github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-31 18:43:33 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

Merge patch series "rust: file: mark LocalFile as repr(transparent)"

Browse Source 
Mark files as repr(transparent) to ensure identical layout between C and Rust.

* patches from https://lore.kernel.org/20250527204636.12573-1-pekkarr@protonmail.com:
  rust: file: improve safety comments
  rust: file: mark `LocalFile` as `repr(transparent)`

Link: https://lore.kernel.org/20250527204636.12573-1-pekkarr@protonmail.com
Signed-off-by: Christian Brauner <brauner@kernel.org>
This commit is contained in:
Christian Brauner 2025-05-30 07:12:08 +02:00
commit 21fae34a27
No known key found for this signature in database
GPG Key ID: 91C61BC06578DCA2
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
rust/kernel/fs/file.rs
View File

@ -219,12 +219,13 @@ unsafe fn dec_ref(obj: ptr::NonNull<File>) {
/// must be on the same thread as this file.
///
/// [`assume_no_fdget_pos`]: LocalFile::assume_no_fdget_pos
#[repr(transparent)]
pub struct LocalFile {
inner: Opaque<bindings::file>,
}
// SAFETY: The type invariants guarantee that `LocalFile` is always ref-counted. This implementation
// makes `ARef<File>` own a normal refcount.
// makes `ARef<LocalFile>` own a normal refcount.
unsafe impl AlwaysRefCounted for LocalFile {
#[inline]
fn inc_ref(&self) {
@ -235,7 +236,8 @@ fn inc_ref(&self) {
#[inline]
unsafe fn dec_ref(obj: ptr::NonNull<LocalFile>) {
// SAFETY: To call this method, the caller passes us ownership of a normal refcount, so we
// may drop it. The cast is okay since `File` has the same representation as `struct file`.
// may drop it. The cast is okay since `LocalFile` has the same representation as
// `struct file`.
unsafe { bindings::fput(obj.cast().as_ptr()) }
}
}
@ -273,7 +275,7 @@ pub fn fget(fd: u32) -> Result<ARef<LocalFile>, BadFdError> {
#[inline]
pub unsafe fn from_raw_file<'a>(ptr: *const bindings::file) -> &'a LocalFile {
// SAFETY: The caller guarantees that the pointer is not dangling and stays valid for the
// duration of 'a. The cast is okay because `File` is `repr(transparent)`.
// duration of `'a`. The cast is okay because `LocalFile` is `repr(transparent)`.
//
// INVARIANT: The caller guarantees that there are no problematic `fdget_pos` calls.
unsafe { &*ptr.cast() }
@ -347,7 +349,7 @@ impl File {
#[inline]
pub unsafe fn from_raw_file<'a>(ptr: *const bindings::file) -> &'a File {
// SAFETY: The caller guarantees that the pointer is not dangling and stays valid for the
// duration of 'a. The cast is okay because `File` is `repr(transparent)`.
// duration of `'a`. The cast is okay because `File` is `repr(transparent)`.
//
// INVARIANT: The caller guarantees that there are no problematic `fdget_pos` calls.
unsafe { &*ptr.cast() }