From: Moritz Zielke via B4 Relay <devnull+moritz.zielke.gmail.com@kernel.org>
To: "Danilo Krummrich" <dakr@kernel.org>,
"Alice Ryhl" <aliceryhl@google.com>,
"Daniel Almeida" <daniel.almeida@collabora.com>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <lossin@kernel.org>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Trevor Gross" <tmgross@umich.edu>
Cc: rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org,
Moritz Zielke <moritz.zielke@gmail.com>
Subject: [PATCH] rust: io: convert ResourceSize to newtype
Date: Wed, 03 Dec 2025 18:03:26 +0100 [thread overview]
Message-ID: <20251203-res-size-newtype-v1-1-22ed0b8a7a18@gmail.com> (raw)
From: Moritz Zielke <moritz.zielke@gmail.com>
Makes ResourceSize a newtype wrapper around the type for which it
previously was an alias. This should help prevent mistakes by
restricting what operations are possible with ResourceSize.
Suggested-by: Miguel Ojeda <ojeda@kernel.org>
Link: https://github.com/Rust-for-Linux/linux/issues/1203
Signed-off-by: Moritz Zielke <moritz.zielke@gmail.com>
---
I think with [1] the prerequisites for making ResourceSize a newtype
have been applied to the driver-core-testing branch of driver-core.
So I developed this patch against driver-core-testing.
[1] https://lore.kernel.org/lkml/DE0C1KA14PDQ.Q2CJDDTQPWOK@kernel.org/
---
rust/kernel/io.rs | 38 ++++++++++++++++++++++++++++++++++++--
rust/kernel/io/resource.rs | 6 +++---
2 files changed, 39 insertions(+), 5 deletions(-)
diff --git a/rust/kernel/io.rs b/rust/kernel/io.rs
index 98e8b84e68d1..490f60680090 100644
--- a/rust/kernel/io.rs
+++ b/rust/kernel/io.rs
@@ -4,6 +4,8 @@
//!
//! C header: [`include/asm-generic/io.h`](srctree/include/asm-generic/io.h)
+use core::num::TryFromIntError;
+
use crate::{
bindings,
prelude::*, //
@@ -23,9 +25,41 @@
/// Resource Size type.
///
-/// This is a type alias to either `u32` or `u64` depending on the config option
+/// This is a transparent wrapper around either `u32` or `u64` depending on the config option
/// `CONFIG_PHYS_ADDR_T_64BIT`, and it can be a u64 even on 32-bit architectures.
-pub type ResourceSize = bindings::resource_size_t;
+#[repr(transparent)]
+#[derive(Copy, Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Default)]
+pub struct ResourceSize(bindings::phys_addr_t);
+
+impl From<ffi::c_uint> for ResourceSize {
+ #[inline]
+ fn from(value: ffi::c_uint) -> Self {
+ Self(value.into())
+ }
+}
+
+impl From<bindings::resource_size_t> for ResourceSize {
+ #[inline]
+ fn from(value: bindings::resource_size_t) -> Self {
+ Self(value.into())
+ }
+}
+
+impl TryFrom<ResourceSize> for usize {
+ type Error = TryFromIntError;
+
+ #[inline]
+ fn try_from(value: ResourceSize) -> Result<Self, Self::Error> {
+ usize::try_from(value.0)
+ }
+}
+
+impl From<ResourceSize> for bindings::resource_size_t {
+ #[inline]
+ fn from(value: ResourceSize) -> Self {
+ value.0
+ }
+}
/// Raw representation of an MMIO region.
///
diff --git a/rust/kernel/io/resource.rs b/rust/kernel/io/resource.rs
index 56cfde97ce87..841bb00b8418 100644
--- a/rust/kernel/io/resource.rs
+++ b/rust/kernel/io/resource.rs
@@ -58,7 +58,7 @@ fn drop(&mut self) {
};
// SAFETY: Safe as per the invariant of `Region`.
- unsafe { release_fn(start, size) };
+ unsafe { release_fn(start, size.into()) };
}
}
@@ -114,7 +114,7 @@ pub fn request_region(
bindings::__request_region(
self.0.get(),
start,
- size,
+ size.into(),
name.as_char_ptr(),
flags.0 as c_int,
)
@@ -130,7 +130,7 @@ pub fn request_region(
pub fn size(&self) -> ResourceSize {
let inner = self.0.get();
// SAFETY: Safe as per the invariants of `Resource`.
- unsafe { bindings::resource_size(inner) }
+ unsafe { bindings::resource_size(inner) }.into()
}
/// Returns the start address of the resource.
---
base-commit: 473b9f331718267815649cd93801da832200db71
change-id: 20251203-res-size-newtype-6fe140bc0038
Best regards,
--
Moritz Zielke <moritz.zielke@gmail.com>
next reply other threads:[~2025-12-03 17:04 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-03 17:03 Moritz Zielke via B4 Relay [this message]
2025-12-08 18:48 ` [PATCH] rust: io: convert ResourceSize to newtype kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251203-res-size-newtype-v1-1-22ed0b8a7a18@gmail.com \
--to=devnull+moritz.zielke.gmail.com@kernel.org \
--cc=a.hindborg@kernel.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=dakr@kernel.org \
--cc=daniel.almeida@collabora.com \
--cc=gary@garyguo.net \
--cc=linux-kernel@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=moritz.zielke@gmail.com \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).