From: Danilo Krummrich <dakr@kernel.org>
To: Boqun Feng <boqun.feng@gmail.com>
Cc: Christian Schrefl <chrisi.schrefl@gmail.com>,
gregkh@linuxfoundation.org, rafael@kernel.org,
bhelgaas@google.com, kwilczynski@kernel.org, zhiw@nvidia.com,
cjia@nvidia.com, jhubbard@nvidia.com, bskeggs@nvidia.com,
acurrid@nvidia.com, joelagnelf@nvidia.com, ttabi@nvidia.com,
acourbot@nvidia.com, ojeda@kernel.org, alex.gaynor@gmail.com,
gary@garyguo.net, bjorn3_gh@protonmail.com,
benno.lossin@proton.me, a.hindborg@kernel.org,
aliceryhl@google.com, tmgross@umich.edu,
linux-pci@vger.kernel.org, rust-for-linux@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/3] rust: revocable: implement Revocable::access()
Date: Sat, 26 Apr 2025 19:01:52 +0200 [thread overview]
Message-ID: <aA0RgOL09bBa0M19@pollux> (raw)
In-Reply-To: <aA0P4lr0A2s--5bI@Mac.home>
On Sat, Apr 26, 2025 at 09:54:58AM -0700, Boqun Feng wrote:
> On Sat, Apr 26, 2025 at 06:44:03PM +0200, Christian Schrefl wrote:
> > On 26.04.25 3:30 PM, Danilo Krummrich wrote:
> > > Implement an unsafe direct accessor for the data stored within the
> > > Revocable.
> > >
> > > This is useful for cases where we can proof that the data stored within
> > > the Revocable is not and cannot be revoked for the duration of the
> > > lifetime of the returned reference.
> > >
> > > Signed-off-by: Danilo Krummrich <dakr@kernel.org>
> > > ---
> > > The explicit lifetimes in access() probably don't serve a practical
> > > purpose, but I found them to be useful for documentation purposes.
> > > ---> rust/kernel/revocable.rs | 12 ++++++++++++
> > > 1 file changed, 12 insertions(+)
> > >
> > > diff --git a/rust/kernel/revocable.rs b/rust/kernel/revocable.rs
> > > index 971d0dc38d83..33535de141ce 100644
> > > --- a/rust/kernel/revocable.rs
> > > +++ b/rust/kernel/revocable.rs
> > > @@ -139,6 +139,18 @@ pub fn try_access_with<R, F: FnOnce(&T) -> R>(&self, f: F) -> Option<R> {
> > > self.try_access().map(|t| f(&*t))
> > > }
> > >
> > > + /// Directly access the revocable wrapped object.
> > > + ///
> > > + /// # Safety
> > > + ///
> > > + /// The caller must ensure this [`Revocable`] instance hasn't been revoked and won't be revoked
> > > + /// for the duration of `'a`.
> > > + pub unsafe fn access<'a, 's: 'a>(&'s self) -> &'a T {
> > I'm not sure if the `'s` lifetime really carries much meaning here.
> > I find just (explicit) `'a` on both parameter and return value is clearer to me,
> > but I'm not sure what others (particularly those not very familiar with rust)
> > think of this.
>
> Yeah, I don't think we need two lifetimes here, the following version
> should be fine (with implicit lifetime):
>
> pub unsafe fn access(&self) -> &T { ... }
>
> , because if you do:
>
> let revocable: &'1 Revocable = ...;
> ...
> let t: &'2 T = unsafe { revocable.access() };
>
> '1 should already outlive '2 (i.e. '1: '2).
Yes, this is indeed sufficient, that's why I wrote
"The explicit lifetimes in access() probably don't serve a practical
purpose, but I found them to be useful for documentation purposes."
below the commit message. :)
Any opinions in terms of documentation purposes?
> >
> > Either way:
> >
> > Reviewed-by: Christian Schrefl <chrisi.schrefl@gmail.com>
> >
> > > + // SAFETY: By the safety requirement of this function it is guaranteed that
> > > + // `self.data.get()` is a valid pointer to an instance of `T`.
> > > + unsafe { &*self.data.get() }
> > > + }
> > > +
> > > /// # Safety
> > > ///
> > > /// Callers must ensure that there are no more concurrent users of the revocable object.
> >
next prev parent reply other threads:[~2025-04-26 17:01 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-26 13:30 [PATCH 0/3] Devres optimization with bound devices Danilo Krummrich
2025-04-26 13:30 ` [PATCH 1/3] rust: revocable: implement Revocable::access() Danilo Krummrich
2025-04-26 16:44 ` Christian Schrefl
2025-04-26 16:54 ` Boqun Feng
2025-04-26 17:01 ` Danilo Krummrich [this message]
2025-04-26 17:09 ` Christian Schrefl
2025-04-26 17:19 ` Boqun Feng
2025-04-26 17:03 ` Christian Schrefl
2025-04-26 20:16 ` Benno Lossin
2025-04-26 20:24 ` Benno Lossin
2025-04-26 21:18 ` Danilo Krummrich
2025-04-26 13:30 ` [PATCH 2/3] rust: devres: implement Devres::access_with() Danilo Krummrich
2025-04-26 16:53 ` Christian Schrefl
2025-04-26 17:08 ` Danilo Krummrich
2025-04-26 17:18 ` Christian Schrefl
2025-04-26 20:18 ` Benno Lossin
2025-04-27 13:15 ` Alexandre Courbot
2025-04-27 14:17 ` Danilo Krummrich
2025-04-26 13:30 ` [PATCH 3/3] samples: rust: pci: take advantage of Devres::access_with() Danilo Krummrich
2025-04-26 20:30 ` Benno Lossin
2025-04-26 21:26 ` Danilo Krummrich
2025-04-27 8:56 ` Benno Lossin
2025-04-27 10:20 ` Danilo Krummrich
2025-04-27 17:05 ` Benno Lossin
2025-04-26 17:09 ` [PATCH 0/3] Devres optimization with bound devices Boqun Feng
2025-04-26 17:14 ` Danilo Krummrich
2025-04-26 17:17 ` Boqun Feng
-- strict thread matches above, loose matches on Subject: below --
2025-04-27 8:37 [PATCH 1/3] rust: revocable: implement Revocable::access() Benno Lossin
2025-04-27 10:13 ` Danilo Krummrich
2025-04-27 17:15 ` Benno Lossin
2025-04-27 17:28 ` Danilo Krummrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aA0RgOL09bBa0M19@pollux \
--to=dakr@kernel.org \
--cc=a.hindborg@kernel.org \
--cc=acourbot@nvidia.com \
--cc=acurrid@nvidia.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=benno.lossin@proton.me \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=bskeggs@nvidia.com \
--cc=chrisi.schrefl@gmail.com \
--cc=cjia@nvidia.com \
--cc=gary@garyguo.net \
--cc=gregkh@linuxfoundation.org \
--cc=jhubbard@nvidia.com \
--cc=joelagnelf@nvidia.com \
--cc=kwilczynski@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=ojeda@kernel.org \
--cc=rafael@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
--cc=ttabi@nvidia.com \
--cc=zhiw@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.