tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

firmware: rust: improve safety comments

Improve the wording of safety comments to be more explicit about what
exactly is guaranteed to be valid.

Suggested-by: Benno Lossin <benno.lossin@proton.me>
Signed-off-by: Danilo Krummrich <dakr@redhat.com>
Link: https://lore.kernel.org/r/20240619132029.59296-1-dakr@redhat.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

Danilo Krummrich and committed by
Greg Kroah-Hartman bbe98f4f 269e974e

+6 -7
+6 -7
rust/kernel/firmware.rs
··· 22 22 /// 23 23 /// The pointer is valid, and has ownership over the instance of `struct firmware`. 24 24 /// 25 - /// Once requested, the `Firmware` backing buffer is not modified until it is freed when `Firmware` 26 - /// is dropped. 25 + /// The `Firmware`'s backing buffer is not modified. 27 26 /// 28 27 /// # Examples 29 28 /// ··· 71 72 72 73 /// Returns the size of the requested firmware in bytes. 73 74 pub fn size(&self) -> usize { 74 - // SAFETY: Safe by the type invariant. 75 + // SAFETY: `self.as_raw()` is valid by the type invariant. 75 76 unsafe { (*self.as_raw()).size } 76 77 } 77 78 78 79 /// Returns the requested firmware as `&[u8]`. 79 80 pub fn data(&self) -> &[u8] { 80 - // SAFETY: Safe by the type invariant. Additionally, `bindings::firmware` guarantees, if 81 - // successfully requested, that `bindings::firmware::data` has a size of 82 - // `bindings::firmware::size` bytes. 81 + // SAFETY: `self.as_raw()` is valid by the type invariant. Additionally, 82 + // `bindings::firmware` guarantees, if successfully requested, that 83 + // `bindings::firmware::data` has a size of `bindings::firmware::size` bytes. 83 84 unsafe { core::slice::from_raw_parts((*self.as_raw()).data, self.size()) } 84 85 } 85 86 } 86 87 87 88 impl Drop for Firmware { 88 89 fn drop(&mut self) { 89 - // SAFETY: Safe by the type invariant. 90 + // SAFETY: `self.as_raw()` is valid by the type invariant. 90 91 unsafe { bindings::release_firmware(self.as_raw()) }; 91 92 } 92 93 }