JcEiBlk5v+O3EeMjMLc+8=; b=NI0E3fLCZvyitsOjB19c7ZoAFlwCDHv5FXlnM+C5QNyyhGJvObe27cW7mEETbL1oei jDS/ZBRBSg++rbeMPaz0o8/FDAJjjcW+oKgkD9kswthsbSg/8MrgAXVcDfmpiKoQC8pR lfrgED43z7IIF7HhBww7enRH7yen5swK3JS4TTJuF6DG5j2eOC84MkTpN7NhuDgLlOBz e5rZJdrjX9wr3++vA7ESAcCHKIYZ6kKmPWHa59jiVRq8w1URFKyOhdM4q7VE2VefIk+N ZydRz5G94GVFswZQLl3BU5ihNZn42BhnRK8166BUtZPRmMsVu3cxHZyjqJmZiOCV+1+I IwDg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=TOVUduO5; arc=pass (i=1 spf=pass spfdomain=flex--aliceryhl.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-127999-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-127999-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id z12-20020a170902834c00b001dddd1df881si10752002pln.295.2024.04.02.06.41.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Apr 2024 06:41:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-127999-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=TOVUduO5; arc=pass (i=1 spf=pass spfdomain=flex--aliceryhl.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-127999-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-127999-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 47DD9B28D07 for ; Tue, 2 Apr 2024 13:11:02 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id EB6B913328E; Tue, 2 Apr 2024 13:07:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="TOVUduO5" Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 07A0784FAB for ; Tue, 2 Apr 2024 13:07:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712063275; cv=none; b=NYpce2fkcQ9141Ze2U3JiOJzj4L52lmXuN/6RaMD6zZL8nKwaIafK2ba9sigGID7uDYv3Sx+2ciLYkIuO2LqXjv98Rcl3bPO63Cbasv6fMymue8glpyS0xj76a+xh+L1j/WSm24a5/SWDgG74bTmQdGOlHVcwNnmRMl7Qb5GTYM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712063275; c=relaxed/simple; bh=/9JDOXGk30s1zhUrSl6X9Tci1HrlBOvd/yZB9RRxUxQ=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=HA6Yf771PR3JyoC3gql8bQupSsDko1B5+vistSnxOBZnpal26hQSox8nOSpUOs5UTdyvkMGQ1ahsA1OHZRd6cFpy2QbHVuV2W+2KFhZ9TFpJS0roah5TqMJjyDSuPRtpFR+dXXO/sl6vne/YrCYbapAGxwLTWjoUFstifczL+qM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--aliceryhl.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=TOVUduO5; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--aliceryhl.bounces.google.com Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-615272125c6so9364767b3.3 for ; Tue, 02 Apr 2024 06:07:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1712063273; x=1712668073; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=uCfbKJeKL+mMpegNJFQm0U53hM3icUzLYitSMM1i5xQ=; b=TOVUduO5YcfmYimBFM4IFFkMvkfiwemchLAw+Q9M/sfO6KssGbySco295j8yd5UmKm 69BlPHrr2SnZTe9UIFdl8NvnD6YQdcr5YVm4PCdIzYJS8LEhDrHePgdDb+t+9vXG+YX+ zQr0aB0e+/sUZ8B+nVUsn6ZWlcceHIt/LyiYKniWdS+Nij65lpsizUGugmWhiIKsM6Ky OOclTovscbv7lmDEKeTmBnHnDyAVURiIaKA7MCmD5Ei3U+q0I0IbiMX0iMfWHdwADILE 9UalMvVZNsfIJClEgLbtJU+VxSkfCI67alsfYb3f7huls/c+HRsYCMjcN1lswRi3/f0d eNRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712063273; x=1712668073; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=uCfbKJeKL+mMpegNJFQm0U53hM3icUzLYitSMM1i5xQ=; b=DoOQxeFb/3ZVGm0BVQWsvyU93lQ+4jkPfT+V2SzKoZ2PSgGs6kNVZ0gOkscKBzJqel gDOMA6R4PhtRMd0vWmTpMb6Q3NfOv2+HGqf+2iKeQQ6740hnZnRt4BAEQ2xCqzN4/5Gz UAxfuvEV46ZFW6B+hFGKA2dMNkYF6IKHQzqm14qNn07wI2BQK6Q+HnXQz/mGbYKvBuci A212IZKGxWa7UpFXOHcrNBKAPqPhSmbBu7BOAjoULq3zAld5BnpqjKqtzDplwB9QYFzl kvkiaCR96YiuLsAaLdm6uuVIyI+i+TxKEYs5BHN/4Mk0TZIxdEMK4rlGoza+ug6pu0E6 j7dQ== X-Forwarded-Encrypted: i=1; AJvYcCXTmwl5D+UfAbIcDB4F5CYDw6TYKuPPgxEo6cM297hMcHDsawhVLo1qpgOV06OHYuLCezuWiVq/XlrIZ1+Pp3nx1wC1pCEsZ/jRd8zE X-Gm-Message-State: AOJu0YxBEtxvVCy8puys6N+tI00/M9CwfNFA0io1Gc59rJkb0wFaE74k MYi6f/ISwVdikF+yMKcrdfm2RAMnyWfTYJU9PbJYCmYpMndc8lU0Nz01hD1lMqtr8PCiWP98eXW MentrZ7O8GNC/rA== X-Received: from aliceryhl2.c.googlers.com ([fda3:e722:ac3:cc00:68:949d:c0a8:572]) (user=aliceryhl job=sendgmr) by 2002:a05:690c:b9c:b0:611:747a:daac with SMTP id ck28-20020a05690c0b9c00b00611747adaacmr3425087ywb.0.1712063273111; Tue, 02 Apr 2024 06:07:53 -0700 (PDT) Date: Tue, 02 Apr 2024 13:07:42 +0000 In-Reply-To: <20240402-arc-for-list-v4-0-54db6440a9a9@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240402-arc-for-list-v4-0-54db6440a9a9@google.com> X-Developer-Key: i=aliceryhl@google.com; a=openpgp; fpr=49F6C1FAA74960F43A5B86A1EE7A392FDE96209F X-Developer-Signature: v=1; a=openpgp-sha256; l=6048; i=aliceryhl@google.com; h=from:subject:message-id; bh=/9JDOXGk30s1zhUrSl6X9Tci1HrlBOvd/yZB9RRxUxQ=; b=owEBbQKS/ZANAwAKAQRYvu5YxjlGAcsmYgBmDAMixpuDE0siAIZuQRVnjCVfT7h2isQxSwP93 P0Hsav0ZYaJAjMEAAEKAB0WIQSDkqKUTWQHCvFIvbIEWL7uWMY5RgUCZgwDIgAKCRAEWL7uWMY5 RlVgD/wI7HslZbYDfwDmdp5pDS8YLnfCI5YgZIepsCEoJG3+rSkjRUfjPeq1XrKtCTBDuS+/jP5 IsGATvF0Lvb+spKZo3r0XV0P93mseg7xVDm7xhtkbfCU0rI4zmHRhBrRPQrjzCLWQi9a55jTRf5 gqhBCVtDg/DJ8zkUvt8IaqWRFl7q/MZj3PdV+KyzT1OyqoS8+fAjYsPBBXWzAsLUbWpu18GYHQA xJMY+MOGcJrOof3oH32lq9rwt4Qmswqx9gxvm6+Pysuzp/Gfatq70s09uTND++mrxmLEU+qfRKx radkwXbP4+2Z8Uljh1wfVlT6yJaBKej3daVOIFyAyKiXJsxNgDJYFW/C2uY5XbZqSx2IF4aISTz tNO6slIj6ue43Gmonmra5ceI6dQX8ZzXEEuQMJF0k4LmsCSpG67SNx5xjKoSuD2HL5svccQmDtG d1xDV0gAliDr0EwVvCxJjdYXdRFuixUSfUyuzhGyIUbUHkB6v8vVullP65xlxazHATn2XIJvxKb ReI0NLruA+OEsAJfpNlhfHUlE+f4PcbBMu1S4tAQCxPhgM/N9XXNUcuY9rM9Ec5BNvVSEgNyzF4 2HXvsEs2BiMVka2rzwWadP93jhGvcb2eJ96RheqS3A5vs2vc8gL11cvY7RhxIjlvUooKq6hGbzd Rqpa2UosUJT0K3g== X-Mailer: b4 0.13-dev-26615 Message-ID: <20240402-arc-for-list-v4-1-54db6440a9a9@google.com> Subject: [PATCH v4 1/2] rust: sync: add `ArcBorrow::from_raw` From: Alice Ryhl To: Miguel Ojeda , Alex Gaynor , Wedson Almeida Filho , Boqun Feng , Gary Guo , "=?utf-8?q?Bj=C3=B6rn_Roy_Baron?=" , Benno Lossin , Andreas Hindborg Cc: rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org, Alice Ryhl Content-Type: text/plain; charset="utf-8" Allows access to a value in an `Arc` that is currently held as a raw pointer due to use of `Arc::into_raw`, without destroying or otherwise consuming that raw pointer. This is a dependency of the linked list that Rust Binder uses. The linked list uses this method when iterating over the linked list [1]. Reviewed-by: Benno Lossin Reviewed-by: Boqun Feng Link: https://lore.kernel.org/r/20240402-linked-list-v1-6-b1c59ba7ae3b@google.com [1] Signed-off-by: Alice Ryhl --- rust/kernel/sync/arc.rs | 76 +++++++++++++++++++++++++++++++++++++------------ 1 file changed, 58 insertions(+), 18 deletions(-) diff --git a/rust/kernel/sync/arc.rs b/rust/kernel/sync/arc.rs index 7d4c4bf58388..53addb8876c2 100644 --- a/rust/kernel/sync/arc.rs +++ b/rust/kernel/sync/arc.rs @@ -137,6 +137,39 @@ struct ArcInner { data: T, } +impl ArcInner { + /// Converts a pointer to the contents of an [`Arc`] into a pointer to the [`ArcInner`]. + /// + /// # Safety + /// + /// `ptr` must have been returned by a previous call to [`Arc::into_raw`], and the `Arc` must + /// not yet have been destroyed. + unsafe fn container_of(ptr: *const T) -> NonNull> { + let refcount_layout = Layout::new::(); + // SAFETY: The caller guarantees that the pointer is valid. + let val_layout = Layout::for_value(unsafe { &*ptr }); + // SAFETY: We're computing the layout of a real struct that existed when compiling this + // binary, so its layout is not so large that it can trigger arithmetic overflow. + let val_offset = unsafe { refcount_layout.extend(val_layout).unwrap_unchecked().1 }; + + // Pointer casts leave the metadata unchanged. This is okay because the metadata of `T` and + // `ArcInner` is the same since `ArcInner` is a struct with `T` as its last field. + // + // This is documented at: + // . + let ptr = ptr as *const ArcInner; + + // SAFETY: The pointer is in-bounds of an allocation both before and after offsetting the + // pointer, since it originates from a previous call to `Arc::into_raw` on an `Arc` that is + // still valid. + let ptr = unsafe { ptr.byte_sub(val_offset) }; + + // SAFETY: The pointer can't be null since you can't have an `ArcInner` value at the null + // address. + unsafe { NonNull::new_unchecked(ptr.cast_mut()) } + } +} + // This is to allow [`Arc`] (and variants) to be used as the type of `self`. impl core::ops::Receiver for Arc {} @@ -232,27 +265,13 @@ pub fn into_raw(self) -> *const T { /// `ptr` must have been returned by a previous call to [`Arc::into_raw`]. Additionally, it /// must not be called more than once for each previous call to [`Arc::into_raw`]. pub unsafe fn from_raw(ptr: *const T) -> Self { - let refcount_layout = Layout::new::(); - // SAFETY: The caller guarantees that the pointer is valid. - let val_layout = Layout::for_value(unsafe { &*ptr }); - // SAFETY: We're computing the layout of a real struct that existed when compiling this - // binary, so its layout is not so large that it can trigger arithmetic overflow. - let val_offset = unsafe { refcount_layout.extend(val_layout).unwrap_unchecked().1 }; - - // Pointer casts leave the metadata unchanged. This is okay because the metadata of `T` and - // `ArcInner` is the same since `ArcInner` is a struct with `T` as its last field. - // - // This is documented at: - // . - let ptr = ptr as *const ArcInner; - - // SAFETY: The pointer is in-bounds of an allocation both before and after offsetting the - // pointer, since it originates from a previous call to `Arc::into_raw` and is still valid. - let ptr = unsafe { ptr.byte_sub(val_offset) }; + // SAFETY: The caller promises that this pointer originates from a call to `into_raw` on an + // `Arc` that is still valid. + let ptr = unsafe { ArcInner::container_of(ptr) }; // SAFETY: By the safety requirements we know that `ptr` came from `Arc::into_raw`, so the // reference count held then will be owned by the new `Arc` object. - unsafe { Self::from_inner(NonNull::new_unchecked(ptr.cast_mut())) } + unsafe { Self::from_inner(ptr) } } /// Returns an [`ArcBorrow`] from the given [`Arc`]. @@ -453,6 +472,27 @@ unsafe fn new(inner: NonNull>) -> Self { _p: PhantomData, } } + + /// Creates an [`ArcBorrow`] to an [`Arc`] that has previously been deconstructed with + /// [`Arc::into_raw`]. + /// + /// # Safety + /// + /// * The provided pointer must originate from a call to [`Arc::into_raw`]. + /// * For the duration of the lifetime annotated on this `ArcBorrow`, the reference count must + /// not hit zero. + /// * For the duration of the lifetime annotated on this `ArcBorrow`, there must not be a + /// [`UniqueArc`] reference to this value. + pub unsafe fn from_raw(ptr: *const T) -> Self { + // SAFETY: The caller promises that this pointer originates from a call to `into_raw` on an + // `Arc` that is still valid. + let ptr = unsafe { ArcInner::container_of(ptr) }; + + // SAFETY: The caller promises that the value remains valid since the reference count must + // not hit zero, and no mutable reference will be created since that would involve a + // `UniqueArc`. + unsafe { Self::new(ptr) } + } } impl From> for Arc { -- 2.44.0.478.gd926399ef9-goog