From: Danilo Krummrich <dakr@kernel.org>
To: gregkh@linuxfoundation.org, rafael@kernel.org, ojeda@kernel.org,
alex.gaynor@gmail.com, boqun.feng@gmail.com, gary@garyguo.net,
bjorn3_gh@protonmail.com, benno.lossin@proton.me,
a.hindborg@kernel.org, aliceryhl@google.com, tmgross@umich.edu
Cc: linux-kernel@vger.kernel.org, rust-for-linux@vger.kernel.org,
Danilo Krummrich <dakr@kernel.org>
Subject: [PATCH v2 2/2] rust: devres: remove action in `Devres::drop`
Date: Tue, 7 Jan 2025 13:25:11 +0100 [thread overview]
Message-ID: <20250107122609.8135-2-dakr@kernel.org> (raw)
In-Reply-To: <20250107122609.8135-1-dakr@kernel.org>
So far `DevresInner` is kept alive, even if `Devres` is dropped until
the devres callback is executed to avoid a WARN() when the action has
been released already.
With the introduction of devm_remove_action_nowarn() we can remove the
action in `Devres::drop`, handle the case where the action has been
released already and hence also free `DevresInner`.
Signed-off-by: Danilo Krummrich <dakr@kernel.org>
---
v2:
- remove unnecessary call to revoke
- change argument of remove_action() from `&Self` to `&Arc<Self>`
---
rust/kernel/devres.rs | 47 ++++++++++++++++++++++++++++++++-----------
1 file changed, 35 insertions(+), 12 deletions(-)
diff --git a/rust/kernel/devres.rs b/rust/kernel/devres.rs
index 9c9dd39584eb..942376f6f3af 100644
--- a/rust/kernel/devres.rs
+++ b/rust/kernel/devres.rs
@@ -10,15 +10,19 @@
bindings,
device::Device,
error::{Error, Result},
+ ffi::c_void,
prelude::*,
revocable::Revocable,
sync::Arc,
+ types::ARef,
};
use core::ops::Deref;
#[pin_data]
struct DevresInner<T> {
+ dev: ARef<Device>,
+ callback: unsafe extern "C" fn(*mut c_void),
#[pin]
data: Revocable<T>,
}
@@ -98,6 +102,8 @@ impl<T> DevresInner<T> {
fn new(dev: &Device, data: T, flags: Flags) -> Result<Arc<DevresInner<T>>> {
let inner = Arc::pin_init(
pin_init!( DevresInner {
+ dev: dev.into(),
+ callback: Self::devres_callback,
data <- Revocable::new(data),
}),
flags,
@@ -109,9 +115,8 @@ fn new(dev: &Device, data: T, flags: Flags) -> Result<Arc<DevresInner<T>>> {
// SAFETY: `devm_add_action` guarantees to call `Self::devres_callback` once `dev` is
// detached.
- let ret = unsafe {
- bindings::devm_add_action(dev.as_raw(), Some(Self::devres_callback), data as _)
- };
+ let ret =
+ unsafe { bindings::devm_add_action(dev.as_raw(), Some(inner.callback), data as _) };
if ret != 0 {
// SAFETY: We just created another reference to `inner` in order to pass it to
@@ -124,6 +129,32 @@ fn new(dev: &Device, data: T, flags: Flags) -> Result<Arc<DevresInner<T>>> {
Ok(inner)
}
+ fn as_ptr(&self) -> *const Self {
+ self as _
+ }
+
+ fn remove_action(this: &Arc<Self>) {
+ // SAFETY:
+ // - `self.inner.dev` is a valid `Device`,
+ // - the `action` and `data` pointers are the exact same ones as given to devm_add_action()
+ // previously,
+ // - `self` is always valid, even if the action has been released already.
+ let ret = unsafe {
+ bindings::devm_remove_action_nowarn(
+ this.dev.as_raw(),
+ Some(this.callback),
+ this.as_ptr() as _,
+ )
+ };
+
+ if ret == 0 {
+ // SAFETY: We leaked an `Arc` reference to devm_add_action() in `DevresInner::new`; if
+ // devm_remove_action_nowarn() was successful we can (and have to) claim back ownership
+ // of this reference.
+ let _ = unsafe { Arc::from_raw(this.as_ptr()) };
+ }
+ }
+
#[allow(clippy::missing_safety_doc)]
unsafe extern "C" fn devres_callback(ptr: *mut kernel::ffi::c_void) {
let ptr = ptr as *mut DevresInner<T>;
@@ -165,14 +196,6 @@ fn deref(&self) -> &Self::Target {
impl<T> Drop for Devres<T> {
fn drop(&mut self) {
- // Revoke the data, such that it gets dropped already and the actual resource is freed.
- //
- // `DevresInner` has to stay alive until the devres callback has been called. This is
- // necessary since we don't know when `Devres` is dropped and calling
- // `devm_remove_action()` instead could race with `devres_release_all()`.
- //
- // SAFETY: When `drop` runs, it's guaranteed that nobody is accessing the revocable data
- // anymore, hence it is safe not to wait for the grace period to finish.
- unsafe { self.revoke_nosync() };
+ DevresInner::remove_action(&self.0);
}
}
--
2.47.1
prev parent reply other threads:[~2025-01-07 12:26 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-07 12:25 [PATCH v2 1/2] devres: add devm_remove_action_nowarn() Danilo Krummrich
2025-01-07 12:25 ` Danilo Krummrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250107122609.8135-2-dakr@kernel.org \
--to=dakr@kernel.org \
--cc=a.hindborg@kernel.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=gary@garyguo.net \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=ojeda@kernel.org \
--cc=rafael@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.