Merge tag 'rust-6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ojeda/linux

Pull Rust updates from Miguel Ojeda: "Toolchain and infrastructure: - Extract the 'pin-init' API from the 'kernel' crate and make it into a standalone crate. In order to do this, the contents are rearranged so that they can easily be kept in sync with the version maintained out-of-tree that other projects have started to use too (or plan to, like QEMU). This will reduce the maintenance burden for Benno, who will now have his own sub-tree, and will simplify future expected changes like the move to use 'syn' to simplify the implementation. - Add '#[test]'-like support based on KUnit. We already had doctests support based on KUnit, which takes the examples in our Rust documentation and runs them under KUnit. Now, we are adding the beginning of the support for "normal" tests, similar to those the '#[test]' tests in userspace Rust. For instance: #[kunit_tests(my_suite)] mod tests { #[test] fn my_test() { assert_eq!(1 + 1, 2); } } Unlike with doctests, the 'assert*!'s do not map to the KUnit assertion APIs yet. - Check Rust signatures at compile time for functions called from C by name. In particular, introduce a new '#[export]' macro that can be placed in the Rust function definition. It will ensure that the function declaration on the C side matches the signature on the Rust function: #[export] pub unsafe extern "C" fn my_function(a: u8, b: i32) -> usize { // ... } The macro essentially forces the compiler to compare the types of the actual Rust function and the 'bindgen'-processed C signature. These cases are rare so far. In the future, we may consider introducing another tool, 'cbindgen', to generate C headers automatically. Even then, having these functions explicitly marked may be a good idea anyway. - Enable the 'raw_ref_op' Rust feature: it is already stable, and allows us to use the new '&raw' syntax, avoiding a couple macros. After everyone has migrated, we will disallow the macros. - Pass the correct target to 'bindgen' on Usermode Linux. - Fix 'rusttest' build in macOS. 'kernel' crate: - New 'hrtimer' module: add support for setting up intrusive timers without allocating when starting the timer. Add support for 'Pin<Box<_>>', 'Arc<_>', 'Pin<&_>' and 'Pin<&mut _>' as pointer types for use with timer callbacks. Add support for setting clock source and timer mode. - New 'dma' module: add a simple DMA coherent allocator abstraction and a test sample driver. - 'list' module: make the linked list 'Cursor' point between elements, rather than at an element, which is more convenient to us and allows for cursors to empty lists; and document it with examples of how to perform common operations with the provided methods. - 'str' module: implement a few traits for 'BStr' as well as the 'strip_prefix()' method. - 'sync' module: add 'Arc::as_ptr'. - 'alloc' module: add 'Box::into_pin'. - 'error' module: extend the 'Result' documentation, including a few examples on different ways of handling errors, a warning about using methods that may panic, and links to external documentation. 'macros' crate: - 'module' macro: add the 'authors' key to support multiple authors. The original key will be kept until everyone has migrated. Documentation: - Add error handling sections. MAINTAINERS: - Add Danilo Krummrich as reviewer of the Rust "subsystem". - Add 'RUST [PIN-INIT]' entry with Benno Lossin as maintainer. It has its own sub-tree. - Add sub-tree for 'RUST [ALLOC]'. - Add 'DMA MAPPING HELPERS DEVICE DRIVER API [RUST]' entry with Abdiel Janulgue as primary maintainer. It will go through the sub-tree of the 'RUST [ALLOC]' entry. - Add 'HIGH-RESOLUTION TIMERS [RUST]' entry with Andreas Hindborg as maintainer. It has its own sub-tree. And a few other cleanups and improvements" * tag 'rust-6.15' of git://git.kernel.org/pub/scm/linux/kernel/git/ojeda/linux: (71 commits) rust: dma: add `Send` implementation for `CoherentAllocation` rust: macros: fix `make rusttest` build on macOS rust: block: refactor to use `&raw mut` rust: enable `raw_ref_op` feature rust: uaccess: name the correct function rust: rbtree: fix comments referring to Box instead of KBox rust: hrtimer: add maintainer entry rust: hrtimer: add clocksource selection through `ClockId` rust: hrtimer: add `HrTimerMode` rust: hrtimer: implement `HrTimerPointer` for `Pin<Box<T>>` rust: alloc: add `Box::into_pin` rust: hrtimer: implement `UnsafeHrTimerPointer` for `Pin<&mut T>` rust: hrtimer: implement `UnsafeHrTimerPointer` for `Pin<&T>` rust: hrtimer: add `hrtimer::ScopedHrTimerPointer` rust: hrtimer: add `UnsafeHrTimerPointer` rust: hrtimer: allow timer restart from timer handler rust: str: implement `strip_prefix` for `BStr` rust: str: implement `AsRef<BStr>` for `[u8]` and `BStr` rust: str: implement `Index` for `BStr` rust: str: implement `PartialEq` for `BStr` ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2025-03-30 17:03:26 -0700
committer: Linus Torvalds <torvalds@linux-foundation.org> 2025-03-30 17:03:26 -0700
commit: 4e82c87058f45e79eeaa4d5bcc3b38dd3dce7209 (patch)
tree: 122868ae62bfff4d0ed9f13c853c1c9690dbe0f3 /rust/kernel/init/__internal.rs
parent: 01d5b167dc230cf3b6eb9dd7205f6a705026d1ce (diff)
parent: e6ea10d5dbe082c54add289b44f08c9fcfe658af (diff)
1 files changed, 0 insertions, 264 deletions
diff --git a/rust/kernel/init/__internal.rs b/rust/kernel/init/__internal.rs
deleted file mode 100644
index 74329cc3262c..000000000000
--- a/rust/kernel/init/__internal.rs
+++ /dev/null
@@ -1,264 +0,0 @@
-// SPDX-License-Identifier: Apache-2.0 OR MIT
-
-//! This module contains API-internal items for pin-init.
-//!
-//! These items must not be used outside of
-//! - `kernel/init.rs`
-//! - `macros/pin_data.rs`
-//! - `macros/pinned_drop.rs`
-
-use super::*;
-
-/// See the [nomicon] for what subtyping is. See also [this table].
-///
-/// [nomicon]: https://doc.rust-lang.org/nomicon/subtyping.html
-/// [this table]: https://doc.rust-lang.org/nomicon/phantom-data.html#table-of-phantomdata-patterns
-pub(super) type Invariant<T> = PhantomData<fn(*mut T) -> *mut T>;
-
-/// Module-internal type implementing `PinInit` and `Init`.
-///
-/// It is unsafe to create this type, since the closure needs to fulfill the same safety
-/// requirement as the `__pinned_init`/`__init` functions.
-pub(crate) struct InitClosure<F, T: ?Sized, E>(pub(crate) F, pub(crate) Invariant<(E, T)>);
-
-// SAFETY: While constructing the `InitClosure`, the user promised that it upholds the
-// `__init` invariants.
-unsafe impl<T: ?Sized, F, E> Init<T, E> for InitClosure<F, T, E>
-where
-    F: FnOnce(*mut T) -> Result<(), E>,
-{
-    #[inline]
-    unsafe fn __init(self, slot: *mut T) -> Result<(), E> {
-        (self.0)(slot)
-    }
-}
-
-// SAFETY: While constructing the `InitClosure`, the user promised that it upholds the
-// `__pinned_init` invariants.
-unsafe impl<T: ?Sized, F, E> PinInit<T, E> for InitClosure<F, T, E>
-where
-    F: FnOnce(*mut T) -> Result<(), E>,
-{
-    #[inline]
-    unsafe fn __pinned_init(self, slot: *mut T) -> Result<(), E> {
-        (self.0)(slot)
-    }
-}
-
-/// This trait is only implemented via the `#[pin_data]` proc-macro. It is used to facilitate
-/// the pin projections within the initializers.
-///
-/// # Safety
-///
-/// Only the `init` module is allowed to use this trait.
-pub unsafe trait HasPinData {
-    type PinData: PinData;
-
-    #[expect(clippy::missing_safety_doc)]
-    unsafe fn __pin_data() -> Self::PinData;
-}
-
-/// Marker trait for pinning data of structs.
-///
-/// # Safety
-///
-/// Only the `init` module is allowed to use this trait.
-pub unsafe trait PinData: Copy {
-    type Datee: ?Sized + HasPinData;
-
-    /// Type inference helper function.
-    fn make_closure<F, O, E>(self, f: F) -> F
-    where
-        F: FnOnce(*mut Self::Datee) -> Result<O, E>,
-    {
-        f
-    }
-}
-
-/// This trait is automatically implemented for every type. It aims to provide the same type
-/// inference help as `HasPinData`.
-///
-/// # Safety
-///
-/// Only the `init` module is allowed to use this trait.
-pub unsafe trait HasInitData {
-    type InitData: InitData;
-
-    #[expect(clippy::missing_safety_doc)]
-    unsafe fn __init_data() -> Self::InitData;
-}
-
-/// Same function as `PinData`, but for arbitrary data.
-///
-/// # Safety
-///
-/// Only the `init` module is allowed to use this trait.
-pub unsafe trait InitData: Copy {
-    type Datee: ?Sized + HasInitData;
-
-    /// Type inference helper function.
-    fn make_closure<F, O, E>(self, f: F) -> F
-    where
-        F: FnOnce(*mut Self::Datee) -> Result<O, E>,
-    {
-        f
-    }
-}
-
-pub struct AllData<T: ?Sized>(PhantomData<fn(KBox<T>) -> KBox<T>>);
-
-impl<T: ?Sized> Clone for AllData<T> {
-    fn clone(&self) -> Self {
-        *self
-    }
-}
-
-impl<T: ?Sized> Copy for AllData<T> {}
-
-// SAFETY: TODO.
-unsafe impl<T: ?Sized> InitData for AllData<T> {
-    type Datee = T;
-}
-
-// SAFETY: TODO.
-unsafe impl<T: ?Sized> HasInitData for T {
-    type InitData = AllData<T>;
-
-    unsafe fn __init_data() -> Self::InitData {
-        AllData(PhantomData)
-    }
-}
-
-/// Stack initializer helper type. Use [`stack_pin_init`] instead of this primitive.
-///
-/// # Invariants
-///
-/// If `self.is_init` is true, then `self.value` is initialized.
-///
-/// [`stack_pin_init`]: kernel::stack_pin_init
-pub struct StackInit<T> {
-    value: MaybeUninit<T>,
-    is_init: bool,
-}
-
-impl<T> Drop for StackInit<T> {
-    #[inline]
-    fn drop(&mut self) {
-        if self.is_init {
-            // SAFETY: As we are being dropped, we only call this once. And since `self.is_init` is
-            // true, `self.value` is initialized.
-            unsafe { self.value.assume_init_drop() };
-        }
-    }
-}
-
-impl<T> StackInit<T> {
-    /// Creates a new [`StackInit<T>`] that is uninitialized. Use [`stack_pin_init`] instead of this
-    /// primitive.
-    ///
-    /// [`stack_pin_init`]: kernel::stack_pin_init
-    #[inline]
-    pub fn uninit() -> Self {
-        Self {
-            value: MaybeUninit::uninit(),
-            is_init: false,
-        }
-    }
-
-    /// Initializes the contents and returns the result.
-    #[inline]
-    pub fn init<E>(self: Pin<&mut Self>, init: impl PinInit<T, E>) -> Result<Pin<&mut T>, E> {
-        // SAFETY: We never move out of `this`.
-        let this = unsafe { Pin::into_inner_unchecked(self) };
-        // The value is currently initialized, so it needs to be dropped before we can reuse
-        // the memory (this is a safety guarantee of `Pin`).
-        if this.is_init {
-            this.is_init = false;
-            // SAFETY: `this.is_init` was true and therefore `this.value` is initialized.
-            unsafe { this.value.assume_init_drop() };
-        }
-        // SAFETY: The memory slot is valid and this type ensures that it will stay pinned.
-        unsafe { init.__pinned_init(this.value.as_mut_ptr())? };
-        // INVARIANT: `this.value` is initialized above.
-        this.is_init = true;
-        // SAFETY: The slot is now pinned, since we will never give access to `&mut T`.
-        Ok(unsafe { Pin::new_unchecked(this.value.assume_init_mut()) })
-    }
-}
-
-/// When a value of this type is dropped, it drops a `T`.
-///
-/// Can be forgotten to prevent the drop.
-pub struct DropGuard<T: ?Sized> {
-    ptr: *mut T,
-}
-
-impl<T: ?Sized> DropGuard<T> {
-    /// Creates a new [`DropGuard<T>`]. It will [`ptr::drop_in_place`] `ptr` when it gets dropped.
-    ///
-    /// # Safety
-    ///
-    /// `ptr` must be a valid pointer.
-    ///
-    /// It is the callers responsibility that `self` will only get dropped if the pointee of `ptr`:
-    /// - has not been dropped,
-    /// - is not accessible by any other means,
-    /// - will not be dropped by any other means.
-    #[inline]
-    pub unsafe fn new(ptr: *mut T) -> Self {
-        Self { ptr }
-    }
-}
-
-impl<T: ?Sized> Drop for DropGuard<T> {
-    #[inline]
-    fn drop(&mut self) {
-        // SAFETY: A `DropGuard` can only be constructed using the unsafe `new` function
-        // ensuring that this operation is safe.
-        unsafe { ptr::drop_in_place(self.ptr) }
-    }
-}
-
-/// Token used by `PinnedDrop` to prevent calling the function without creating this unsafely
-/// created struct. This is needed, because the `drop` function is safe, but should not be called
-/// manually.
-pub struct OnlyCallFromDrop(());
-
-impl OnlyCallFromDrop {
-    /// # Safety
-    ///
-    /// This function should only be called from the [`Drop::drop`] function and only be used to
-    /// delegate the destruction to the pinned destructor [`PinnedDrop::drop`] of the same type.
-    pub unsafe fn new() -> Self {
-        Self(())
-    }
-}
-
-/// Initializer that always fails.
-///
-/// Used by [`assert_pinned!`].
-///
-/// [`assert_pinned!`]: crate::assert_pinned
-pub struct AlwaysFail<T: ?Sized> {
-    _t: PhantomData<T>,
-}
-
-impl<T: ?Sized> AlwaysFail<T> {
-    /// Creates a new initializer that always fails.
-    pub fn new() -> Self {
-        Self { _t: PhantomData }
-    }
-}
-
-impl<T: ?Sized> Default for AlwaysFail<T> {
-    fn default() -> Self {
-        Self::new()
-    }
-}
-
-// SAFETY: `__pinned_init` always fails, which is always okay.
-unsafe impl<T: ?Sized> PinInit<T, ()> for AlwaysFail<T> {
-    unsafe fn __pinned_init(self, _slot: *mut T) -> Result<(), ()> {
-        Err(())
-    }
-}
author	Linus Torvalds <torvalds@linux-foundation.org>	2025-03-30 17:03:26 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	2025-03-30 17:03:26 -0700
commit	4e82c87058f45e79eeaa4d5bcc3b38dd3dce7209 (patch)
tree	122868ae62bfff4d0ed9f13c853c1c9690dbe0f3 /rust/kernel/init/__internal.rs
parent	01d5b167dc230cf3b6eb9dd7205f6a705026d1ce (diff)
parent	e6ea10d5dbe082c54add289b44f08c9fcfe658af (diff)