From: Greg KH <gregkh@linuxfoundation.org>
To: Alice Ryhl <aliceryhl@google.com>
Cc: Alistair Francis <alistair@alistair23.me>,
linux-cxl@vger.kernel.org, linux-kernel@vger.kernel.org,
lukas@wunner.de, linux-pci@vger.kernel.org, bhelgaas@google.com,
Jonathan.Cameron@huawei.com, rust-for-linux@vger.kernel.org,
akpm@linux-foundation.org, boqun.feng@gmail.com,
bjorn3_gh@protonmail.com, wilfred.mallawa@wdc.com,
ojeda@kernel.org, alistair23@gmail.com, a.hindborg@kernel.org,
tmgross@umich.edu, gary@garyguo.net, alex.gaynor@gmail.com,
benno.lossin@proton.me,
Alistair Francis <alistair.francis@wdc.com>
Subject: Re: [RFC v2 09/20] PCI/CMA: Expose in sysfs whether devices are authenticated
Date: Thu, 27 Feb 2025 06:03:02 -0800 [thread overview]
Message-ID: <2025022741-handwoven-game-df08@gregkh> (raw)
In-Reply-To: <CAH5fLghbScOTBnLLRDMdhE4RBhaPfhaqPr=Xivh8VL09wd5XGQ@mail.gmail.com>
On Thu, Feb 27, 2025 at 01:11:01PM +0100, Alice Ryhl wrote:
> On Thu, Feb 27, 2025 at 1:01 PM Greg KH <gregkh@linuxfoundation.org> wrote:
> >
> > On Thu, Feb 27, 2025 at 12:52:02PM +0100, Alice Ryhl wrote:
> > > On Thu, Feb 27, 2025 at 12:17 PM Greg KH <gregkh@linuxfoundation.org> wrote:
> > > >
> > > > On Thu, Feb 27, 2025 at 01:09:41PM +1000, Alistair Francis wrote:
> > > > > + return rust_authenticated_show(spdm_state, buf);
> > > >
> > > > Here you have C code calling into Rust code. I'm not complaining about
> > > > it, but I think it will be the first use of this, and I didn't think
> > > > that the rust maintainers were willing to do that just yet.
> > > >
> > > > Has that policy changed?
> > > >
> > > > The issue here is that the C signature for this is not being
> > > > auto-generated, you have to manually keep it in sync (as you did above),
> > > > with the Rust side. That's not going to scale over time at all, you
> > > > MUST have a .h file somewhere for C to know how to call into this and
> > > > for the compiler to check that all is sane on both sides.
> > > >
> > > > And you are passing a random void * into the Rust side, what could go
> > > > wrong? I think this needs more thought as this is fragile-as-f***.
> > >
> > > I don't think we have a policy against it? I'm pretty sure the QR code
> > > thing does it.
> >
> > Sorry, you are right, it does, and of course it happens (otherwise how
> > would bindings work), but for small functions like this, how is the C
> > code kept in sync with the rust side? Where is the .h file that C
> > should include?
>
> I don't think there is tooling for it today. We need the opposite of
> bindgen, which does exist in a tool called cbindgen. Unfortunately,
> cbindgen is written to only work in cargo-based build systems, so we
> cannot use it.
>
> One trick you could do is write the signature in a header file, and
> then compare what bindgen generates to the real signature like this:
>
> const _: () = {
> if true {
> bindings::my_function
> } else {
> my_function
> };
> };
>
> This would only compile if the two function pointers have the same signature.
That feels just wrong :(
As this seems like it's going to be a longer-term issue, has anyone
thought of how it's going to be handled? Build time errors when
functions change is the key here, no one remembers to manually verify
each caller to verify the variables are correct anymore, that would be a
big step backwards.
thanks,
greg k-h
next prev parent reply other threads:[~2025-02-27 14:04 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-27 3:09 [RFC v2 00/20] lib: Rust implementation of SPDM Alistair Francis
2025-02-27 3:09 ` [RFC v2 01/20] X.509: Make certificate parser public Alistair Francis
2025-02-27 3:09 ` [RFC v2 02/20] X.509: Parse Subject Alternative Name in certificates Alistair Francis
2025-02-27 3:09 ` [RFC v2 03/20] X.509: Move certificate length retrieval into new helper Alistair Francis
2025-02-27 3:09 ` [RFC v2 04/20] certs: Create blacklist keyring earlier Alistair Francis
2025-02-27 3:09 ` [RFC v2 05/20] lib: rspdm: Initial commit of Rust SPDM Alistair Francis
2025-02-27 3:09 ` [RFC v2 06/20] PCI/CMA: Authenticate devices on enumeration Alistair Francis
2025-02-27 3:09 ` [RFC v2 07/20] PCI/CMA: Validate Subject Alternative Name in certificates Alistair Francis
2025-02-27 3:09 ` [RFC v2 08/20] PCI/CMA: Reauthenticate devices on reset and resume Alistair Francis
2025-02-27 3:09 ` [RFC v2 09/20] PCI/CMA: Expose in sysfs whether devices are authenticated Alistair Francis
2025-02-27 11:16 ` Greg KH
2025-02-27 11:52 ` Alice Ryhl
2025-02-27 12:00 ` Greg KH
2025-02-27 12:11 ` Alice Ryhl
2025-02-27 14:03 ` Greg KH [this message]
2025-02-27 16:47 ` Miguel Ojeda
2025-02-27 19:31 ` Greg KH
2025-02-28 8:49 ` Miguel Ojeda
2025-02-27 16:46 ` Miguel Ojeda
2025-02-27 16:45 ` Miguel Ojeda
2025-02-27 19:32 ` Greg KH
2025-02-28 2:27 ` Alistair Francis
2025-03-01 4:27 ` Greg KH
2025-03-05 19:54 ` Dan Williams
2025-03-07 1:04 ` Alistair Francis
2025-03-07 23:37 ` Dan Williams
2025-03-09 22:57 ` Alistair Francis
2025-02-27 22:42 ` Lukas Wunner
2025-02-28 1:39 ` Greg KH
2025-02-28 2:55 ` Alistair Francis
2025-03-01 4:33 ` Greg KH
2025-03-01 18:01 ` Lukas Wunner
2025-02-27 3:09 ` [RFC v2 10/20] lib: rspdm: Support SPDM get_version Alistair Francis
2025-02-27 3:09 ` [RFC v2 11/20] lib: rspdm: Support SPDM get_capabilities Alistair Francis
2025-02-27 3:09 ` [RFC v2 12/20] lib: rspdm: Support SPDM negotiate_algorithms Alistair Francis
2025-02-27 3:09 ` [RFC v2 13/20] lib: rspdm: Support SPDM get_digests Alistair Francis
2025-02-27 3:09 ` [RFC v2 14/20] lib: rspdm: Support SPDM get_certificate Alistair Francis
2025-02-27 10:58 ` Greg KH
2025-02-27 3:09 ` [RFC v2 15/20] crypto: asymmetric_keys - Load certificate parsing early in boot Alistair Francis
2025-02-27 3:09 ` [RFC v2 16/20] KEYS: Load keyring and certificates " Alistair Francis
2025-02-27 3:09 ` [RFC v2 17/20] PCI/CMA: Support built in X.509 certificates Alistair Francis
2025-02-27 3:09 ` [RFC v2 18/20] lib: rspdm: Support SPDM certificate validation Alistair Francis
2025-02-27 3:09 ` [RFC v2 19/20] rust: allow extracting the buffer from a CString Alistair Francis
2025-02-27 7:52 ` Alice Ryhl
2025-02-27 3:09 ` [RFC v2 20/20] lib: rspdm: Support SPDM challenge Alistair Francis
2025-06-11 13:37 ` [RFC v2 00/20] lib: Rust implementation of SPDM Jonathan Cameron
2025-06-12 5:57 ` Alistair Francis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2025022741-handwoven-game-df08@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=Jonathan.Cameron@huawei.com \
--cc=a.hindborg@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=alistair.francis@wdc.com \
--cc=alistair23@gmail.com \
--cc=alistair@alistair23.me \
--cc=benno.lossin@proton.me \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=gary@garyguo.net \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
--cc=wilfred.mallawa@wdc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).