[PATCH] rust: alloc: satisfy `aligned

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] rust: alloc: satisfy `aligned_alloc` requirements
@ 2025-02-01 18:58 Tamir Duberstein
  2025-02-01 20:18 ` Danilo Krummrich
  0 siblings, 1 reply; 5+ messages in thread
From: Tamir Duberstein @ 2025-02-01 18:58 UTC (permalink / raw)
  To: Danilo Krummrich, Miguel Ojeda, Alex Gaynor, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg, Alice Ryhl,
	Trevor Gross
  Cc: rust-for-linux, linux-kernel, Tamir Duberstein

The implementation added in commit dd09538fb409 ("rust: alloc: implement
`Cmalloc` in module allocator_test") did not honor the documented
requirements of `aligned_alloc`. These requirements may not be enforced
on all system, but they are on macOS. Ensure that alignment is at least
`sizeof(void *)` and round size up to the nearest multiple of that
value.

Fixes: dd09538fb409 ("rust: alloc: implement `Cmalloc` in module allocator_test")

Signed-off-by: Tamir Duberstein <tamird@gmail.com>
---
 rust/kernel/alloc/allocator_test.rs | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/rust/kernel/alloc/allocator_test.rs b/rust/kernel/alloc/allocator_test.rs
index e3240d16040b..f360fc2e20f2 100644
--- a/rust/kernel/alloc/allocator_test.rs
+++ b/rust/kernel/alloc/allocator_test.rs
@@ -62,9 +62,22 @@ unsafe fn realloc(
             ));
         }
 
+        // According to `man aligned_alloc`:
+        //
+        // aligned_alloc() returns a NULL pointer and sets errno to EINVAL if size is not an
+        // integral multiple of alignment, or if alignment is not a power of 2 at least as large as
+        // sizeof(void *).
+        let alignment = layout.align();
+        let minimum_alignment = core::mem::size_of::<*const crate::ffi::c_void>();
+        let (alignment, size) = if alignment < minimum_alignment {
+            (minimum_alignment, layout.size().div_ceil(minimum_alignment) * minimum_alignment)
+        } else {
+            (alignment, layout.size())
+        };
+
         // SAFETY: Returns either NULL or a pointer to a memory allocation that satisfies or
         // exceeds the given size and alignment requirements.
-        let dst = unsafe { libc_aligned_alloc(layout.align(), layout.size()) } as *mut u8;
+        let dst = unsafe { libc_aligned_alloc(alignment, size) } as *mut u8;
         let dst = NonNull::new(dst).ok_or(AllocError)?;
 
         if flags.contains(__GFP_ZERO) {

---
base-commit: 89a010129b2a60185d34d7377ef8aec7fbb92e76
change-id: 20250201-aligned-alloc-b52cb2353c82

Best regards,
-- 
Tamir Duberstein <tamird@gmail.com>


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] rust: alloc: satisfy `aligned_alloc` requirements
  2025-02-01 18:58 [PATCH] rust: alloc: satisfy `aligned_alloc` requirements Tamir Duberstein
@ 2025-02-01 20:18 ` Danilo Krummrich
  2025-02-01 21:19   ` Tamir Duberstein
  0 siblings, 1 reply; 5+ messages in thread
From: Danilo Krummrich @ 2025-02-01 20:18 UTC (permalink / raw)
  To: Tamir Duberstein
  Cc: Miguel Ojeda, Alex Gaynor, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg, Alice Ryhl,
	Trevor Gross, rust-for-linux, linux-kernel

Hi Tamir,

On Sat, Feb 01, 2025 at 01:58:10PM -0500, Tamir Duberstein wrote:
> The implementation added in commit dd09538fb409 ("rust: alloc: implement
> `Cmalloc` in module allocator_test") did not honor the documented
> requirements of `aligned_alloc`. These requirements may not be enforced
> on all system, but they are on macOS. Ensure that alignment is at least
> `sizeof(void *)` and round size up to the nearest multiple of that
> value.

Good catch!

> 
> Fixes: dd09538fb409 ("rust: alloc: implement `Cmalloc` in module allocator_test")
> 
> Signed-off-by: Tamir Duberstein <tamird@gmail.com>
> ---
>  rust/kernel/alloc/allocator_test.rs | 15 ++++++++++++++-
>  1 file changed, 14 insertions(+), 1 deletion(-)
> 
> diff --git a/rust/kernel/alloc/allocator_test.rs b/rust/kernel/alloc/allocator_test.rs
> index e3240d16040b..f360fc2e20f2 100644
> --- a/rust/kernel/alloc/allocator_test.rs
> +++ b/rust/kernel/alloc/allocator_test.rs
> @@ -62,9 +62,22 @@ unsafe fn realloc(
>              ));
>          }
>  
> +        // According to `man aligned_alloc`:
> +        //
> +        // aligned_alloc() returns a NULL pointer and sets errno to EINVAL if size is not an
> +        // integral multiple of alignment, or if alignment is not a power of 2 at least as large as
> +        // sizeof(void *).
> +        let alignment = layout.align();
> +        let minimum_alignment = core::mem::size_of::<*const crate::ffi::c_void>();
> +        let (alignment, size) = if alignment < minimum_alignment {
> +            (minimum_alignment, layout.size().div_ceil(minimum_alignment) * minimum_alignment)
> +        } else {
> +            (alignment, layout.size())
> +        };
> +

I think I prefer this to be slightly more compact:

   let min_align = core::mem::size_of::<*const crate::ffi::c_void>();
   let (align, size) = if layout.align() < min_align {
       (min_align, layout.size().div_ceil(min_align) * min_align)
   } else {
       (layout.align(), layout.size())
   };

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] rust: alloc: satisfy `aligned_alloc` requirements
  2025-02-01 20:18 ` Danilo Krummrich
@ 2025-02-01 21:19   ` Tamir Duberstein
  2025-02-01 21:58     ` Danilo Krummrich
  0 siblings, 1 reply; 5+ messages in thread
From: Tamir Duberstein @ 2025-02-01 21:19 UTC (permalink / raw)
  To: Danilo Krummrich
  Cc: Miguel Ojeda, Alex Gaynor, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg, Alice Ryhl,
	Trevor Gross, rust-for-linux, linux-kernel

Hi Danilo, thanks for the review!

On Sat, Feb 1, 2025 at 3:18 PM Danilo Krummrich <dakr@kernel.org> wrote:
>
> I think I prefer this to be slightly more compact:
>
>    let min_align = core::mem::size_of::<*const crate::ffi::c_void>();
>    let (align, size) = if layout.align() < min_align {
>        (min_align, layout.size().div_ceil(min_align) * min_align)
>    } else {
>        (layout.align(), layout.size())
>    };

I was trying to avoid repeated calls to either function, but I'm happy
to shorten the variable names. Would that suit?

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] rust: alloc: satisfy `aligned_alloc` requirements
  2025-02-01 21:19   ` Tamir Duberstein
@ 2025-02-01 21:58     ` Danilo Krummrich
  2025-02-01 22:01       ` Tamir Duberstein
  0 siblings, 1 reply; 5+ messages in thread
From: Danilo Krummrich @ 2025-02-01 21:58 UTC (permalink / raw)
  To: Tamir Duberstein
  Cc: Miguel Ojeda, Alex Gaynor, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg, Alice Ryhl,
	Trevor Gross, rust-for-linux, linux-kernel

On Sat, Feb 01, 2025 at 04:19:48PM -0500, Tamir Duberstein wrote:
> Hi Danilo, thanks for the review!
> 
> On Sat, Feb 1, 2025 at 3:18 PM Danilo Krummrich <dakr@kernel.org> wrote:
> >
> > I think I prefer this to be slightly more compact:
> >
> >    let min_align = core::mem::size_of::<*const crate::ffi::c_void>();
> >    let (align, size) = if layout.align() < min_align {
> >        (min_align, layout.size().div_ceil(min_align) * min_align)
> >    } else {
> >        (layout.align(), layout.size())
> >    };
> 
> I was trying to avoid repeated calls to either function, but I'm happy
> to shorten the variable names. Would that suit?

I think calling layout.align() twice is fine, no need shadow align for that.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] rust: alloc: satisfy `aligned_alloc` requirements
  2025-02-01 21:58     ` Danilo Krummrich
@ 2025-02-01 22:01       ` Tamir Duberstein
  0 siblings, 0 replies; 5+ messages in thread
From: Tamir Duberstein @ 2025-02-01 22:01 UTC (permalink / raw)
  To: Danilo Krummrich
  Cc: Miguel Ojeda, Alex Gaynor, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg, Alice Ryhl,
	Trevor Gross, rust-for-linux, linux-kernel

On Sat, Feb 1, 2025 at 4:58 PM Danilo Krummrich <dakr@kernel.org> wrote:
>
> On Sat, Feb 01, 2025 at 04:19:48PM -0500, Tamir Duberstein wrote:
> > Hi Danilo, thanks for the review!
> >
> > On Sat, Feb 1, 2025 at 3:18 PM Danilo Krummrich <dakr@kernel.org> wrote:
> > >
> > > I think I prefer this to be slightly more compact:
> > >
> > >    let min_align = core::mem::size_of::<*const crate::ffi::c_void>();
> > >    let (align, size) = if layout.align() < min_align {
> > >        (min_align, layout.size().div_ceil(min_align) * min_align)
> > >    } else {
> > >        (layout.align(), layout.size())
> > >    };
> >
> > I was trying to avoid repeated calls to either function, but I'm happy
> > to shorten the variable names. Would that suit?
>
> I think calling layout.align() twice is fine, no need shadow align for that.

Sure. Anything else?

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2025-02-01 22:02 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-02-01 18:58 [PATCH] rust: alloc: satisfy `aligned_alloc` requirements Tamir Duberstein
2025-02-01 20:18 ` Danilo Krummrich
2025-02-01 21:19   ` Tamir Duberstein
2025-02-01 21:58     ` Danilo Krummrich
2025-02-01 22:01       ` Tamir Duberstein

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.