tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'rust-fixes-6.12' of https://github.com/Rust-for-Linux/linux

Pull Rust fixes from Miguel Ojeda:
"Toolchain and infrastructure:

- Fix/improve a couple 'depends on' on the newly added CFI/KASAN
suppport to avoid build errors/warnings

- Fix ARCH_SLAB_MINALIGN multiple definition error for RISC-V under
!CONFIG_MMU

- Clean upcoming (Rust 1.83.0) Clippy warnings

'kernel' crate:

- 'sync' module: fix soundness issue by requiring 'T: Sync' for
'LockedBy::access'; and fix helpers build error under PREEMPT_RT

- Fix trivial sorting issue ('rustfmtcheck') on the v6.12 Rust merge"

* tag 'rust-fixes-6.12' of https://github.com/Rust-for-Linux/linux:
rust: kunit: use C-string literals to clean warning
cfi: encode cfi normalized integers + kasan/gcov bug in Kconfig
rust: KASAN+RETHUNK requires rustc 1.83.0
rust: cfi: fix `patchable-function-entry` starting version
rust: mutex: fix __mutex_init() usage in case of PREEMPT_RT
rust: fix `ARCH_SLAB_MINALIGN` multiple definition error
rust: sync: require `T: Sync` for `LockedBy::access`
rust: kernel: sort Rust modules

Linus Torvalds 0c559323 263a25de

+48 -10
+17 -1
arch/Kconfig
··· 838 838 config CFI_ICALL_NORMALIZE_INTEGERS 839 839 bool "Normalize CFI tags for integers" 840 840 depends on CFI_CLANG 841 - depends on $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers) 841 + depends on HAVE_CFI_ICALL_NORMALIZE_INTEGERS 842 842 help 843 843 This option normalizes the CFI tags for integer types so that all 844 844 integer types of the same size and signedness receive the same CFI ··· 850 850 turned on. 851 851 852 852 This option is necessary for using CFI with Rust. If unsure, say N. 853 + 854 + config HAVE_CFI_ICALL_NORMALIZE_INTEGERS 855 + def_bool !GCOV_KERNEL && !KASAN 856 + depends on CFI_CLANG 857 + depends on $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers) 858 + help 859 + Is CFI_ICALL_NORMALIZE_INTEGERS supported with the set of compilers 860 + currently in use? 861 + 862 + This option defaults to false if GCOV or KASAN is enabled, as there is 863 + an LLVM bug that makes normalized integers tags incompatible with 864 + KASAN and GCOV. Kconfig currently does not have the infrastructure to 865 + detect whether your rustc compiler contains the fix for this bug, so 866 + it is assumed that it doesn't. If your compiler has the fix, you can 867 + explicitly enable this option in your config file. The Kconfig logic 868 + needed to detect this will be added in a future kernel release. 853 869 854 870 config CFI_PERMISSIVE 855 871 bool "Use CFI in permissive mode"
+3 -2
init/Kconfig
··· 1946 1946 depends on !GCC_PLUGIN_RANDSTRUCT 1947 1947 depends on !RANDSTRUCT 1948 1948 depends on !DEBUG_INFO_BTF || PAHOLE_HAS_LANG_EXCLUDE 1949 - depends on !CFI_CLANG || RUSTC_VERSION >= 107900 && $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers) 1949 + depends on !CFI_CLANG || RUSTC_VERSION >= 107900 && HAVE_CFI_ICALL_NORMALIZE_INTEGERS 1950 1950 select CFI_ICALL_NORMALIZE_INTEGERS if CFI_CLANG 1951 - depends on !CALL_PADDING || RUSTC_VERSION >= 108000 1951 + depends on !CALL_PADDING || RUSTC_VERSION >= 108100 1952 1952 depends on !KASAN_SW_TAGS 1953 + depends on !(MITIGATION_RETHUNK && KASAN) || RUSTC_VERSION >= 108300 1953 1954 help 1954 1955 Enables Rust support in the kernel. 1955 1956
+5
rust/bindgen_parameters
··· 24 24 # These functions use the `__preserve_most` calling convention, which neither bindgen 25 25 # nor Rust currently understand, and which Clang currently declares to be unstable. 26 26 --blocklist-function __list_.*_report 27 + 28 + # These constants are sometimes not recognized by bindgen depending on config. 29 + # We use const helpers to aid bindgen, to avoid conflicts when constants are 30 + # recognized, block generation of the non-helper constants. 31 + --blocklist-item ARCH_SLAB_MINALIGN
+6
rust/helpers/mutex.c
··· 7 7 { 8 8 mutex_lock(lock); 9 9 } 10 + 11 + void rust_helper___mutex_init(struct mutex *mutex, const char *name, 12 + struct lock_class_key *key) 13 + { 14 + __mutex_init(mutex, name, key); 15 + }
+2 -2
rust/kernel/kunit.rs
··· 18 18 #[cfg(CONFIG_PRINTK)] 19 19 unsafe { 20 20 bindings::_printk( 21 - b"\x013%pA\0".as_ptr() as _, 21 + c"\x013%pA".as_ptr() as _, 22 22 &args as *const _ as *const c_void, 23 23 ); 24 24 } ··· 34 34 #[cfg(CONFIG_PRINTK)] 35 35 unsafe { 36 36 bindings::_printk( 37 - b"\x016%pA\0".as_ptr() as _, 37 + c"\x016%pA".as_ptr() as _, 38 38 &args as *const _ as *const c_void, 39 39 ); 40 40 }
+1 -1
rust/kernel/lib.rs
··· 44 44 pub mod page; 45 45 pub mod prelude; 46 46 pub mod print; 47 - pub mod sizes; 48 47 pub mod rbtree; 48 + pub mod sizes; 49 49 mod static_assert; 50 50 #[doc(hidden)] 51 51 pub mod std_vendor;
+14 -4
rust/kernel/sync/locked_by.rs
··· 83 83 // SAFETY: `LockedBy` can be transferred across thread boundaries iff the data it protects can. 84 84 unsafe impl<T: ?Sized + Send, U: ?Sized> Send for LockedBy<T, U> {} 85 85 86 - // SAFETY: `LockedBy` serialises the interior mutability it provides, so it is `Sync` as long as the 87 - // data it protects is `Send`. 86 + // SAFETY: If `T` is not `Sync`, then parallel shared access to this `LockedBy` allows you to use 87 + // `access_mut` to hand out `&mut T` on one thread at the time. The requirement that `T: Send` is 88 + // sufficient to allow that. 89 + // 90 + // If `T` is `Sync`, then the `access` method also becomes available, which allows you to obtain 91 + // several `&T` from several threads at once. However, this is okay as `T` is `Sync`. 88 92 unsafe impl<T: ?Sized + Send, U: ?Sized> Sync for LockedBy<T, U> {} 89 93 90 94 impl<T, U> LockedBy<T, U> { ··· 122 118 /// 123 119 /// Panics if `owner` is different from the data protected by the lock used in 124 120 /// [`new`](LockedBy::new). 125 - pub fn access<'a>(&'a self, owner: &'a U) -> &'a T { 121 + pub fn access<'a>(&'a self, owner: &'a U) -> &'a T 122 + where 123 + T: Sync, 124 + { 126 125 build_assert!( 127 126 size_of::<U>() > 0, 128 127 "`U` cannot be a ZST because `owner` wouldn't be unique" ··· 134 127 panic!("mismatched owners"); 135 128 } 136 129 137 - // SAFETY: `owner` is evidence that the owner is locked. 130 + // SAFETY: `owner` is evidence that there are only shared references to the owner for the 131 + // duration of 'a, so it's not possible to use `Self::access_mut` to obtain a mutable 132 + // reference to the inner value that aliases with this shared reference. The type is `Sync` 133 + // so there are no other requirements. 138 134 unsafe { &*self.data.get() } 139 135 } 140 136