mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-02-15 07:22:48 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
00a7e470a59740a4eaf28fc0fd2020c1872f9fc3
linux/rust/pin-init/src/alloc.rs
Miguel Ojeda 3c75fff196 rust: pin-init: alloc: restrict impl ZeroableOption for Box to T: Sized 
Similar to what was done for `Zeroable<NonNull<T>>` in commit
df27cef153 ("rust: init: fix `Zeroable` implementation for
`Option<NonNull<T>>` and `Option<KBox<T>>`"), the latest Rust
documentation [1] says it guarantees that `transmute::<_,
Option<T>>([0u8; size_of::<T>()])` is sound and produces
`Option::<T>::None` only in some cases. In particular, it says:

    `Box<U>` (specifically, only `Box<U, Global>`) when `U: Sized`

Thus restrict the `impl` to `Sized`, and use similar wording as in that
commit too.

Link: https://doc.rust-lang.org/stable/std/option/index.html#representation [1]
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
Link: a6007cf555
Fixes: 9b2299af3b ("rust: pin-init: add `std` and `alloc` support from the user-space version")
Cc: stable@vger.kernel.org
[ Adjust mentioned commit to the one from the kernel. - Benno ]
Signed-off-by: Benno Lossin <benno.lossin@proton.me>
Link: https://lore.kernel.org/r/20250407201755.649153-2-benno.lossin@proton.me
Signed-off-by: Miguel Ojeda <ojeda@kernel.org>
2025-04-08 21:12:58 +02:00

157 lines
5.2 KiB
Rust
Raw Blame History

// SPDX-License-Identifier: Apache-2.0 OR MIT
#[cfg(all(feature = "alloc", not(feature = "std")))]
use alloc::{boxed::Box, sync::Arc};
#[cfg(feature = "alloc")]
use core::alloc::AllocError;
use core::{mem::MaybeUninit, pin::Pin};
#[cfg(feature = "std")]
use std::sync::Arc;
#[cfg(not(feature = "alloc"))]
type AllocError = core::convert::Infallible;
use crate::{
init_from_closure, pin_init_from_closure, InPlaceWrite, Init, PinInit, ZeroableOption,
};
pub extern crate alloc;
// SAFETY: All zeros is equivalent to `None` (option layout optimization guarantee:
// <https://doc.rust-lang.org/stable/std/option/index.html#representation>).
unsafe impl<T> ZeroableOption for Box<T> {}
/// Smart pointer that can initialize memory in-place.
pub trait InPlaceInit<T>: Sized {
/// Use the given pin-initializer to pin-initialize a `T` inside of a new smart pointer of this
/// type.
///
/// If `T: !Unpin` it will not be able to move afterwards.
fn try_pin_init<E>(init: impl PinInit<T, E>) -> Result<Pin<Self>, E>
where
E: From<AllocError>;
/// Use the given pin-initializer to pin-initialize a `T` inside of a new smart pointer of this
/// type.
///
/// If `T: !Unpin` it will not be able to move afterwards.
fn pin_init(init: impl PinInit<T>) -> Result<Pin<Self>, AllocError> {
// SAFETY: We delegate to `init` and only change the error type.
let init = unsafe {
pin_init_from_closure(|slot| match init.__pinned_init(slot) {
Ok(()) => Ok(()),
Err(i) => match i {},
})
};
Self::try_pin_init(init)
}
/// Use the given initializer to in-place initialize a `T`.
fn try_init<E>(init: impl Init<T, E>) -> Result<Self, E>
where
E: From<AllocError>;
/// Use the given initializer to in-place initialize a `T`.
fn init(init: impl Init<T>) -> Result<Self, AllocError> {
// SAFETY: We delegate to `init` and only change the error type.
let init = unsafe {
init_from_closure(|slot| match init.__init(slot) {
Ok(()) => Ok(()),
Err(i) => match i {},
})
};
Self::try_init(init)
}
}
#[cfg(feature = "alloc")]
macro_rules! try_new_uninit {
($type:ident) => {
$type::try_new_uninit()?
};
}
#[cfg(all(feature = "std", not(feature = "alloc")))]
macro_rules! try_new_uninit {
($type:ident) => {
$type::new_uninit()
};
}
impl<T> InPlaceInit<T> for Box<T> {
#[inline]
fn try_pin_init<E>(init: impl PinInit<T, E>) -> Result<Pin<Self>, E>
where
E: From<AllocError>,
{
try_new_uninit!(Box).write_pin_init(init)
}
#[inline]
fn try_init<E>(init: impl Init<T, E>) -> Result<Self, E>
where
E: From<AllocError>,
{
try_new_uninit!(Box).write_init(init)
}
}
impl<T> InPlaceInit<T> for Arc<T> {
#[inline]
fn try_pin_init<E>(init: impl PinInit<T, E>) -> Result<Pin<Self>, E>
where
E: From<AllocError>,
{
let mut this = try_new_uninit!(Arc);
let Some(slot) = Arc::get_mut(&mut this) else {
// SAFETY: the Arc has just been created and has no external references
unsafe { core::hint::unreachable_unchecked() }
};
let slot = slot.as_mut_ptr();
// SAFETY: When init errors/panics, slot will get deallocated but not dropped,
// slot is valid and will not be moved, because we pin it later.
unsafe { init.__pinned_init(slot)? };
// SAFETY: All fields have been initialized and this is the only `Arc` to that data.
Ok(unsafe { Pin::new_unchecked(this.assume_init()) })
}
#[inline]
fn try_init<E>(init: impl Init<T, E>) -> Result<Self, E>
where
E: From<AllocError>,
{
let mut this = try_new_uninit!(Arc);
let Some(slot) = Arc::get_mut(&mut this) else {
// SAFETY: the Arc has just been created and has no external references
unsafe { core::hint::unreachable_unchecked() }
};
let slot = slot.as_mut_ptr();
// SAFETY: When init errors/panics, slot will get deallocated but not dropped,
// slot is valid.
unsafe { init.__init(slot)? };
// SAFETY: All fields have been initialized.
Ok(unsafe { this.assume_init() })
}
}
impl<T> InPlaceWrite<T> for Box<MaybeUninit<T>> {
type Initialized = Box<T>;
fn write_init<E>(mut self, init: impl Init<T, E>) -> Result<Self::Initialized, E> {
let slot = self.as_mut_ptr();
// SAFETY: When init errors/panics, slot will get deallocated but not dropped,
// slot is valid.
unsafe { init.__init(slot)? };
// SAFETY: All fields have been initialized.
Ok(unsafe { self.assume_init() })
}
fn write_pin_init<E>(mut self, init: impl PinInit<T, E>) -> Result<Pin<Self::Initialized>, E> {
let slot = self.as_mut_ptr();
// SAFETY: When init errors/panics, slot will get deallocated but not dropped,
// slot is valid and will not be moved, because we pin it later.
unsafe { init.__pinned_init(slot)? };
// SAFETY: All fields have been initialized.
Ok(unsafe { self.assume_init() }.into())
}
}
Reference in New Issue View Git Blame Copy Permalink