Re: [PATCH WIP 5/8] rust: alloc: implement AllocatorWithFlags for KernelAllocator

rust-for-linux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Danilo Krummrich <dakr@redhat.com>
To: Benno Lossin <benno.lossin@proton.me>
Cc: ojeda@kernel.org, alex.gaynor@gmail.com, wedsonaf@gmail.com,
	boqun.feng@gmail.com, gary@garyguo.net, bjorn3_gh@protonmail.com,
	a.hindborg@samsung.com, aliceryhl@google.com,
	ajanulgu@redhat.com, zhiw@nvidia.com, acurrid@nvidia.com,
	cjia@nvidia.com, jhubbard@nvidia.com,
	rust-for-linux@vger.kernel.org
Subject: Re: [PATCH WIP 5/8] rust: alloc: implement AllocatorWithFlags for KernelAllocator
Date: Wed, 1 May 2024 14:52:32 +0200	[thread overview]
Message-ID: <ZjI7EF25qgCXcvu9@pollux> (raw)
In-Reply-To: <d08e2061-3f6b-403a-8bcf-6527ec2443cf@proton.me>

On Wed, May 01, 2024 at 08:44:46AM +0000, Benno Lossin wrote:
> On 29.04.24 22:11, Danilo Krummrich wrote:
> > Signed-off-by: Danilo Krummrich <dakr@redhat.com>
> > ---
> >  rust/kernel/alloc.rs           |  2 +-
> >  rust/kernel/alloc/allocator.rs | 38 ++++++++++++++++++++++++++++++++--
> >  2 files changed, 37 insertions(+), 3 deletions(-)
> > 
> > diff --git a/rust/kernel/alloc.rs b/rust/kernel/alloc.rs
> > index ec45ba8f77ce..12c6c4e423f5 100644
> > --- a/rust/kernel/alloc.rs
> > +++ b/rust/kernel/alloc.rs
> > @@ -4,7 +4,7 @@
> > 
> >  #[cfg(not(test))]
> >  #[cfg(not(testlib))]
> > -mod allocator;
> > +pub mod allocator;
> >  pub mod box_ext;
> >  pub mod vec_ext;
> > 
> > diff --git a/rust/kernel/alloc/allocator.rs b/rust/kernel/alloc/allocator.rs
> > index 236100649ae1..173347ff018a 100644
> > --- a/rust/kernel/alloc/allocator.rs
> > +++ b/rust/kernel/alloc/allocator.rs
> > @@ -3,12 +3,14 @@
> >  //! Allocator support.
> > 
> >  use super::{flags::*, Flags};
> > -use core::alloc::{GlobalAlloc, Layout};
> > +use core::alloc::{GlobalAlloc, Layout, Allocator, AllocError};
> >  use core::ptr;
> > +use core::ptr::NonNull;
> > 
> >  use crate::bindings;
> > +use crate::alloc::AllocatorWithFlags;
> > 
> > -struct KernelAllocator;
> > +pub struct KernelAllocator;
> > 
> >  pub(crate) fn aligned_size(new_layout: Layout) -> usize {
> >      // Customized layouts from `Layout::from_size_align()` can have size < align, so pad first.
> > @@ -89,6 +91,38 @@ unsafe fn alloc_zeroed(&self, layout: Layout) -> *mut u8 {
> >      }
> >  }
> > 
> > +unsafe impl Allocator for KernelAllocator {
> > +    fn allocate(&self, layout: Layout) -> Result<NonNull<[u8]>, AllocError> {
> > +        self.default_allocate(layout)
> > +    }
> > +
> > +    fn allocate_zeroed(&self, layout: Layout) -> Result<NonNull<[u8]>, AllocError> {
> > +        self.default_allocate_zeroed(layout)
> > +    }
> > +
> > +    unsafe fn deallocate(&self, ptr: NonNull<u8>, layout: Layout) {
> > +        unsafe { self.dealloc(ptr.as_ptr(), layout) }
> > +    }
> > +}
> > +
> > +unsafe impl AllocatorWithFlags for KernelAllocator {
> > +    unsafe fn alloc_flags(&self, layout: Layout, flags: Flags) -> Result<NonNull<[u8]>, AllocError>
> > +    {
> > +        unsafe { self.realloc_flags(ptr::null_mut(), 0, layout, flags) }
> > +    }
> > +
> > +    unsafe fn realloc_flags(&self, ptr: *mut u8, _old_size: usize, layout: Layout, flags: Flags) -> Result<NonNull<[u8]>, AllocError>
> > +    {
> > +        let size = aligned_size(layout);
> > +
> > +        unsafe {
> > +            let raw_ptr = krealloc(ptr, size, flags);
> 
> I looked at the safety requirements of `krealloc`, it needs that
> `size` is non-zero. But who guarantees that? I could call
> `KernelAllocator::allocate()` with a zero-sized layout, since it is a
> safe function.

Indeed, as mentioned in the other thread, realloc_flags() shouldn't be unsafe
IMHO and instead should fulfill the safety requirement of krealloc().

Gonna fix that.

> 
> -- 
> Cheers,
> Benno
> 
> > +            let ptr = NonNull::new(raw_ptr).ok_or(AllocError)?;
> > +            Ok(NonNull::slice_from_raw_parts(ptr, size))
> > +        }
> > +    }
> > +}
> > +
> >  #[global_allocator]
> >  static ALLOCATOR: KernelAllocator = KernelAllocator;
> > 
> > --
> > 2.44.0
> > 
>

next prev parent reply	other threads:[~2024-05-01 12:52 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-29 20:11 [PATCH WIP 0/8] Draft: Alternative allocator support Danilo Krummrich
2024-04-29 20:11 ` [PATCH WIP 1/8] rust: alloc: re-enable allocator_api Danilo Krummrich
2024-04-29 20:11 ` [PATCH WIP 2/8] rust: alloc: use AllocError from core::alloc Danilo Krummrich
2024-04-29 20:11 ` [PATCH WIP 3/8] rust: alloc: implement AllocatorWithFlags trait Danilo Krummrich
2024-05-01  8:32   ` Benno Lossin
2024-05-01 12:50     ` Danilo Krummrich
2024-05-01 15:39       ` Benno Lossin
2024-05-01 15:48         ` Danilo Krummrich
2024-05-01 21:38       ` Miguel Ojeda
2024-05-03 15:27       ` Gary Guo
2024-05-06 13:17         ` Danilo Krummrich
2024-04-29 20:11 ` [PATCH WIP 4/8] rust: alloc: separate krealloc_aligned() Danilo Krummrich
2024-04-29 20:11 ` [PATCH WIP 5/8] rust: alloc: implement AllocatorWithFlags for KernelAllocator Danilo Krummrich
2024-05-01  8:44   ` Benno Lossin
2024-05-01 12:52     ` Danilo Krummrich [this message]
2024-04-29 20:11 ` [PATCH WIP 6/8] rust: alloc: implement BoxExtAlloc Danilo Krummrich
2024-05-01  8:53   ` Benno Lossin
2024-05-01 13:06     ` Danilo Krummrich
2024-05-01 15:46       ` Benno Lossin
2024-05-01 17:30         ` Danilo Krummrich
2024-04-29 20:11 ` [PATCH WIP 7/8] rust: alloc: implement VecExtAlloc Danilo Krummrich
2024-04-29 20:11 ` [PATCH WIP 8/8] rust: alloc: implement vmalloc allocator Danilo Krummrich
2024-05-01 21:32 ` [PATCH WIP 0/8] Draft: Alternative allocator support Miguel Ojeda
2024-05-01 22:31   ` Danilo Krummrich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZjI7EF25qgCXcvu9@pollux \
    --to=dakr@redhat.com \
    --cc=a.hindborg@samsung.com \
    --cc=acurrid@nvidia.com \
    --cc=ajanulgu@redhat.com \
    --cc=alex.gaynor@gmail.com \
    --cc=aliceryhl@google.com \
    --cc=benno.lossin@proton.me \
    --cc=bjorn3_gh@protonmail.com \
    --cc=boqun.feng@gmail.com \
    --cc=cjia@nvidia.com \
    --cc=gary@garyguo.net \
    --cc=jhubbard@nvidia.com \
    --cc=ojeda@kernel.org \
    --cc=rust-for-linux@vger.kernel.org \
    --cc=wedsonaf@gmail.com \
    --cc=zhiw@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).