From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6AAF0341ADD; Wed, 11 Feb 2026 16:37:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770827875; cv=none; b=ejnMYjbIinV7LvuV2kEIZzsDaWzWRFmuvfNO+T7MNgUZKX2dhrwDLsutCL1h3IrQj2gJUgEyLeyajblCFpipC+WJGbwuCHmMdH4TpJZRSlxazkESwvFLRI1wcpe+s0RCMG2UCcC4XNksxGcvGAAQsI3STP8w31BEDwd4C/mRzXA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770827875; c=relaxed/simple; bh=N4BFmuWQ/WPOUmQeIFOT/JQw3aZcuNZ5Ic0+qE7JO5A=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=nRud1aiIYj8+j7Hj03AaUkKx/6t4HC+af5d5rftvdm1gKnD5DTWw8qAfg2Sr6WVCD9a3XPTtAnBhMZWUn0gLXiQJ7Xnm5IkFPjt4Pu+iCPPav2ecLZKpe93wP+cZIFJq4YaZilSXUxQJ9UYVw5um5Hqj/zQnwAClYfmyyHf3FmA= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=YTrP6Ifg; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="YTrP6Ifg" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7F105C4CEF7; Wed, 11 Feb 2026 16:37:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1770827875; bh=N4BFmuWQ/WPOUmQeIFOT/JQw3aZcuNZ5Ic0+qE7JO5A=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=YTrP6Ifgrg5QMICHMqBxdHlpO2tyOdVv6eoq2NRvoIBL5ZJg5/FGwIJGuQ6hTShf6 QyNyhheDUm/u4Y+R2nhlRVH6fOB69LV3xfGaMcnc56Kgk1Dnx14hl9aZNNWVcPVkwS bElLBxZT1KuRNO1Y3tDFHWr+618kqWCvcsdmfotCjre41jFdSYgNAdYjbTHchFzeqe xBpgNs7DeR2zQn5CLt86nzEM1gqZrls2adrD0thGMYE1ex2V9/eqyIc83/sVgeNYJ7 xAWYlp5he/08r44o/x1f4S39Pu4vU2kcTop7JcuQhtOHUwsD/Wr1BqfPMITELR+UV2 bAGpo6qi4PWIw== Date: Wed, 11 Feb 2026 17:37:52 +0100 From: Maxime Ripard To: Boris Brezillon Cc: Daniel Almeida , Danilo Krummrich , Alice Ryhl , "Rafael J. Wysocki" , Viresh Kumar , Maarten Lankhorst , Thomas Zimmermann , David Airlie , Simona Vetter , Drew Fustini , Guo Ren , Fu Wei , Uwe =?utf-8?Q?Kleine-K=C3=B6nig?= , Michael Turquette , Stephen Boyd , Miguel Ojeda , Boqun Feng , Gary Guo , =?utf-8?B?QmrDtnJu?= Roy Baron , Benno Lossin , Andreas Hindborg , Trevor Gross , linux-pm@vger.kernel.org, linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org, linux-riscv@lists.infradead.org, linux-pwm@vger.kernel.org, linux-clk@vger.kernel.org, rust-for-linux@vger.kernel.org Subject: Re: [PATCH v3 1/3] rust: clk: use the type-state pattern Message-ID: <20260211-flawless-feathered-boar-0b87ad@houat> References: <518D8B09-B9A1-4DB4-85CD-37A2DD3D5FB1@collabora.com> <20260119-weightless-pelican-of-anger-190db0@houat> <20260122-majestic-masterful-jaguarundi-d0abde@houat> <2F3D3A40-6EF9-46FC-A769-E5A3AAF67E65@collabora.com> <20260204-nickel-seal-of-poetry-8fdefb@houat> <91A92D84-1F2E-45F3-82EC-6A97D32E2A78@collabora.com> <20260204-angelic-vermilion-beagle-fd1507@houat> <20260209105047.693f2515@fedora> Precedence: bulk X-Mailing-List: rust-for-linux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha384; protocol="application/pgp-signature"; boundary="va37xmuzn6sqyd6c" Content-Disposition: inline In-Reply-To: <20260209105047.693f2515@fedora> --va37xmuzn6sqyd6c Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Subject: Re: [PATCH v3 1/3] rust: clk: use the type-state pattern MIME-Version: 1.0 On Mon, Feb 09, 2026 at 10:50:47AM +0100, Boris Brezillon wrote: > Hi Maxime, >=20 > On Wed, 4 Feb 2026 15:34:29 +0100 > Maxime Ripard wrote: >=20 > > On Wed, Feb 04, 2026 at 09:43:55AM -0300, Daniel Almeida wrote: > > > > I'm probably missing something then, but let's assume you have a dr= iver > > > > that wants its clock prepared and enabled in an hypothetical enable= () > > > > callback, and disabled / unprepared in a disable() callback. > > > >=20 > > > > From a PM management perspective, this usecase makes total sense, i= s a > > > > valid usecase, is widely used in the kernel, and is currently suppo= rted > > > > by both the C and Rust clk APIs. > > > >=20 > > > > The only solution to this you suggested so far (I think?) to implem= ent > > > > this on top of the new clk API you propose is to have a driver spec= ific > > > > enum that would store each of the possible state transition. =20 > > >=20 > > > Yes, you need an enum _if_ you want to model transitions at runtime. = IIUC you > > > only need two variants to implement the pattern you described. I do n= ot > > > consider this =E2=80=9Cboilerplate=E2=80=9D, but rather a small cost= to pay. =20 > >=20 > > A maintenance cost to pay by every driver is kind of the textbook > > definition of boilerplate to me. > >=20 > > > I would understand if this was some elaborate pattern that had to be > > > implemented by all drivers, but a two-variant enum is as > > > straightforward as it gets. =20 > >=20 > > And yet, that framework has dozens of helpers that do not remove > > anything from drivers but a couple of lines. So surely its users must > > find value in reducing that boilerplate as much as possible. And you do > > implement some of them, so you must find value in that too. > >=20 > > > > That's the boilerplate I'm talking about. If every driver wanting to > > > > implement that pattern has to make such an enum, with all the relev= ant > > > > traits implementation that might come with it, we go from an API wh= ere > > > > everything works at no-cost from a code-size perspective to a situa= tion > > > > where every driver has to develop and maintain that enum. =20 > > > > > > There are no "traits that come with it". It's just an enum, with two > > > variants. > > > =20 > > > > API where everything works at no-cost =20 > > >=20 > > > The previous API was far from =E2=80=9Ceverything works=E2=80=9D. It = was fundamentally > > > broken by design in multiple ways, i.e.: =20 > >=20 > > Out of context and not what I meant, but ok. > >=20 > > > > a) It only keeps track of a count to clk_get(), which means that us= ers have > > > > to manually call disable() and unprepare(), or a variation of those= , like > > > > disable_unprepare(). > > > >=20 > > > > b) It allows repeated calls to prepare() or enable(), but it keeps = no track > > > > of how often these were called, i.e., it's currently legal to write= the > > > > following: > > > >=20 > > > > clk.prepare(); > > > > clk.prepare(); > > > > clk.enable(); > > > > clk.enable(); > > > >=20 > > > > And nothing gets undone on drop(). =20 > > >=20 > > > IMHO, what we have here is an improvement that has been long overdue.= =20 > >=20 > > Nothing is absolute. It is indeed an improvement on the refcounting side > > of things and general safety of the API for the general case. I don't > > think I ever questionned that. > >=20 > > However, for the use-cases we've been discussing (and dozens of drivers > > implementing it), it also comes with a regression in the amount of code > > to create and maintain. They used to be able to only deal with the Clk > > structure, and now they can't anymore. > >=20 > > You might find that neglible, you might have a plan to address that in > > the future, etc. and that's fine, but if you can't acknowledge that it's > > indeed happening, there's no point in me raising the issue and > > continuing the discussion. >=20 >=20 > Okay, let's see if I can sum-up the use case you'd like to support. You > have some PM hooks, which I'm assuming are (or will be) written in > rust. It will probably take the form of some Device{Rpm,Pm} trait to > implement for your XxxDeviceData (Xxx being the bus under which is > device is) object (since I've only recently joined the R4L effort, I > wouldn't be surprised if what I'm describing already exists or is > currently being proposed/reviewed somewhere, so please excuse my > ignorance if that's the case :-)). >=20 > The way I see it, rather than having one enum per clk/regulator/xxx > where we keep track of each state individually, what we could have is a >=20 > trait DevicePm { > type ResumedState; > type SuspendedState; >=20 > fn resume(&self, state: SuspendedState) -> Result>; > fn suspend(&self, state: SuspendedState) -> Result>; > }; >=20 > enum DeviceState { > Resumed(T::ResumedState), > Suspended(T::SuspendedState), > }; >=20 > and then in your driver: >=20 > MySuspendedDeviceResources { > xxx_clk: Clk, > }; >=20 > MyResumedDeviceResources { > xxx_clk: Clk, > }; >=20 > implem DevicePm for MyDevice { > type ResumedState =3D MyResumedDeviceResources; > type SuspendedState =3D MySuspendedDeviceResources; >=20 > fn resume(&self, state: SuspendedState) -> Result> { > // FIXME: error propagation not handled > let enabled_clk =3D state.xxx_clk.clone().prepare()?.enable()?; >=20 > Ok(ResumedState { > xxx_clk: enabled_clk, > }); > } >=20 > fn suspend(&self, state: ResumedState) -> Result> { > // FIXME: error propagation not handled > let unprep_clk =3D state.xxx_clk.clone().disable().unprepare(); >=20 > Ok(SuspendedState { > xxx_clk: unprep_clk, > }); > } > }; I'm not sure we need to associate this with the suspend/resume state either. > With this model, I don't think Daniel's refactor goes in the way of more > generalization at the core level, it's just expressed differently than > it would be if it was written in C. And I say that as someone who struggl= es > with his C developer bias every time I'm looking at or trying to write > rust code. > > As others have said in this thread (Danilo and Gary), and after having > played myself with both approaches in Tyr, I do see this shift from manual > prepare/enable to an RAII approach as an improvement, so I hope we can > find a middle-ground where every one is happy. I do think we can find a compromise though. Miguel suggested for example to make the current enable/prepare/disable/unprepare function unsafe, and that's totally reasonable to me. Then we can implement the "managed" clock version on that unsafe API, and we would end up with a "raw", unsafe, version kind of equivalent to the one we have today, and where callers would have to justify why their usage of the API is actually safe, or the new, managed, variant that is safe and can be easily used by most drivers. And we can call these RawClk vs Clk, or Clk vs ManagedClk, or whatever. How does that sound? Maxime --va37xmuzn6sqyd6c Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iJUEABMJAB0WIQTkHFbLp4ejekA/qfgnX84Zoj2+dgUCaYywWgAKCRAnX84Zoj2+ diFgAX9NbiTV8lVrQ44u9f4DSVUDq686eOaj7uci6rHY5OPcA0wNpSJTAhKA8TuV 919XgiwBgM5+jjSrFFfXQ56tF54ch32+uMVDYbpBRp2fx+0+OfxMqCuAQkASAYrZ mfHt8q7GSg== =MEar -----END PGP SIGNATURE----- --va37xmuzn6sqyd6c--