- Linux-kselftest-mirror - lists.linaro.org

[PATCH net v2 0/3] vsock/bpf: Handle races between sockmap update and connect() disconnecting

by Michal Luczaj

Signal delivery during connect() may disconnect an already established socket. Problem is that such socket might have been placed in a sockmap before the connection was closed. PATCH 1 ensures this race won't lead to an unconnected vsock staying in the sockmap. PATCH 2 selftests it. PATCH 3 fixes a related race. Note that here the race window is rather difficult to hit and I can't think of an easy way of testing it. Signed-off-by: Michal Luczaj <mhal(a)rbox.co> --- Changes in v2: - Handle one more path of tripping the warning - Add a selftest - Collect R-b [Stefano] - Link to v1: https://lore.kernel.org/r/20250307-vsock-trans-signal-race-v1-1-3aca3f771fb… --- Michal Luczaj (3): vsock/bpf: Fix EINTR connect() racing sockmap update selftest/bpf: Add test for AF_VSOCK connect() racing sockmap update vsock/bpf: Fix bpf recvmsg() racing transport reassignment net/vmw_vsock/af_vsock.c | 10 +- net/vmw_vsock/vsock_bpf.c | 24 +++-- .../selftests/bpf/prog_tests/sockmap_basic.c | 111 +++++++++++++++++++++ 3 files changed, 136 insertions(+), 9 deletions(-) --- base-commit: da9e8efe7ee10e8425dc356a9fc593502c8e3933 change-id: 20250305-vsock-trans-signal-race-d62f7718d099 Best regards, -- Michal Luczaj <mhal(a)rbox.co>

6 months

1
3
0 0

[PATCH v3 00/17] riscv: add SBI FWFT misaligned exception delegation support

by Clément Léger

The SBI Firmware Feature extension allows the S-mode to request some specific features (either hardware or software) to be enabled. This series uses this extension to request misaligned access exception delegation to S-mode in order to let the kernel handle it. It also adds support for the KVM FWFT SBI extension based on the misaligned access handling infrastructure. FWFT SBI extension is part of the SBI V3.0 specifications [1]. It can be tested using the qemu provided at [2] which contains the series from [3]. kvm-unit-tests [4] can be used inside kvm to tests the correct delegation of misaligned exceptions. Upstream OpenSBI can be used. Note: Since SBI V3.0 is not yet ratified, FWFT extension API is split between interface only and implementation, allowing to pick only the interface which do not have hard dependencies on SBI. The tests can be run using the included kselftest: $ qemu-system-riscv64 \ -cpu rv64,trap-misaligned-access=true,v=true \ -M virt \ -m 1024M \ -bios fw_dynamic.bin \ -kernel Image ... # ./misaligned TAP version 13 1..23 # Starting 23 tests from 1 test cases. # RUN global.gp_load_lh ... # OK global.gp_load_lh ok 1 global.gp_load_lh # RUN global.gp_load_lhu ... # OK global.gp_load_lhu ok 2 global.gp_load_lhu # RUN global.gp_load_lw ... # OK global.gp_load_lw ok 3 global.gp_load_lw # RUN global.gp_load_lwu ... # OK global.gp_load_lwu ok 4 global.gp_load_lwu # RUN global.gp_load_ld ... # OK global.gp_load_ld ok 5 global.gp_load_ld # RUN global.gp_load_c_lw ... # OK global.gp_load_c_lw ok 6 global.gp_load_c_lw # RUN global.gp_load_c_ld ... # OK global.gp_load_c_ld ok 7 global.gp_load_c_ld # RUN global.gp_load_c_ldsp ... # OK global.gp_load_c_ldsp ok 8 global.gp_load_c_ldsp # RUN global.gp_load_sh ... # OK global.gp_load_sh ok 9 global.gp_load_sh # RUN global.gp_load_sw ... # OK global.gp_load_sw ok 10 global.gp_load_sw # RUN global.gp_load_sd ... # OK global.gp_load_sd ok 11 global.gp_load_sd # RUN global.gp_load_c_sw ... # OK global.gp_load_c_sw ok 12 global.gp_load_c_sw # RUN global.gp_load_c_sd ... # OK global.gp_load_c_sd ok 13 global.gp_load_c_sd # RUN global.gp_load_c_sdsp ... # OK global.gp_load_c_sdsp ok 14 global.gp_load_c_sdsp # RUN global.fpu_load_flw ... # OK global.fpu_load_flw ok 15 global.fpu_load_flw # RUN global.fpu_load_fld ... # OK global.fpu_load_fld ok 16 global.fpu_load_fld # RUN global.fpu_load_c_fld ... # OK global.fpu_load_c_fld ok 17 global.fpu_load_c_fld # RUN global.fpu_load_c_fldsp ... # OK global.fpu_load_c_fldsp ok 18 global.fpu_load_c_fldsp # RUN global.fpu_store_fsw ... # OK global.fpu_store_fsw ok 19 global.fpu_store_fsw # RUN global.fpu_store_fsd ... # OK global.fpu_store_fsd ok 20 global.fpu_store_fsd # RUN global.fpu_store_c_fsd ... # OK global.fpu_store_c_fsd ok 21 global.fpu_store_c_fsd # RUN global.fpu_store_c_fsdsp ... # OK global.fpu_store_c_fsdsp ok 22 global.fpu_store_c_fsdsp # RUN global.gen_sigbus ... [12797.988647] misaligned[618]: unhandled signal 7 code 0x1 at 0x0000000000014dc0 in misaligned[4dc0,10000+76000] [12797.988990] CPU: 0 UID: 0 PID: 618 Comm: misaligned Not tainted 6.13.0-rc6-00008-g4ec4468967c9-dirty #51 [12797.989169] Hardware name: riscv-virtio,qemu (DT) [12797.989264] epc : 0000000000014dc0 ra : 0000000000014d00 sp : 00007fffe165d100 [12797.989407] gp : 000000000008f6e8 tp : 0000000000095760 t0 : 0000000000000008 [12797.989544] t1 : 00000000000965d8 t2 : 000000000008e830 s0 : 00007fffe165d160 [12797.989692] s1 : 000000000000001a a0 : 0000000000000000 a1 : 0000000000000002 [12797.989831] a2 : 0000000000000000 a3 : 0000000000000000 a4 : ffffffffdeadbeef [12797.989964] a5 : 000000000008ef61 a6 : 626769735f6e0000 a7 : fffffffffffff000 [12797.990094] s2 : 0000000000000001 s3 : 00007fffe165d838 s4 : 00007fffe165d848 [12797.990238] s5 : 000000000000001a s6 : 0000000000010442 s7 : 0000000000010200 [12797.990391] s8 : 000000000000003a s9 : 0000000000094508 s10: 0000000000000000 [12797.990526] s11: 0000555567460668 t3 : 00007fffe165d070 t4 : 00000000000965d0 [12797.990656] t5 : fefefefefefefeff t6 : 0000000000000073 [12797.990756] status: 0000000200004020 badaddr: 000000000008ef61 cause: 0000000000000006 [12797.990911] Code: 8793 8791 3423 fcf4 3783 fc84 c737 dead 0713 eef7 (c398) 0001 # OK global.gen_sigbus ok 23 global.gen_sigbus # PASSED: 23 / 23 tests passed. # Totals: pass:23 fail:0 xfail:0 xpass:0 skip:0 error:0 With kvm-tools: # lkvm run -k sbi.flat -m 128 Info: # lkvm run -k sbi.flat -m 128 -c 1 --name guest-97 Info: Removed ghost socket file "/root/.lkvm//guest-97.sock". ########################################################################## # kvm-unit-tests ########################################################################## ... [test messages elided] PASS: sbi: fwft: FWFT extension probing no error PASS: sbi: fwft: get/set reserved feature 0x6 error == SBI_ERR_DENIED PASS: sbi: fwft: get/set reserved feature 0x3fffffff error == SBI_ERR_DENIED PASS: sbi: fwft: get/set reserved feature 0x80000000 error == SBI_ERR_DENIED PASS: sbi: fwft: get/set reserved feature 0xbfffffff error == SBI_ERR_DENIED PASS: sbi: fwft: misaligned_deleg: Get misaligned deleg feature no error PASS: sbi: fwft: misaligned_deleg: Set misaligned deleg feature invalid value error PASS: sbi: fwft: misaligned_deleg: Set misaligned deleg feature invalid value error PASS: sbi: fwft: misaligned_deleg: Set misaligned deleg feature value no error PASS: sbi: fwft: misaligned_deleg: Set misaligned deleg feature value 0 PASS: sbi: fwft: misaligned_deleg: Set misaligned deleg feature value no error PASS: sbi: fwft: misaligned_deleg: Set misaligned deleg feature value 1 PASS: sbi: fwft: misaligned_deleg: Verify misaligned load exception trap in supervisor SUMMARY: 50 tests, 2 unexpected failures, 12 skipped This series is available at [6]. Link: https://github.com/riscv-non-isa/riscv-sbi-doc/releases/download/vv3.0-rc2/… [1] Link: https://github.com/rivosinc/qemu/tree/dev/cleger/misaligned [2] Link: https://lore.kernel.org/all/20241211211933.198792-3-fkonrad@amd.com/T/ [3] Link: https://github.com/clementleger/kvm-unit-tests/tree/dev/cleger/fwft_v1 [4] Link: https://github.com/clementleger/unaligned_test [5] Link: https://github.com/rivosinc/linux/tree/dev/cleger/fwft_v1 [6] --- V3: - Added comment about kvm sbi fwft supported/set/get callback requirements - Move struct kvm_sbi_fwft_feature in kvm_sbi_fwft.c - Add a FWFT interface V2: - Added Kselftest for misaligned testing - Added get_user() usage instead of __get_user() - Reenable interrupt when possible in misaligned access handling - Document that riscv supports unaligned-traps - Fix KVM extension state when an init function is present - Rework SBI misaligned accesses trap delegation code - Added support for CPU hotplugging - Added KVM SBI reset callback - Added reset for KVM SBI FWFT lock - Return SBI_ERR_DENIED_LOCKED when LOCK flag is set Clément Léger (17): riscv: add Firmware Feature (FWFT) SBI extensions definitions riscv: sbi: add FWFT extension interface riscv: sbi: add SBI FWFT extension calls riscv: misaligned: request misaligned exception from SBI riscv: misaligned: use on_each_cpu() for scalar misaligned access probing riscv: misaligned: use correct CONFIG_ ifdef for misaligned_access_speed riscv: misaligned: move emulated access uniformity check in a function riscv: misaligned: add a function to check misalign trap delegability riscv: misaligned: factorize trap handling riscv: misaligned: enable IRQs while handling misaligned accesses riscv: misaligned: use get_user() instead of __get_user() Documentation/sysctl: add riscv to unaligned-trap supported archs selftests: riscv: add misaligned access testing RISC-V: KVM: add SBI extension init()/deinit() functions RISC-V: KVM: add SBI extension reset callback RISC-V: KVM: add support for FWFT SBI extension RISC-V: KVM: add support for SBI_FWFT_MISALIGNED_DELEG Documentation/admin-guide/sysctl/kernel.rst | 4 +- arch/riscv/include/asm/cpufeature.h | 8 +- arch/riscv/include/asm/kvm_host.h | 5 +- arch/riscv/include/asm/kvm_vcpu_sbi.h | 12 + arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h | 31 +++ arch/riscv/include/asm/sbi.h | 38 +++ arch/riscv/include/uapi/asm/kvm.h | 1 + arch/riscv/kernel/sbi.c | 123 +++++++++ arch/riscv/kernel/traps.c | 57 ++-- arch/riscv/kernel/traps_misaligned.c | 119 +++++++- arch/riscv/kernel/unaligned_access_speed.c | 11 +- arch/riscv/kvm/Makefile | 1 + arch/riscv/kvm/vcpu.c | 7 +- arch/riscv/kvm/vcpu_sbi.c | 57 ++++ arch/riscv/kvm/vcpu_sbi_fwft.c | 251 +++++++++++++++++ arch/riscv/kvm/vcpu_sbi_sta.c | 3 +- .../selftests/riscv/misaligned/.gitignore | 1 + .../selftests/riscv/misaligned/Makefile | 12 + .../selftests/riscv/misaligned/common.S | 33 +++ .../testing/selftests/riscv/misaligned/fpu.S | 180 +++++++++++++ tools/testing/selftests/riscv/misaligned/gp.S | 103 +++++++ .../selftests/riscv/misaligned/misaligned.c | 254 ++++++++++++++++++ 22 files changed, 1264 insertions(+), 47 deletions(-) create mode 100644 arch/riscv/include/asm/kvm_vcpu_sbi_fwft.h create mode 100644 arch/riscv/kvm/vcpu_sbi_fwft.c create mode 100644 tools/testing/selftests/riscv/misaligned/.gitignore create mode 100644 tools/testing/selftests/riscv/misaligned/Makefile create mode 100644 tools/testing/selftests/riscv/misaligned/common.S create mode 100644 tools/testing/selftests/riscv/misaligned/fpu.S create mode 100644 tools/testing/selftests/riscv/misaligned/gp.S create mode 100644 tools/testing/selftests/riscv/misaligned/misaligned.c -- 2.47.2

6 months, 1 week

2
37
0 0

[PATCH v2 0/5] rust: reduce pointer casts, enable related lints

by Tamir Duberstein

This started with a patch that enabled `clippy::ptr_as_ptr`. Benno Lossin suggested I also look into `clippy::ptr_cast_constness` and I discovered `clippy::as_ptr_cast_mut`. This series now enables all 3 lints. It also enables `clippy::as_underscore` which ensures other pointer casts weren't missed. The first commit reduces the need for pointer casts and is shared with another series[1]. Link: https://lore.kernel.org/all/20250307-no-offset-v1-0-0c728f63b69c@gmail.com/ [1] Signed-off-by: Tamir Duberstein <tamird(a)gmail.com> --- Changes in v2: - Fixed typo in first commit message. - Added additional patches, converted to series. - Link to v1: https://lore.kernel.org/r/20250307-ptr-as-ptr-v1-1-582d06514c98@gmail.com --- Tamir Duberstein (5): rust: retain pointer mut-ness in `container_of!` rust: enable `clippy::ptr_as_ptr` lint rust: enable `clippy::ptr_cast_constness` lint rust: enable `clippy::as_ptr_cast_mut` lint rust: enable `clippy::as_underscore` lint Makefile | 4 ++++ rust/bindings/lib.rs | 1 + rust/kernel/alloc/allocator_test.rs | 2 +- rust/kernel/alloc/kvec.rs | 4 ++-- rust/kernel/block/mq/operations.rs | 2 +- rust/kernel/block/mq/request.rs | 7 ++++--- rust/kernel/device.rs | 5 +++-- rust/kernel/device_id.rs | 2 +- rust/kernel/devres.rs | 19 ++++++++++--------- rust/kernel/error.rs | 2 +- rust/kernel/firmware.rs | 2 +- rust/kernel/fs/file.rs | 2 +- rust/kernel/io.rs | 18 +++++++++--------- rust/kernel/kunit.rs | 15 +++++++-------- rust/kernel/lib.rs | 5 ++--- rust/kernel/list/impl_list_item_mod.rs | 2 +- rust/kernel/miscdevice.rs | 2 +- rust/kernel/of.rs | 6 +++--- rust/kernel/pci.rs | 13 ++++++++----- rust/kernel/platform.rs | 6 ++++-- rust/kernel/print.rs | 11 +++++------ rust/kernel/rbtree.rs | 23 ++++++++++------------- rust/kernel/seq_file.rs | 3 ++- rust/kernel/str.rs | 10 +++++----- rust/kernel/sync/poll.rs | 2 +- rust/kernel/workqueue.rs | 12 ++++++------ rust/uapi/lib.rs | 1 + 27 files changed, 95 insertions(+), 86 deletions(-) --- base-commit: ff64846bee0e7e3e7bc9363ebad3bab42dd27e24 change-id: 20250307-ptr-as-ptr-21b1867fc4d4 Best regards, -- Tamir Duberstein <tamird(a)gmail.com>

6 months, 1 week

3
37
0 0

Re: [PATCH 1/4] selftests: ntsync: fix the wrong condition in wake_all

by Su Hui

On 2025/3/14 18:14, Su Hui wrote: > On 2025/3/14 17:21, Dan Carpenter wrote: >> On Fri, Mar 14, 2025 at 03:14:51PM +0800, Su Hui wrote: >>> When 'manual=false' and 'signaled=true', then expected value when using >>> NTSYNC_IOC_CREATE_EVENT should be greater than zero. Fix this typo error. >>> >>> Signed-off-by: Su Hui<suhui(a)nfschina.com> >>> --- >>> tools/testing/selftests/drivers/ntsync/ntsync.c | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/tools/testing/selftests/drivers/ntsync/ntsync.c b/tools/testing/selftests/drivers/ntsync/ntsync.c >>> index 3aad311574c4..bfb6fad653d0 100644 >>> --- a/tools/testing/selftests/drivers/ntsync/ntsync.c >>> +++ b/tools/testing/selftests/drivers/ntsync/ntsync.c >>> @@ -968,7 +968,7 @@ TEST(wake_all) >>> auto_event_args.manual = false; >>> auto_event_args.signaled = true; >>> objs[3] = ioctl(fd, NTSYNC_IOC_CREATE_EVENT, &auto_event_args); >>> - EXPECT_EQ(0, objs[3]); >>> + EXPECT_LE(0, objs[3]); >> It's kind of weird how these macros put the constant on the left. >> It returns an "fd" on success. So this look reasonable. It probably >> won't return the zero fd so we could probably check EXPECT_LT()? > Agreed, there are about 29 items that can be changed to EXPECT_LT(). > I can send a v2 patchset with this change if there is no more other > suggestions. Sorry for the wrong style of email:(. Su Hui

6 months, 1 week

1
0
0 0

[PATCH net-next] selftests: drv-net: fix merge conflicts resolution

by Matthieu Baerts (NGI0)

After the recent merge between net-next and net, I got some conflicts on my side because the merge resolution was different from Stephen's one [1] I applied on my side in the MPTCP tree. It looks like the code that is now in net-next is using the old way to retrieve the local and remote addresses. This patch is now using the new way, like what was in Stephen's email [1]. Also, in get_interface_info(), there were no conflicts in this area, because that was new code from 'net', but a small adaptation was needed there as well to get the remote address. Fixes: 941defcea7e1 ("Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net") Link: https://lore.kernel.org/20250311115758.17a1d414@canb.auug.org.au [1] Suggested-by: Stephen Rothwell <sfr(a)canb.auug.org.au> Signed-off-by: Matthieu Baerts (NGI0) <matttbe(a)kernel.org> --- tools/testing/selftests/drivers/net/ping.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/tools/testing/selftests/drivers/net/ping.py b/tools/testing/selftests/drivers/net/ping.py index 7a1026a073681d159202015fc6945e91368863fe..79f07e0510ecc14d3bc2716e14f49f9381bb919f 100755 --- a/tools/testing/selftests/drivers/net/ping.py +++ b/tools/testing/selftests/drivers/net/ping.py @@ -15,18 +15,18 @@ no_sleep=False def _test_v4(cfg) -> None: cfg.require_ipver("4") - cmd(f"ping -c 1 -W0.5 {cfg.remote_v4}") - cmd(f"ping -c 1 -W0.5 {cfg.v4}", host=cfg.remote) - cmd(f"ping -s 65000 -c 1 -W0.5 {cfg.remote_v4}") - cmd(f"ping -s 65000 -c 1 -W0.5 {cfg.v4}", host=cfg.remote) + cmd("ping -c 1 -W0.5 " + cfg.remote_addr_v["4"]) + cmd("ping -c 1 -W0.5 " + cfg.addr_v["4"], host=cfg.remote) + cmd("ping -s 65000 -c 1 -W0.5 " + cfg.remote_addr_v["4"]) + cmd("ping -s 65000 -c 1 -W0.5 " + cfg.addr_v["4"], host=cfg.remote) def _test_v6(cfg) -> None: cfg.require_ipver("6") - cmd(f"ping -c 1 -W5 {cfg.remote_v6}") - cmd(f"ping -c 1 -W5 {cfg.v6}", host=cfg.remote) - cmd(f"ping -s 65000 -c 1 -W0.5 {cfg.remote_v6}") - cmd(f"ping -s 65000 -c 1 -W0.5 {cfg.v6}", host=cfg.remote) + cmd("ping -c 1 -W5 " + cfg.remote_addr_v["6"]) + cmd("ping -c 1 -W5 " + cfg.addr_v["6"], host=cfg.remote) + cmd("ping -s 65000 -c 1 -W0.5 " + cfg.remote_addr_v["6"]) + cmd("ping -s 65000 -c 1 -W0.5 " + cfg.addr_v["6"], host=cfg.remote) def _test_tcp(cfg) -> None: cfg.require_cmd("socat", remote=True) @@ -120,7 +120,7 @@ def get_interface_info(cfg) -> None: global remote_ifname global no_sleep - remote_info = cmd(f"ip -4 -o addr show to {cfg.remote_v4} | awk '{{print $2}}'", shell=True, host=cfg.remote).stdout + remote_info = cmd(f"ip -4 -o addr show to {cfg.remote_addr_v['4']} | awk '{{print $2}}'", shell=True, host=cfg.remote).stdout remote_ifname = remote_info.rstrip('\n') if remote_ifname == "": raise KsftFailEx('Can not get remote interface') --- base-commit: 941defcea7e11ad7ff8f0d4856716dd637d757dd change-id: 20250314-net-next-drv-net-ping-fix-merge-b303167fde16 Best regards, -- Matthieu Baerts (NGI0) <matttbe(a)kernel.org>

6 months, 1 week

3
2
0 0

[PATCH 3/3] rust: replace `addr_of[_mut]!` with `&raw [mut]`

by Antonio Hickey

Replacing all occurrences of `addr_of!(place)` with `&raw place`, and all occurrences of `addr_of_mut!(place)` with `&raw mut place`. Utilizing the new feature will allow us to reduce macro complexity, and improve consistency with existing reference syntax as `&raw`, `&raw mut` is very similar to `&`, `&mut` making it fit more naturally with other existing code. Depends on: Patch 1/3 0001-rust-enable-raw_ref_op-feature.patch Suggested-by: Benno Lossin <y86-dev(a)protonmail.com> Link: https://github.com/Rust-for-Linux/linux/issues/1148 Signed-off-by: Antonio Hickey <contact(a)antoniohickey.com> --- rust/kernel/block/mq/request.rs | 4 ++-- rust/kernel/faux.rs | 4 ++-- rust/kernel/fs/file.rs | 2 +- rust/kernel/init.rs | 8 ++++---- rust/kernel/init/macros.rs | 28 +++++++++++++------------- rust/kernel/jump_label.rs | 4 ++-- rust/kernel/kunit.rs | 4 ++-- rust/kernel/list.rs | 2 +- rust/kernel/list/impl_list_item_mod.rs | 6 +++--- rust/kernel/net/phy.rs | 4 ++-- rust/kernel/pci.rs | 4 ++-- rust/kernel/platform.rs | 4 +--- rust/kernel/rbtree.rs | 22 ++++++++++---------- rust/kernel/sync/arc.rs | 2 +- rust/kernel/task.rs | 4 ++-- rust/kernel/workqueue.rs | 8 ++++---- 16 files changed, 54 insertions(+), 56 deletions(-) diff --git a/rust/kernel/block/mq/request.rs b/rust/kernel/block/mq/request.rs index 7943f43b9575..4a5b7ec914ef 100644 --- a/rust/kernel/block/mq/request.rs +++ b/rust/kernel/block/mq/request.rs @@ -12,7 +12,7 @@ }; use core::{ marker::PhantomData, - ptr::{addr_of_mut, NonNull}, + ptr::NonNull, sync::atomic::{AtomicU64, Ordering}, }; @@ -187,7 +187,7 @@ pub(crate) fn refcount(&self) -> &AtomicU64 { pub(crate) unsafe fn refcount_ptr(this: *mut Self) -> *mut AtomicU64 { // SAFETY: Because of the safety requirements of this function, the // field projection is safe. - unsafe { addr_of_mut!((*this).refcount) } + unsafe { &raw mut (*this).refcount } } } diff --git a/rust/kernel/faux.rs b/rust/kernel/faux.rs index 5acc0c02d451..52ac554c1119 100644 --- a/rust/kernel/faux.rs +++ b/rust/kernel/faux.rs @@ -7,7 +7,7 @@ //! C header: [`include/linux/device/faux.h`] use crate::{bindings, device, error::code::*, prelude::*}; -use core::ptr::{addr_of_mut, null, null_mut, NonNull}; +use core::ptr::{null, null_mut, NonNull}; /// The registration of a faux device. /// @@ -45,7 +45,7 @@ impl AsRef<device::Device> for Registration { fn as_ref(&self) -> &device::Device { // SAFETY: The underlying `device` in `faux_device` is guaranteed by the C API to be // a valid initialized `device`. - unsafe { device::Device::as_ref(addr_of_mut!((*self.as_raw()).dev)) } + unsafe { device::Device::as_ref((&raw mut (*self.as_raw()).dev)) } } } diff --git a/rust/kernel/fs/file.rs b/rust/kernel/fs/file.rs index ed57e0137cdb..7ee4830b67f3 100644 --- a/rust/kernel/fs/file.rs +++ b/rust/kernel/fs/file.rs @@ -331,7 +331,7 @@ pub fn flags(&self) -> u32 { // SAFETY: The file is valid because the shared reference guarantees a nonzero refcount. // // FIXME(read_once): Replace with `read_once` when available on the Rust side. - unsafe { core::ptr::addr_of!((*self.as_ptr()).f_flags).read_volatile() } + unsafe { (&raw const (*self.as_ptr()).f_flags).read_volatile() } } } diff --git a/rust/kernel/init.rs b/rust/kernel/init.rs index 7fd1ea8265a5..a8fac6558671 100644 --- a/rust/kernel/init.rs +++ b/rust/kernel/init.rs @@ -122,7 +122,7 @@ //! ```rust //! # #![expect(unreachable_pub, clippy::disallowed_names)] //! use kernel::{init, types::Opaque}; -//! use core::{ptr::addr_of_mut, marker::PhantomPinned, pin::Pin}; +//! use core::{marker::PhantomPinned, pin::Pin}; //! # mod bindings { //! # #![expect(non_camel_case_types)] //! # #![expect(clippy::missing_safety_doc)] @@ -159,7 +159,7 @@ //! unsafe { //! init::pin_init_from_closure(move |slot: *mut Self| { //! // `slot` contains uninit memory, avoid creating a reference. -//! let foo = addr_of_mut!((*slot).foo); +//! let foo = &raw mut (*slot).foo; //! //! // Initialize the `foo` //! bindings::init_foo(Opaque::raw_get(foo)); @@ -541,7 +541,7 @@ macro_rules! stack_try_pin_init { /// /// ```rust /// # use kernel::{macros::{Zeroable, pin_data}, pin_init}; -/// # use core::{ptr::addr_of_mut, marker::PhantomPinned}; +/// # use core::marker::PhantomPinned; /// #[pin_data] /// #[derive(Zeroable)] /// struct Buf { @@ -554,7 +554,7 @@ macro_rules! stack_try_pin_init { /// pin_init!(&this in Buf { /// buf: [0; 64], /// // SAFETY: TODO. -/// ptr: unsafe { addr_of_mut!((*this.as_ptr()).buf).cast() }, +/// ptr: unsafe { &raw mut (*this.as_ptr()).buf.cast() }, /// pin: PhantomPinned, /// }); /// pin_init!(Buf { diff --git a/rust/kernel/init/macros.rs b/rust/kernel/init/macros.rs index 1fd146a83241..af525fbb2f01 100644 --- a/rust/kernel/init/macros.rs +++ b/rust/kernel/init/macros.rs @@ -244,25 +244,25 @@ //! struct __InitOk; //! // This is the expansion of `t,`, which is syntactic sugar for `t: t,`. //! { -//! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).t), t) }; +//! unsafe { ::core::ptr::write(&raw mut (*slot).t, t) }; //! } //! // Since initialization could fail later (not in this case, since the //! // error type is `Infallible`) we will need to drop this field if there //! // is an error later. This `DropGuard` will drop the field when it gets //! // dropped and has not yet been forgotten. //! let __t_guard = unsafe { -//! ::pinned_init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).t)) +//! ::pinned_init::__internal::DropGuard::new(&raw mut (*slot).t) //! }; //! // Expansion of `x: 0,`: //! // Since this can be an arbitrary expression we cannot place it inside //! // of the `unsafe` block, so we bind it here. //! { //! let x = 0; -//! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).x), x) }; +//! unsafe { ::core::ptr::write(&raw mut (*slot).x, x) }; //! } //! // We again create a `DropGuard`. //! let __x_guard = unsafe { -//! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).x)) +//! ::kernel::init::__internal::DropGuard::new(&raw mut (*slot).x) //! }; //! // Since initialization has successfully completed, we can now forget //! // the guards. This is not `mem::forget`, since we only have @@ -459,15 +459,15 @@ //! { //! struct __InitOk; //! { -//! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).a), a) }; +//! unsafe { ::core::ptr::write(&raw mut (*slot).a, a) }; //! } //! let __a_guard = unsafe { -//! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).a)) +//! ::kernel::init::__internal::DropGuard::new(&raw mut (*slot).a) //! }; //! let init = Bar::new(36); -//! unsafe { data.b(::core::addr_of_mut!((*slot).b), b)? }; +//! unsafe { data.b(&raw mut (*slot).b, b)? }; //! let __b_guard = unsafe { -//! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).b)) +//! ::kernel::init::__internal::DropGuard::new(&raw mut (*slot).b) //! }; //! ::core::mem::forget(__b_guard); //! ::core::mem::forget(__a_guard); @@ -1210,7 +1210,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} // SAFETY: `slot` is valid, because we are inside of an initializer closure, we // return when an error/panic occurs. // We also use the `data` to require the correct trait (`Init` or `PinInit`) for `$field`. - unsafe { $data.$field(::core::ptr::addr_of_mut!((*$slot).$field), init)? }; + unsafe { $data.$field(&raw mut (*$slot).$field, init)? }; // Create the drop guard: // // We rely on macro hygiene to make it impossible for users to access this local variable. @@ -1218,7 +1218,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} ::kernel::macros::paste! { // SAFETY: We forget the guard later when initialization has succeeded. let [< __ $field _guard >] = unsafe { - $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field)) + $crate::init::__internal::DropGuard::new(&raw mut (*$slot).$field) }; $crate::__init_internal!(init_slot($use_data): @@ -1241,7 +1241,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} // // SAFETY: `slot` is valid, because we are inside of an initializer closure, we // return when an error/panic occurs. - unsafe { $crate::init::Init::__init(init, ::core::ptr::addr_of_mut!((*$slot).$field))? }; + unsafe { $crate::init::Init::__init(init, &raw mut (*$slot).$field)? }; // Create the drop guard: // // We rely on macro hygiene to make it impossible for users to access this local variable. @@ -1249,7 +1249,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} ::kernel::macros::paste! { // SAFETY: We forget the guard later when initialization has succeeded. let [< __ $field _guard >] = unsafe { - $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field)) + $crate::init::__internal::DropGuard::new(&raw mut (*$slot).$field) }; $crate::__init_internal!(init_slot(): @@ -1272,7 +1272,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} // Initialize the field. // // SAFETY: The memory at `slot` is uninitialized. - unsafe { ::core::ptr::write(::core::ptr::addr_of_mut!((*$slot).$field), $field) }; + unsafe { ::core::ptr::write(&raw mut (*$slot).$field, $field) }; } // Create the drop guard: // @@ -1281,7 +1281,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} ::kernel::macros::paste! { // SAFETY: We forget the guard later when initialization has succeeded. let [< __ $field _guard >] = unsafe { - $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field)) + $crate::init::__internal::DropGuard::new(&raw mut (*$slot).$field) }; $crate::__init_internal!(init_slot($($use_data)?): diff --git a/rust/kernel/jump_label.rs b/rust/kernel/jump_label.rs index 4e974c768dbd..05d4564714c7 100644 --- a/rust/kernel/jump_label.rs +++ b/rust/kernel/jump_label.rs @@ -20,8 +20,8 @@ #[macro_export] macro_rules! static_branch_unlikely { ($key:path, $keytyp:ty, $field:ident) => {{ - let _key: *const $keytyp = ::core::ptr::addr_of!($key); - let _key: *const $crate::bindings::static_key_false = ::core::ptr::addr_of!((*_key).$field); + let _key: *const $keytyp = &raw $key; + let _key: *const $crate::bindings::static_key_false = &raw (*_key).$field; let _key: *const $crate::bindings::static_key = _key.cast(); #[cfg(not(CONFIG_JUMP_LABEL))] diff --git a/rust/kernel/kunit.rs b/rust/kernel/kunit.rs index 824da0e9738a..18357dd782ed 100644 --- a/rust/kernel/kunit.rs +++ b/rust/kernel/kunit.rs @@ -128,9 +128,9 @@ unsafe impl Sync for UnaryAssert {} unsafe { $crate::bindings::__kunit_do_failed_assertion( kunit_test, - core::ptr::addr_of!(LOCATION.0), + &raw LOCATION.0, $crate::bindings::kunit_assert_type_KUNIT_ASSERTION, - core::ptr::addr_of!(ASSERTION.0.assert), + &raw ASSERTION.0.assert, Some($crate::bindings::kunit_unary_assert_format), core::ptr::null(), ); diff --git a/rust/kernel/list.rs b/rust/kernel/list.rs index c0ed227b8a4f..e98f0820f002 100644 --- a/rust/kernel/list.rs +++ b/rust/kernel/list.rs @@ -176,7 +176,7 @@ pub fn new() -> impl PinInit<Self> { #[inline] unsafe fn fields(me: *mut Self) -> *mut ListLinksFields { // SAFETY: The caller promises that the pointer is valid. - unsafe { Opaque::raw_get(ptr::addr_of!((*me).inner)) } + unsafe { Opaque::raw_get(&raw const (*me).inner) } } /// # Safety diff --git a/rust/kernel/list/impl_list_item_mod.rs b/rust/kernel/list/impl_list_item_mod.rs index a0438537cee1..014b6713d59d 100644 --- a/rust/kernel/list/impl_list_item_mod.rs +++ b/rust/kernel/list/impl_list_item_mod.rs @@ -49,7 +49,7 @@ macro_rules! impl_has_list_links { // SAFETY: The implementation of `raw_get_list_links` only compiles if the field has the // right type. // - // The behavior of `raw_get_list_links` is not changed since the `addr_of_mut!` macro is + // The behavior of `raw_get_list_links` is not changed since the `&raw mut` op is // equivalent to the pointer offset operation in the trait definition. unsafe impl$(<$($implarg),*>)? $crate::list::HasListLinks$(<$id>)? for $self $(<$($selfarg),*>)? @@ -61,7 +61,7 @@ unsafe fn raw_get_list_links(ptr: *mut Self) -> *mut $crate::list::ListLinks$(<$ // SAFETY: The caller promises that the pointer is not dangling. We know that this // expression doesn't follow any pointers, as the `offset_of!` invocation above // would otherwise not compile. - unsafe { ::core::ptr::addr_of_mut!((*ptr)$(.$field)*) } + unsafe { &raw mut (*ptr)$(.$field)* } } } )*}; @@ -103,7 +103,7 @@ macro_rules! impl_has_list_links_self_ptr { unsafe fn raw_get_list_links(ptr: *mut Self) -> *mut $crate::list::ListLinks$(<$id>)? { // SAFETY: The caller promises that the pointer is not dangling. let ptr: *mut $crate::list::ListLinksSelfPtr<$item_type $(, $id)?> = - unsafe { ::core::ptr::addr_of_mut!((*ptr).$field) }; + unsafe { &raw mut (*ptr).$field }; ptr.cast() } } diff --git a/rust/kernel/net/phy.rs b/rust/kernel/net/phy.rs index a59469c785e3..757db052cc09 100644 --- a/rust/kernel/net/phy.rs +++ b/rust/kernel/net/phy.rs @@ -7,7 +7,7 @@ //! C headers: [`include/linux/phy.h`](srctree/include/linux/phy.h). use crate::{error::*, prelude::*, types::Opaque}; -use core::{marker::PhantomData, ptr::addr_of_mut}; +use core::marker::PhantomData; pub mod reg; @@ -285,7 +285,7 @@ impl AsRef<kernel::device::Device> for Device { fn as_ref(&self) -> &kernel::device::Device { let phydev = self.0.get(); // SAFETY: The struct invariant ensures that `mdio.dev` is valid. - unsafe { kernel::device::Device::as_ref(addr_of_mut!((*phydev).mdio.dev)) } + unsafe { kernel::device::Device::as_ref(&raw mut (*phydev).mdio.dev) } } } diff --git a/rust/kernel/pci.rs b/rust/kernel/pci.rs index f7b2743828ae..6cb9ed1e7cbf 100644 --- a/rust/kernel/pci.rs +++ b/rust/kernel/pci.rs @@ -17,7 +17,7 @@ types::{ARef, ForeignOwnable, Opaque}, ThisModule, }; -use core::{ops::Deref, ptr::addr_of_mut}; +use core::ops::Deref; use kernel::prelude::*; /// An adapter for the registration of PCI drivers. @@ -60,7 +60,7 @@ extern "C" fn probe_callback( ) -> kernel::ffi::c_int { // SAFETY: The PCI bus only ever calls the probe callback with a valid pointer to a // `struct pci_dev`. - let dev = unsafe { device::Device::get_device(addr_of_mut!((*pdev).dev)) }; + let dev = unsafe { device::Device::get_device(&raw mut (*pdev).dev) }; // SAFETY: `dev` is guaranteed to be embedded in a valid `struct pci_dev` by the call // above. let mut pdev = unsafe { Device::from_dev(dev) }; diff --git a/rust/kernel/platform.rs b/rust/kernel/platform.rs index 1297f5292ba9..344875ad7b82 100644 --- a/rust/kernel/platform.rs +++ b/rust/kernel/platform.rs @@ -14,8 +14,6 @@ ThisModule, }; -use core::ptr::addr_of_mut; - /// An adapter for the registration of platform drivers. pub struct Adapter<T: Driver>(T); @@ -55,7 +53,7 @@ unsafe fn unregister(pdrv: &Opaque<Self::RegType>) { impl<T: Driver + 'static> Adapter<T> { extern "C" fn probe_callback(pdev: *mut bindings::platform_device) -> kernel::ffi::c_int { // SAFETY: The platform bus only ever calls the probe callback with a valid `pdev`. - let dev = unsafe { device::Device::get_device(addr_of_mut!((*pdev).dev)) }; + let dev = unsafe { device::Device::get_device(&raw mut (*pdev).dev) }; // SAFETY: `dev` is guaranteed to be embedded in a valid `struct platform_device` by the // call above. let mut pdev = unsafe { Device::from_dev(dev) }; diff --git a/rust/kernel/rbtree.rs b/rust/kernel/rbtree.rs index 1ea25c7092fb..b0ad35663cb0 100644 --- a/rust/kernel/rbtree.rs +++ b/rust/kernel/rbtree.rs @@ -11,7 +11,7 @@ cmp::{Ord, Ordering}, marker::PhantomData, mem::MaybeUninit, - ptr::{addr_of_mut, from_mut, NonNull}, + ptr::{from_mut, NonNull}, }; /// A red-black tree with owned nodes. @@ -238,7 +238,7 @@ pub fn values_mut(&mut self) -> impl Iterator<Item = &'_ mut V> { /// Returns a cursor over the tree nodes, starting with the smallest key. pub fn cursor_front(&mut self) -> Option<Cursor<'_, K, V>> { - let root = addr_of_mut!(self.root); + let root = &raw mut self.root; // SAFETY: `self.root` is always a valid root node let current = unsafe { bindings::rb_first(root) }; NonNull::new(current).map(|current| { @@ -253,7 +253,7 @@ pub fn cursor_front(&mut self) -> Option<Cursor<'_, K, V>> { /// Returns a cursor over the tree nodes, starting with the largest key. pub fn cursor_back(&mut self) -> Option<Cursor<'_, K, V>> { - let root = addr_of_mut!(self.root); + let root = &raw mut self.root; // SAFETY: `self.root` is always a valid root node let current = unsafe { bindings::rb_last(root) }; NonNull::new(current).map(|current| { @@ -459,7 +459,7 @@ pub fn cursor_lower_bound(&mut self, key: &K) -> Option<Cursor<'_, K, V>> let best = best_match?; // SAFETY: `best` is a non-null node so it is valid by the type invariants. - let links = unsafe { addr_of_mut!((*best.as_ptr()).links) }; + let links = unsafe { &raw mut (*best.as_ptr()).links }; NonNull::new(links).map(|current| { // INVARIANT: @@ -767,7 +767,7 @@ pub fn remove_current(self) -> (Option<Self>, RBTreeNode<K, V>) { let node = RBTreeNode { node }; // SAFETY: The reference to the tree used to create the cursor outlives the cursor, so // the tree cannot change. By the tree invariant, all nodes are valid. - unsafe { bindings::rb_erase(&mut (*this).links, addr_of_mut!(self.tree.root)) }; + unsafe { bindings::rb_erase(&mut (*this).links, &raw mut self.tree.root) }; let current = match (prev, next) { (_, Some(next)) => next, @@ -803,7 +803,7 @@ fn remove_neighbor(&mut self, direction: Direction) -> Option<RBTreeNode<K, V>> let neighbor = neighbor.as_ptr(); // SAFETY: The reference to the tree used to create the cursor outlives the cursor, so // the tree cannot change. By the tree invariant, all nodes are valid. - unsafe { bindings::rb_erase(neighbor, addr_of_mut!(self.tree.root)) }; + unsafe { bindings::rb_erase(neighbor, &raw mut self.tree.root) }; // SAFETY: By the type invariant of `Self`, all non-null `rb_node` pointers stored in `self` // point to the links field of `Node<K, V>` objects. let this = unsafe { container_of!(neighbor, Node<K, V>, links) }.cast_mut(); @@ -918,7 +918,7 @@ unsafe fn to_key_value_raw<'b>(node: NonNull<bindings::rb_node>) -> (&'b K, *mut let k = unsafe { &(*this).key }; // SAFETY: The passed `node` is the current node or a non-null neighbor, // thus `this` is valid by the type invariants. - let v = unsafe { addr_of_mut!((*this).value) }; + let v = unsafe { &raw mut (*this).value }; (k, v) } } @@ -1027,7 +1027,7 @@ fn next(&mut self) -> Option<Self::Item> { self.next = unsafe { bindings::rb_next(self.next) }; // SAFETY: By the same reasoning above, it is safe to dereference the node. - Some(unsafe { (addr_of_mut!((*cur).key), addr_of_mut!((*cur).value)) }) + Some(unsafe { (&raw mut (*cur).key, &raw mut (*cur).value) }) } } @@ -1170,7 +1170,7 @@ fn insert(self, node: RBTreeNode<K, V>) -> &'a mut V { // SAFETY: `node` is valid at least until we call `Box::from_raw`, which only happens when // the node is removed or replaced. - let node_links = unsafe { addr_of_mut!((*node).links) }; + let node_links = unsafe { &raw mut (*node).links }; // INVARIANT: We are linking in a new node, which is valid. It remains valid because we // "forgot" it with `Box::into_raw`. @@ -1178,7 +1178,7 @@ fn insert(self, node: RBTreeNode<K, V>) -> &'a mut V { unsafe { bindings::rb_link_node(node_links, self.parent, self.child_field_of_parent) }; // SAFETY: All pointers are valid. `node` has just been inserted into the tree. - unsafe { bindings::rb_insert_color(node_links, addr_of_mut!((*self.rbtree).root)) }; + unsafe { bindings::rb_insert_color(node_links, &raw mut (*self.rbtree).root) }; // SAFETY: The node is valid until we remove it from the tree. unsafe { &mut (*node).value } @@ -1261,7 +1261,7 @@ fn replace(self, node: RBTreeNode<K, V>) -> RBTreeNode<K, V> { // SAFETY: `node` is valid at least until we call `Box::from_raw`, which only happens when // the node is removed or replaced. - let new_node_links = unsafe { addr_of_mut!((*node).links) }; + let new_node_links = unsafe { &raw mut (*node).links }; // SAFETY: This updates the pointers so that `new_node_links` is in the tree where // `self.node_links` used to be. diff --git a/rust/kernel/sync/arc.rs b/rust/kernel/sync/arc.rs index 3cefda7a4372..81d8b0f84957 100644 --- a/rust/kernel/sync/arc.rs +++ b/rust/kernel/sync/arc.rs @@ -243,7 +243,7 @@ pub fn into_raw(self) -> *const T { let ptr = self.ptr.as_ptr(); core::mem::forget(self); // SAFETY: The pointer is valid. - unsafe { core::ptr::addr_of!((*ptr).data) } + unsafe { &raw const (*ptr).data } } /// Recreates an [`Arc`] instance previously deconstructed via [`Arc::into_raw`]. diff --git a/rust/kernel/task.rs b/rust/kernel/task.rs index 49012e711942..b2ac768eed23 100644 --- a/rust/kernel/task.rs +++ b/rust/kernel/task.rs @@ -257,7 +257,7 @@ pub fn as_ptr(&self) -> *mut bindings::task_struct { pub fn group_leader(&self) -> &Task { // SAFETY: The group leader of a task never changes after initialization, so reading this // field is not a data race. - let ptr = unsafe { *ptr::addr_of!((*self.as_ptr()).group_leader) }; + let ptr = unsafe { *(&raw const (*self.as_ptr()).group_leader) }; // SAFETY: The lifetime of the returned task reference is tied to the lifetime of `self`, // and given that a task has a reference to its group leader, we know it must be valid for @@ -269,7 +269,7 @@ pub fn group_leader(&self) -> &Task { pub fn pid(&self) -> Pid { // SAFETY: The pid of a task never changes after initialization, so reading this field is // not a data race. - unsafe { *ptr::addr_of!((*self.as_ptr()).pid) } + unsafe { *(&raw const (*self.as_ptr()).pid) } } /// Returns the UID of the given task. diff --git a/rust/kernel/workqueue.rs b/rust/kernel/workqueue.rs index 0cd100d2aefb..34e8abb38974 100644 --- a/rust/kernel/workqueue.rs +++ b/rust/kernel/workqueue.rs @@ -401,9 +401,9 @@ pub fn new(name: &'static CStr, key: &'static LockClassKey) -> impl PinInit<Self pub unsafe fn raw_get(ptr: *const Self) -> *mut bindings::work_struct { // SAFETY: The caller promises that the pointer is aligned and not dangling. // - // A pointer cast would also be ok due to `#[repr(transparent)]`. We use `addr_of!` so that - // the compiler does not complain that the `work` field is unused. - unsafe { Opaque::raw_get(core::ptr::addr_of!((*ptr).work)) } + // A pointer cast would also be ok due to `#[repr(transparent)]`. We use `&raw const (*ptr).work` + // so that the compiler does not complain that the `work` field is unused. + unsafe { Opaque::raw_get(&raw const (*ptr).work) } } } @@ -510,7 +510,7 @@ macro_rules! impl_has_work { unsafe fn raw_get_work(ptr: *mut Self) -> *mut $crate::workqueue::Work<$work_type $(, $id)?> { // SAFETY: The caller promises that the pointer is not dangling. unsafe { - ::core::ptr::addr_of_mut!((*ptr).$field) + &raw mut (*ptr).$field } } } -- 2.48.1

6 months, 1 week

2
1
0 0

[PATCH v2 3/3] rust: replace `addr_of[_mut]!` with `&raw [const | mut]`

by Antonio Hickey

Replacing all occurrences of `addr_of!(place)` with `&raw const place`, and all occurrences of `addr_of_mut!(place)` with `&raw mut place`. Utilizing the new feature will allow us to reduce macro complexity, and improve consistency with existing reference syntax as `&raw const`, `&raw mut` is very similar to `&`, `&mut` making it fit more naturally with other existing code than the previously used macros. Suggested-by: Benno Lossin <benno.lossin(a)proton.me> Link: https://github.com/Rust-for-Linux/linux/issues/1148 Signed-off-by: Antonio Hickey <contact(a)antoniohickey.com> --- rust/kernel/block/mq/request.rs | 4 ++-- rust/kernel/faux.rs | 4 ++-- rust/kernel/fs/file.rs | 2 +- rust/kernel/init.rs | 8 ++++---- rust/kernel/init/macros.rs | 28 +++++++++++++------------- rust/kernel/jump_label.rs | 4 ++-- rust/kernel/kunit.rs | 4 ++-- rust/kernel/list.rs | 2 +- rust/kernel/list/impl_list_item_mod.rs | 6 +++--- rust/kernel/net/phy.rs | 4 ++-- rust/kernel/pci.rs | 4 ++-- rust/kernel/platform.rs | 4 +--- rust/kernel/rbtree.rs | 22 ++++++++++---------- rust/kernel/sync/arc.rs | 2 +- rust/kernel/task.rs | 4 ++-- rust/kernel/workqueue.rs | 8 ++++---- 16 files changed, 54 insertions(+), 56 deletions(-) diff --git a/rust/kernel/block/mq/request.rs b/rust/kernel/block/mq/request.rs index 7943f43b9575..4a5b7ec914ef 100644 --- a/rust/kernel/block/mq/request.rs +++ b/rust/kernel/block/mq/request.rs @@ -12,7 +12,7 @@ }; use core::{ marker::PhantomData, - ptr::{addr_of_mut, NonNull}, + ptr::NonNull, sync::atomic::{AtomicU64, Ordering}, }; @@ -187,7 +187,7 @@ pub(crate) fn refcount(&self) -> &AtomicU64 { pub(crate) unsafe fn refcount_ptr(this: *mut Self) -> *mut AtomicU64 { // SAFETY: Because of the safety requirements of this function, the // field projection is safe. - unsafe { addr_of_mut!((*this).refcount) } + unsafe { &raw mut (*this).refcount } } } diff --git a/rust/kernel/faux.rs b/rust/kernel/faux.rs index 5acc0c02d451..52ac554c1119 100644 --- a/rust/kernel/faux.rs +++ b/rust/kernel/faux.rs @@ -7,7 +7,7 @@ //! C header: [`include/linux/device/faux.h`] use crate::{bindings, device, error::code::*, prelude::*}; -use core::ptr::{addr_of_mut, null, null_mut, NonNull}; +use core::ptr::{null, null_mut, NonNull}; /// The registration of a faux device. /// @@ -45,7 +45,7 @@ impl AsRef<device::Device> for Registration { fn as_ref(&self) -> &device::Device { // SAFETY: The underlying `device` in `faux_device` is guaranteed by the C API to be // a valid initialized `device`. - unsafe { device::Device::as_ref(addr_of_mut!((*self.as_raw()).dev)) } + unsafe { device::Device::as_ref((&raw mut (*self.as_raw()).dev)) } } } diff --git a/rust/kernel/fs/file.rs b/rust/kernel/fs/file.rs index ed57e0137cdb..7ee4830b67f3 100644 --- a/rust/kernel/fs/file.rs +++ b/rust/kernel/fs/file.rs @@ -331,7 +331,7 @@ pub fn flags(&self) -> u32 { // SAFETY: The file is valid because the shared reference guarantees a nonzero refcount. // // FIXME(read_once): Replace with `read_once` when available on the Rust side. - unsafe { core::ptr::addr_of!((*self.as_ptr()).f_flags).read_volatile() } + unsafe { (&raw const (*self.as_ptr()).f_flags).read_volatile() } } } diff --git a/rust/kernel/init.rs b/rust/kernel/init.rs index 7fd1ea8265a5..a8fac6558671 100644 --- a/rust/kernel/init.rs +++ b/rust/kernel/init.rs @@ -122,7 +122,7 @@ //! ```rust //! # #![expect(unreachable_pub, clippy::disallowed_names)] //! use kernel::{init, types::Opaque}; -//! use core::{ptr::addr_of_mut, marker::PhantomPinned, pin::Pin}; +//! use core::{marker::PhantomPinned, pin::Pin}; //! # mod bindings { //! # #![expect(non_camel_case_types)] //! # #![expect(clippy::missing_safety_doc)] @@ -159,7 +159,7 @@ //! unsafe { //! init::pin_init_from_closure(move |slot: *mut Self| { //! // `slot` contains uninit memory, avoid creating a reference. -//! let foo = addr_of_mut!((*slot).foo); +//! let foo = &raw mut (*slot).foo; //! //! // Initialize the `foo` //! bindings::init_foo(Opaque::raw_get(foo)); @@ -541,7 +541,7 @@ macro_rules! stack_try_pin_init { /// /// ```rust /// # use kernel::{macros::{Zeroable, pin_data}, pin_init}; -/// # use core::{ptr::addr_of_mut, marker::PhantomPinned}; +/// # use core::marker::PhantomPinned; /// #[pin_data] /// #[derive(Zeroable)] /// struct Buf { @@ -554,7 +554,7 @@ macro_rules! stack_try_pin_init { /// pin_init!(&this in Buf { /// buf: [0; 64], /// // SAFETY: TODO. -/// ptr: unsafe { addr_of_mut!((*this.as_ptr()).buf).cast() }, +/// ptr: unsafe { &raw mut (*this.as_ptr()).buf.cast() }, /// pin: PhantomPinned, /// }); /// pin_init!(Buf { diff --git a/rust/kernel/init/macros.rs b/rust/kernel/init/macros.rs index 1fd146a83241..af525fbb2f01 100644 --- a/rust/kernel/init/macros.rs +++ b/rust/kernel/init/macros.rs @@ -244,25 +244,25 @@ //! struct __InitOk; //! // This is the expansion of `t,`, which is syntactic sugar for `t: t,`. //! { -//! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).t), t) }; +//! unsafe { ::core::ptr::write(&raw mut (*slot).t, t) }; //! } //! // Since initialization could fail later (not in this case, since the //! // error type is `Infallible`) we will need to drop this field if there //! // is an error later. This `DropGuard` will drop the field when it gets //! // dropped and has not yet been forgotten. //! let __t_guard = unsafe { -//! ::pinned_init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).t)) +//! ::pinned_init::__internal::DropGuard::new(&raw mut (*slot).t) //! }; //! // Expansion of `x: 0,`: //! // Since this can be an arbitrary expression we cannot place it inside //! // of the `unsafe` block, so we bind it here. //! { //! let x = 0; -//! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).x), x) }; +//! unsafe { ::core::ptr::write(&raw mut (*slot).x, x) }; //! } //! // We again create a `DropGuard`. //! let __x_guard = unsafe { -//! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).x)) +//! ::kernel::init::__internal::DropGuard::new(&raw mut (*slot).x) //! }; //! // Since initialization has successfully completed, we can now forget //! // the guards. This is not `mem::forget`, since we only have @@ -459,15 +459,15 @@ //! { //! struct __InitOk; //! { -//! unsafe { ::core::ptr::write(::core::addr_of_mut!((*slot).a), a) }; +//! unsafe { ::core::ptr::write(&raw mut (*slot).a, a) }; //! } //! let __a_guard = unsafe { -//! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).a)) +//! ::kernel::init::__internal::DropGuard::new(&raw mut (*slot).a) //! }; //! let init = Bar::new(36); -//! unsafe { data.b(::core::addr_of_mut!((*slot).b), b)? }; +//! unsafe { data.b(&raw mut (*slot).b, b)? }; //! let __b_guard = unsafe { -//! ::kernel::init::__internal::DropGuard::new(::core::addr_of_mut!((*slot).b)) +//! ::kernel::init::__internal::DropGuard::new(&raw mut (*slot).b) //! }; //! ::core::mem::forget(__b_guard); //! ::core::mem::forget(__a_guard); @@ -1210,7 +1210,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} // SAFETY: `slot` is valid, because we are inside of an initializer closure, we // return when an error/panic occurs. // We also use the `data` to require the correct trait (`Init` or `PinInit`) for `$field`. - unsafe { $data.$field(::core::ptr::addr_of_mut!((*$slot).$field), init)? }; + unsafe { $data.$field(&raw mut (*$slot).$field, init)? }; // Create the drop guard: // // We rely on macro hygiene to make it impossible for users to access this local variable. @@ -1218,7 +1218,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} ::kernel::macros::paste! { // SAFETY: We forget the guard later when initialization has succeeded. let [< __ $field _guard >] = unsafe { - $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field)) + $crate::init::__internal::DropGuard::new(&raw mut (*$slot).$field) }; $crate::__init_internal!(init_slot($use_data): @@ -1241,7 +1241,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} // // SAFETY: `slot` is valid, because we are inside of an initializer closure, we // return when an error/panic occurs. - unsafe { $crate::init::Init::__init(init, ::core::ptr::addr_of_mut!((*$slot).$field))? }; + unsafe { $crate::init::Init::__init(init, &raw mut (*$slot).$field)? }; // Create the drop guard: // // We rely on macro hygiene to make it impossible for users to access this local variable. @@ -1249,7 +1249,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} ::kernel::macros::paste! { // SAFETY: We forget the guard later when initialization has succeeded. let [< __ $field _guard >] = unsafe { - $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field)) + $crate::init::__internal::DropGuard::new(&raw mut (*$slot).$field) }; $crate::__init_internal!(init_slot(): @@ -1272,7 +1272,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} // Initialize the field. // // SAFETY: The memory at `slot` is uninitialized. - unsafe { ::core::ptr::write(::core::ptr::addr_of_mut!((*$slot).$field), $field) }; + unsafe { ::core::ptr::write(&raw mut (*$slot).$field, $field) }; } // Create the drop guard: // @@ -1281,7 +1281,7 @@ fn assert_zeroable<T: $crate::init::Zeroable>(_: *mut T) {} ::kernel::macros::paste! { // SAFETY: We forget the guard later when initialization has succeeded. let [< __ $field _guard >] = unsafe { - $crate::init::__internal::DropGuard::new(::core::ptr::addr_of_mut!((*$slot).$field)) + $crate::init::__internal::DropGuard::new(&raw mut (*$slot).$field) }; $crate::__init_internal!(init_slot($($use_data)?): diff --git a/rust/kernel/jump_label.rs b/rust/kernel/jump_label.rs index 4e974c768dbd..ca10abae0eee 100644 --- a/rust/kernel/jump_label.rs +++ b/rust/kernel/jump_label.rs @@ -20,8 +20,8 @@ #[macro_export] macro_rules! static_branch_unlikely { ($key:path, $keytyp:ty, $field:ident) => {{ - let _key: *const $keytyp = ::core::ptr::addr_of!($key); - let _key: *const $crate::bindings::static_key_false = ::core::ptr::addr_of!((*_key).$field); + let _key: *const $keytyp = &raw const $key; + let _key: *const $crate::bindings::static_key_false = &raw const (*_key).$field; let _key: *const $crate::bindings::static_key = _key.cast(); #[cfg(not(CONFIG_JUMP_LABEL))] diff --git a/rust/kernel/kunit.rs b/rust/kernel/kunit.rs index 824da0e9738a..a17ef3b2e860 100644 --- a/rust/kernel/kunit.rs +++ b/rust/kernel/kunit.rs @@ -128,9 +128,9 @@ unsafe impl Sync for UnaryAssert {} unsafe { $crate::bindings::__kunit_do_failed_assertion( kunit_test, - core::ptr::addr_of!(LOCATION.0), + &raw const LOCATION.0, $crate::bindings::kunit_assert_type_KUNIT_ASSERTION, - core::ptr::addr_of!(ASSERTION.0.assert), + &raw const ASSERTION.0.assert, Some($crate::bindings::kunit_unary_assert_format), core::ptr::null(), ); diff --git a/rust/kernel/list.rs b/rust/kernel/list.rs index c0ed227b8a4f..e98f0820f002 100644 --- a/rust/kernel/list.rs +++ b/rust/kernel/list.rs @@ -176,7 +176,7 @@ pub fn new() -> impl PinInit<Self> { #[inline] unsafe fn fields(me: *mut Self) -> *mut ListLinksFields { // SAFETY: The caller promises that the pointer is valid. - unsafe { Opaque::raw_get(ptr::addr_of!((*me).inner)) } + unsafe { Opaque::raw_get(&raw const (*me).inner) } } /// # Safety diff --git a/rust/kernel/list/impl_list_item_mod.rs b/rust/kernel/list/impl_list_item_mod.rs index a0438537cee1..014b6713d59d 100644 --- a/rust/kernel/list/impl_list_item_mod.rs +++ b/rust/kernel/list/impl_list_item_mod.rs @@ -49,7 +49,7 @@ macro_rules! impl_has_list_links { // SAFETY: The implementation of `raw_get_list_links` only compiles if the field has the // right type. // - // The behavior of `raw_get_list_links` is not changed since the `addr_of_mut!` macro is + // The behavior of `raw_get_list_links` is not changed since the `&raw mut` op is // equivalent to the pointer offset operation in the trait definition. unsafe impl$(<$($implarg),*>)? $crate::list::HasListLinks$(<$id>)? for $self $(<$($selfarg),*>)? @@ -61,7 +61,7 @@ unsafe fn raw_get_list_links(ptr: *mut Self) -> *mut $crate::list::ListLinks$(<$ // SAFETY: The caller promises that the pointer is not dangling. We know that this // expression doesn't follow any pointers, as the `offset_of!` invocation above // would otherwise not compile. - unsafe { ::core::ptr::addr_of_mut!((*ptr)$(.$field)*) } + unsafe { &raw mut (*ptr)$(.$field)* } } } )*}; @@ -103,7 +103,7 @@ macro_rules! impl_has_list_links_self_ptr { unsafe fn raw_get_list_links(ptr: *mut Self) -> *mut $crate::list::ListLinks$(<$id>)? { // SAFETY: The caller promises that the pointer is not dangling. let ptr: *mut $crate::list::ListLinksSelfPtr<$item_type $(, $id)?> = - unsafe { ::core::ptr::addr_of_mut!((*ptr).$field) }; + unsafe { &raw mut (*ptr).$field }; ptr.cast() } } diff --git a/rust/kernel/net/phy.rs b/rust/kernel/net/phy.rs index a59469c785e3..757db052cc09 100644 --- a/rust/kernel/net/phy.rs +++ b/rust/kernel/net/phy.rs @@ -7,7 +7,7 @@ //! C headers: [`include/linux/phy.h`](srctree/include/linux/phy.h). use crate::{error::*, prelude::*, types::Opaque}; -use core::{marker::PhantomData, ptr::addr_of_mut}; +use core::marker::PhantomData; pub mod reg; @@ -285,7 +285,7 @@ impl AsRef<kernel::device::Device> for Device { fn as_ref(&self) -> &kernel::device::Device { let phydev = self.0.get(); // SAFETY: The struct invariant ensures that `mdio.dev` is valid. - unsafe { kernel::device::Device::as_ref(addr_of_mut!((*phydev).mdio.dev)) } + unsafe { kernel::device::Device::as_ref(&raw mut (*phydev).mdio.dev) } } } diff --git a/rust/kernel/pci.rs b/rust/kernel/pci.rs index f7b2743828ae..6cb9ed1e7cbf 100644 --- a/rust/kernel/pci.rs +++ b/rust/kernel/pci.rs @@ -17,7 +17,7 @@ types::{ARef, ForeignOwnable, Opaque}, ThisModule, }; -use core::{ops::Deref, ptr::addr_of_mut}; +use core::ops::Deref; use kernel::prelude::*; /// An adapter for the registration of PCI drivers. @@ -60,7 +60,7 @@ extern "C" fn probe_callback( ) -> kernel::ffi::c_int { // SAFETY: The PCI bus only ever calls the probe callback with a valid pointer to a // `struct pci_dev`. - let dev = unsafe { device::Device::get_device(addr_of_mut!((*pdev).dev)) }; + let dev = unsafe { device::Device::get_device(&raw mut (*pdev).dev) }; // SAFETY: `dev` is guaranteed to be embedded in a valid `struct pci_dev` by the call // above. let mut pdev = unsafe { Device::from_dev(dev) }; diff --git a/rust/kernel/platform.rs b/rust/kernel/platform.rs index 1297f5292ba9..344875ad7b82 100644 --- a/rust/kernel/platform.rs +++ b/rust/kernel/platform.rs @@ -14,8 +14,6 @@ ThisModule, }; -use core::ptr::addr_of_mut; - /// An adapter for the registration of platform drivers. pub struct Adapter<T: Driver>(T); @@ -55,7 +53,7 @@ unsafe fn unregister(pdrv: &Opaque<Self::RegType>) { impl<T: Driver + 'static> Adapter<T> { extern "C" fn probe_callback(pdev: *mut bindings::platform_device) -> kernel::ffi::c_int { // SAFETY: The platform bus only ever calls the probe callback with a valid `pdev`. - let dev = unsafe { device::Device::get_device(addr_of_mut!((*pdev).dev)) }; + let dev = unsafe { device::Device::get_device(&raw mut (*pdev).dev) }; // SAFETY: `dev` is guaranteed to be embedded in a valid `struct platform_device` by the // call above. let mut pdev = unsafe { Device::from_dev(dev) }; diff --git a/rust/kernel/rbtree.rs b/rust/kernel/rbtree.rs index 1ea25c7092fb..b0ad35663cb0 100644 --- a/rust/kernel/rbtree.rs +++ b/rust/kernel/rbtree.rs @@ -11,7 +11,7 @@ cmp::{Ord, Ordering}, marker::PhantomData, mem::MaybeUninit, - ptr::{addr_of_mut, from_mut, NonNull}, + ptr::{from_mut, NonNull}, }; /// A red-black tree with owned nodes. @@ -238,7 +238,7 @@ pub fn values_mut(&mut self) -> impl Iterator<Item = &'_ mut V> { /// Returns a cursor over the tree nodes, starting with the smallest key. pub fn cursor_front(&mut self) -> Option<Cursor<'_, K, V>> { - let root = addr_of_mut!(self.root); + let root = &raw mut self.root; // SAFETY: `self.root` is always a valid root node let current = unsafe { bindings::rb_first(root) }; NonNull::new(current).map(|current| { @@ -253,7 +253,7 @@ pub fn cursor_front(&mut self) -> Option<Cursor<'_, K, V>> { /// Returns a cursor over the tree nodes, starting with the largest key. pub fn cursor_back(&mut self) -> Option<Cursor<'_, K, V>> { - let root = addr_of_mut!(self.root); + let root = &raw mut self.root; // SAFETY: `self.root` is always a valid root node let current = unsafe { bindings::rb_last(root) }; NonNull::new(current).map(|current| { @@ -459,7 +459,7 @@ pub fn cursor_lower_bound(&mut self, key: &K) -> Option<Cursor<'_, K, V>> let best = best_match?; // SAFETY: `best` is a non-null node so it is valid by the type invariants. - let links = unsafe { addr_of_mut!((*best.as_ptr()).links) }; + let links = unsafe { &raw mut (*best.as_ptr()).links }; NonNull::new(links).map(|current| { // INVARIANT: @@ -767,7 +767,7 @@ pub fn remove_current(self) -> (Option<Self>, RBTreeNode<K, V>) { let node = RBTreeNode { node }; // SAFETY: The reference to the tree used to create the cursor outlives the cursor, so // the tree cannot change. By the tree invariant, all nodes are valid. - unsafe { bindings::rb_erase(&mut (*this).links, addr_of_mut!(self.tree.root)) }; + unsafe { bindings::rb_erase(&mut (*this).links, &raw mut self.tree.root) }; let current = match (prev, next) { (_, Some(next)) => next, @@ -803,7 +803,7 @@ fn remove_neighbor(&mut self, direction: Direction) -> Option<RBTreeNode<K, V>> let neighbor = neighbor.as_ptr(); // SAFETY: The reference to the tree used to create the cursor outlives the cursor, so // the tree cannot change. By the tree invariant, all nodes are valid. - unsafe { bindings::rb_erase(neighbor, addr_of_mut!(self.tree.root)) }; + unsafe { bindings::rb_erase(neighbor, &raw mut self.tree.root) }; // SAFETY: By the type invariant of `Self`, all non-null `rb_node` pointers stored in `self` // point to the links field of `Node<K, V>` objects. let this = unsafe { container_of!(neighbor, Node<K, V>, links) }.cast_mut(); @@ -918,7 +918,7 @@ unsafe fn to_key_value_raw<'b>(node: NonNull<bindings::rb_node>) -> (&'b K, *mut let k = unsafe { &(*this).key }; // SAFETY: The passed `node` is the current node or a non-null neighbor, // thus `this` is valid by the type invariants. - let v = unsafe { addr_of_mut!((*this).value) }; + let v = unsafe { &raw mut (*this).value }; (k, v) } } @@ -1027,7 +1027,7 @@ fn next(&mut self) -> Option<Self::Item> { self.next = unsafe { bindings::rb_next(self.next) }; // SAFETY: By the same reasoning above, it is safe to dereference the node. - Some(unsafe { (addr_of_mut!((*cur).key), addr_of_mut!((*cur).value)) }) + Some(unsafe { (&raw mut (*cur).key, &raw mut (*cur).value) }) } } @@ -1170,7 +1170,7 @@ fn insert(self, node: RBTreeNode<K, V>) -> &'a mut V { // SAFETY: `node` is valid at least until we call `Box::from_raw`, which only happens when // the node is removed or replaced. - let node_links = unsafe { addr_of_mut!((*node).links) }; + let node_links = unsafe { &raw mut (*node).links }; // INVARIANT: We are linking in a new node, which is valid. It remains valid because we // "forgot" it with `Box::into_raw`. @@ -1178,7 +1178,7 @@ fn insert(self, node: RBTreeNode<K, V>) -> &'a mut V { unsafe { bindings::rb_link_node(node_links, self.parent, self.child_field_of_parent) }; // SAFETY: All pointers are valid. `node` has just been inserted into the tree. - unsafe { bindings::rb_insert_color(node_links, addr_of_mut!((*self.rbtree).root)) }; + unsafe { bindings::rb_insert_color(node_links, &raw mut (*self.rbtree).root) }; // SAFETY: The node is valid until we remove it from the tree. unsafe { &mut (*node).value } @@ -1261,7 +1261,7 @@ fn replace(self, node: RBTreeNode<K, V>) -> RBTreeNode<K, V> { // SAFETY: `node` is valid at least until we call `Box::from_raw`, which only happens when // the node is removed or replaced. - let new_node_links = unsafe { addr_of_mut!((*node).links) }; + let new_node_links = unsafe { &raw mut (*node).links }; // SAFETY: This updates the pointers so that `new_node_links` is in the tree where // `self.node_links` used to be. diff --git a/rust/kernel/sync/arc.rs b/rust/kernel/sync/arc.rs index 3cefda7a4372..81d8b0f84957 100644 --- a/rust/kernel/sync/arc.rs +++ b/rust/kernel/sync/arc.rs @@ -243,7 +243,7 @@ pub fn into_raw(self) -> *const T { let ptr = self.ptr.as_ptr(); core::mem::forget(self); // SAFETY: The pointer is valid. - unsafe { core::ptr::addr_of!((*ptr).data) } + unsafe { &raw const (*ptr).data } } /// Recreates an [`Arc`] instance previously deconstructed via [`Arc::into_raw`]. diff --git a/rust/kernel/task.rs b/rust/kernel/task.rs index 49012e711942..b2ac768eed23 100644 --- a/rust/kernel/task.rs +++ b/rust/kernel/task.rs @@ -257,7 +257,7 @@ pub fn as_ptr(&self) -> *mut bindings::task_struct { pub fn group_leader(&self) -> &Task { // SAFETY: The group leader of a task never changes after initialization, so reading this // field is not a data race. - let ptr = unsafe { *ptr::addr_of!((*self.as_ptr()).group_leader) }; + let ptr = unsafe { *(&raw const (*self.as_ptr()).group_leader) }; // SAFETY: The lifetime of the returned task reference is tied to the lifetime of `self`, // and given that a task has a reference to its group leader, we know it must be valid for @@ -269,7 +269,7 @@ pub fn group_leader(&self) -> &Task { pub fn pid(&self) -> Pid { // SAFETY: The pid of a task never changes after initialization, so reading this field is // not a data race. - unsafe { *ptr::addr_of!((*self.as_ptr()).pid) } + unsafe { *(&raw const (*self.as_ptr()).pid) } } /// Returns the UID of the given task. diff --git a/rust/kernel/workqueue.rs b/rust/kernel/workqueue.rs index 0cd100d2aefb..34e8abb38974 100644 --- a/rust/kernel/workqueue.rs +++ b/rust/kernel/workqueue.rs @@ -401,9 +401,9 @@ pub fn new(name: &'static CStr, key: &'static LockClassKey) -> impl PinInit<Self pub unsafe fn raw_get(ptr: *const Self) -> *mut bindings::work_struct { // SAFETY: The caller promises that the pointer is aligned and not dangling. // - // A pointer cast would also be ok due to `#[repr(transparent)]`. We use `addr_of!` so that - // the compiler does not complain that the `work` field is unused. - unsafe { Opaque::raw_get(core::ptr::addr_of!((*ptr).work)) } + // A pointer cast would also be ok due to `#[repr(transparent)]`. We use `&raw const (*ptr).work` + // so that the compiler does not complain that the `work` field is unused. + unsafe { Opaque::raw_get(&raw const (*ptr).work) } } } @@ -510,7 +510,7 @@ macro_rules! impl_has_work { unsafe fn raw_get_work(ptr: *mut Self) -> *mut $crate::workqueue::Work<$work_type $(, $id)?> { // SAFETY: The caller promises that the pointer is not dangling. unsafe { - ::core::ptr::addr_of_mut!((*ptr).$field) + &raw mut (*ptr).$field } } } -- 2.48.1

6 months, 1 week

1
0
0 0

[RFC PATCH v1 0/2] mseal: allow noop mprotect

by jeffxu＠chromium.org

From: Jeff Xu <jeffxu(a)chromium.org> Initially, when mseal was introduced in 6.10, semantically, when a VMA within the specified address range is sealed, the mprotect will be rejected, leaving all of VMA unmodified. However, adding an extra loop to check the mseal flag for every VMA slows things down a bit, therefore in 6.12, this issue was solved by removing can_modify_mm and checking each VMA’s mseal flag directly without an extra loop [1]. This is a semantic change, i.e. partial update is allowed, VMAs can be updated until a sealed VMA is found. The new semantic also means, we could allow mprotect on a sealed VMA if the new attribute of VMA remains the same as the old one. Relaxing this avoids unnecessary impacts for applications that want to seal a particular mapping. Doing this also has no security impact. The mseal_test is also modified by this patch to adapt to the new semantic. Please note, mseal_test is currently undergoing refactoring, and eventually will be replaced with a new memory sealing selftest. In this patch, I only make a minimum change to make it pass. I considered adding a new testcase in mseal_test to cover this new behavior, however, the existing mseal_test is using wrong patterns and won’t pass the review. Such a new test is better to be added in the new refactored memory sealing tests. The refactoring is currently pending review [2]. [1] https://lore.kernel.org/all/20240817-mseal-depessimize-v3-0-d8d2e037df30@gm… [2] https://lore.kernel.org/all/20241211053311.245636-1-jeffxu@google.com/ Jeff Xu (2): selftests/mm: mseal_test: avoid using no-op mprotect mseal: allow noop mprotect mm/mprotect.c | 6 +++--- tools/testing/selftests/mm/mseal_test.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) -- 2.49.0.rc0.332.g42c0ae87b1-goog

6 months, 1 week

5
10
0 0

[PATCH] selftests/bpf: Fix sockopt selftest failure on powerpc

by Saket Kumar Bhaskar

The SO_RCVLOWAT option is defined as 18 in the selftest header, which matches the generic definition. However, on powerpc, SO_RCVLOWAT is defined as 16. This discrepancy causes sol_socket_sockopt() to fail with the default switch case on powerpc. This commit fixes by defining SO_RCVLOWAT as 16 for powerpc. Signed-off-by: Saket Kumar Bhaskar <skb99(a)linux.ibm.com> --- tools/testing/selftests/bpf/progs/bpf_tracing_net.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h index 59843b430f76..bcd44d5018bf 100644 --- a/tools/testing/selftests/bpf/progs/bpf_tracing_net.h +++ b/tools/testing/selftests/bpf/progs/bpf_tracing_net.h @@ -15,7 +15,11 @@ #define SO_KEEPALIVE 9 #define SO_PRIORITY 12 #define SO_REUSEPORT 15 +#if defined(__TARGET_ARCH_powerpc) +#define SO_RCVLOWAT 16 +#else #define SO_RCVLOWAT 18 +#endif #define SO_BINDTODEVICE 25 #define SO_MARK 36 #define SO_MAX_PACING_RATE 47 -- 2.43.5

6 months, 1 week

3
2
0 0

Error during --arch x86_64 kunit test run

by Shuah Khan

David, Brendan, Rae, I am seeing the following error when I run ./tools/testing/kunit/kunit.py run --arch x86_64 ERROR:root:ld:arch/x86/realmode/rm/realmode.lds:236: undefined symbol `sev_es_trampoline_start' referenced in expression I isolated it to dependency on CONFIG_AMD_MEM_ENCRYPT I added the option using --kconfig_add ./tools/testing/kunit/kunit.py run --arch x86_64 --kconfig_add CONFIG_AMD_MEM_ENCRYPT=y I see the following RROR:root:Not all Kconfig options selected in kunitconfig were in the generated .config. This is probably due to unsatisfied dependencies. Missing: CONFIG_AMD_MEM_ENCRYPT=y Is there a better way to fix the dependencies? Does kunit default config need changing for x86_64? thanks, -- Shuah

6 months, 1 week

2
4
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-kselftest-mirror