| Message ID | 20241219170425.12036-5-dakr@kernel.org (mailing list archive) |
|---|---|
| State | Handled Elsewhere |
| Delegated to: | Bjorn Helgaas |
| Headers | show |
| Series | Device / Driver PCI / Platform Rust abstractions | expand |
On Thu, 19 Dec 2024 18:04:06 +0100 Danilo Krummrich <dakr@kernel.org> wrote: > From: Wedson Almeida Filho <wedsonaf@gmail.com> > > Add a simple abstraction to guard critical code sections with an rcu > read lock. > > Reviewed-by: Boqun Feng <boqun.feng@gmail.com> > Signed-off-by: Wedson Almeida Filho <wedsonaf@gmail.com> > Co-developed-by: Danilo Krummrich <dakr@kernel.org> > Signed-off-by: Danilo Krummrich <dakr@kernel.org> > --- > MAINTAINERS | 1 + > rust/helpers/helpers.c | 1 + > rust/helpers/rcu.c | 13 ++++++++++++ > rust/kernel/sync.rs | 1 + > rust/kernel/sync/rcu.rs | 47 +++++++++++++++++++++++++++++++++++++++++ > 5 files changed, 63 insertions(+) > create mode 100644 rust/helpers/rcu.c > create mode 100644 rust/kernel/sync/rcu.rs [resend to the list] > > diff --git a/MAINTAINERS b/MAINTAINERS > index 3cfb68650347..0cc69e282889 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -19690,6 +19690,7 @@ T: git git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git dev > F: Documentation/RCU/ > F: include/linux/rcu* > F: kernel/rcu/ > +F: rust/kernel/sync/rcu.rs > X: Documentation/RCU/torture.rst > X: include/linux/srcu*.h > X: kernel/rcu/srcu*.c > diff --git a/rust/helpers/helpers.c b/rust/helpers/helpers.c > index dcf827a61b52..060750af6524 100644 > --- a/rust/helpers/helpers.c > +++ b/rust/helpers/helpers.c > @@ -20,6 +20,7 @@ > #include "page.c" > #include "pid_namespace.c" > #include "rbtree.c" > +#include "rcu.c" > #include "refcount.c" > #include "security.c" > #include "signal.c" > diff --git a/rust/helpers/rcu.c b/rust/helpers/rcu.c > new file mode 100644 > index 000000000000..f1cec6583513 > --- /dev/null > +++ b/rust/helpers/rcu.c > @@ -0,0 +1,13 @@ > +// SPDX-License-Identifier: GPL-2.0 > + > +#include <linux/rcupdate.h> > + > +void rust_helper_rcu_read_lock(void) > +{ > + rcu_read_lock(); > +} > + > +void rust_helper_rcu_read_unlock(void) > +{ > + rcu_read_unlock(); > +} > diff --git a/rust/kernel/sync.rs b/rust/kernel/sync.rs > index 1eab7ebf25fd..0654008198b2 100644 > --- a/rust/kernel/sync.rs > +++ b/rust/kernel/sync.rs > @@ -12,6 +12,7 @@ > pub mod lock; > mod locked_by; > pub mod poll; > +pub mod rcu; > > pub use arc::{Arc, ArcBorrow, UniqueArc}; > pub use condvar::{new_condvar, CondVar, CondVarTimeoutResult}; > diff --git a/rust/kernel/sync/rcu.rs b/rust/kernel/sync/rcu.rs > new file mode 100644 > index 000000000000..b51d9150ffe2 > --- /dev/null > +++ b/rust/kernel/sync/rcu.rs > @@ -0,0 +1,47 @@ > +// SPDX-License-Identifier: GPL-2.0 > + > +//! RCU support. > +//! > +//! C header: [`include/linux/rcupdate.h`](srctree/include/linux/rcupdate.h) > + > +use crate::{bindings, types::NotThreadSafe}; > + > +/// Evidence that the RCU read side lock is held on the current thread/CPU. > +/// > +/// The type is explicitly not `Send` because this property is per-thread/CPU. > +/// > +/// # Invariants > +/// > +/// The RCU read side lock is actually held while instances of this guard exist. > +pub struct Guard(NotThreadSafe); > + > +impl Guard { > + /// Acquires the RCU read side lock and returns a guard. > + pub fn new() -> Self { > + // SAFETY: An FFI call with no additional requirements. > + unsafe { bindings::rcu_read_lock() }; > + // INVARIANT: The RCU read side lock was just acquired above. > + Self(NotThreadSafe) > + } > + > + /// Explicitly releases the RCU read side lock. > + pub fn unlock(self) {} I don't think there's need for this, `drop(rcu_guard)` is equally clear. There was a debate in Rust community about explicit lock methods, but the conclusion was to not have it, see https://github.com/rust-lang/rust/issues/81872. > +} > + > +impl Default for Guard { > + fn default() -> Self { > + Self::new() > + } > +} I don't think anyone would like to implicit acquire an RCU guard! I believe you included this because clippy is yelling, but in this case you shouldn't listen to clippy. Either suppress the warning or rename `new` to `lock`. > + > +impl Drop for Guard { > + fn drop(&mut self) { > + // SAFETY: By the type invariants, the RCU read side is locked, so it is ok to unlock it. > + unsafe { bindings::rcu_read_unlock() }; > + } > +} > + > +/// Acquires the RCU read side lock. > +pub fn read_lock() -> Guard { > + Guard::new() > +}
On Tue, Dec 24, 2024 at 08:54:50PM +0000, Gary Guo wrote: > On Thu, 19 Dec 2024 18:04:06 +0100 > Danilo Krummrich <dakr@kernel.org> wrote: > > > From: Wedson Almeida Filho <wedsonaf@gmail.com> > > > > Add a simple abstraction to guard critical code sections with an rcu > > read lock. > > > > Reviewed-by: Boqun Feng <boqun.feng@gmail.com> > > Signed-off-by: Wedson Almeida Filho <wedsonaf@gmail.com> > > Co-developed-by: Danilo Krummrich <dakr@kernel.org> > > Signed-off-by: Danilo Krummrich <dakr@kernel.org> > > --- > > MAINTAINERS | 1 + > > rust/helpers/helpers.c | 1 + > > rust/helpers/rcu.c | 13 ++++++++++++ > > rust/kernel/sync.rs | 1 + > > rust/kernel/sync/rcu.rs | 47 +++++++++++++++++++++++++++++++++++++++++ > > 5 files changed, 63 insertions(+) > > create mode 100644 rust/helpers/rcu.c > > create mode 100644 rust/kernel/sync/rcu.rs > > [resend to the list] > > > > > diff --git a/MAINTAINERS b/MAINTAINERS > > index 3cfb68650347..0cc69e282889 100644 > > --- a/MAINTAINERS > > +++ b/MAINTAINERS > > @@ -19690,6 +19690,7 @@ T: git git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git dev > > F: Documentation/RCU/ > > F: include/linux/rcu* > > F: kernel/rcu/ > > +F: rust/kernel/sync/rcu.rs > > X: Documentation/RCU/torture.rst > > X: include/linux/srcu*.h > > X: kernel/rcu/srcu*.c > > diff --git a/rust/helpers/helpers.c b/rust/helpers/helpers.c > > index dcf827a61b52..060750af6524 100644 > > --- a/rust/helpers/helpers.c > > +++ b/rust/helpers/helpers.c > > @@ -20,6 +20,7 @@ > > #include "page.c" > > #include "pid_namespace.c" > > #include "rbtree.c" > > +#include "rcu.c" > > #include "refcount.c" > > #include "security.c" > > #include "signal.c" > > diff --git a/rust/helpers/rcu.c b/rust/helpers/rcu.c > > new file mode 100644 > > index 000000000000..f1cec6583513 > > --- /dev/null > > +++ b/rust/helpers/rcu.c > > @@ -0,0 +1,13 @@ > > +// SPDX-License-Identifier: GPL-2.0 > > + > > +#include <linux/rcupdate.h> > > + > > +void rust_helper_rcu_read_lock(void) > > +{ > > + rcu_read_lock(); > > +} > > + > > +void rust_helper_rcu_read_unlock(void) > > +{ > > + rcu_read_unlock(); > > +} > > diff --git a/rust/kernel/sync.rs b/rust/kernel/sync.rs > > index 1eab7ebf25fd..0654008198b2 100644 > > --- a/rust/kernel/sync.rs > > +++ b/rust/kernel/sync.rs > > @@ -12,6 +12,7 @@ > > pub mod lock; > > mod locked_by; > > pub mod poll; > > +pub mod rcu; > > > > pub use arc::{Arc, ArcBorrow, UniqueArc}; > > pub use condvar::{new_condvar, CondVar, CondVarTimeoutResult}; > > diff --git a/rust/kernel/sync/rcu.rs b/rust/kernel/sync/rcu.rs > > new file mode 100644 > > index 000000000000..b51d9150ffe2 > > --- /dev/null > > +++ b/rust/kernel/sync/rcu.rs > > @@ -0,0 +1,47 @@ > > +// SPDX-License-Identifier: GPL-2.0 > > + > > +//! RCU support. > > +//! > > +//! C header: [`include/linux/rcupdate.h`](srctree/include/linux/rcupdate.h) > > + > > +use crate::{bindings, types::NotThreadSafe}; > > + > > +/// Evidence that the RCU read side lock is held on the current thread/CPU. > > +/// > > +/// The type is explicitly not `Send` because this property is per-thread/CPU. > > +/// > > +/// # Invariants > > +/// > > +/// The RCU read side lock is actually held while instances of this guard exist. > > +pub struct Guard(NotThreadSafe); > > + > > +impl Guard { > > + /// Acquires the RCU read side lock and returns a guard. > > + pub fn new() -> Self { > > + // SAFETY: An FFI call with no additional requirements. > > + unsafe { bindings::rcu_read_lock() }; > > + // INVARIANT: The RCU read side lock was just acquired above. > > + Self(NotThreadSafe) > > + } > > + > > + /// Explicitly releases the RCU read side lock. > > + pub fn unlock(self) {} > > I don't think there's need for this, `drop(rcu_guard)` is equally > clear. I don't mind one or the other, feel free to send a patch to remove it. :) > > There was a debate in Rust community about explicit lock methods, but > the conclusion was to not have it, > see https://github.com/rust-lang/rust/issues/81872. > > > +} > > + > > +impl Default for Guard { > > + fn default() -> Self { > > + Self::new() > > + } > > +} > > I don't think anyone would like to implicit acquire an RCU guard! I > believe you included this because clippy is yelling, but in this case > you shouldn't listen to clippy. Either suppress the warning or rename > `new` to `lock`. I picked up this patch from Wedson, so I can't tell for sure. I don't see any other reason for this though, so we could remove it. > > > + > > +impl Drop for Guard { > > + fn drop(&mut self) { > > + // SAFETY: By the type invariants, the RCU read side is locked, so it is ok to unlock it. > > + unsafe { bindings::rcu_read_unlock() }; > > + } > > +} > > + > > +/// Acquires the RCU read side lock. > > +pub fn read_lock() -> Guard { > > + Guard::new() > > +} >
diff --git a/MAINTAINERS b/MAINTAINERS index 3cfb68650347..0cc69e282889 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19690,6 +19690,7 @@ T: git git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu.git dev F: Documentation/RCU/ F: include/linux/rcu* F: kernel/rcu/ +F: rust/kernel/sync/rcu.rs X: Documentation/RCU/torture.rst X: include/linux/srcu*.h X: kernel/rcu/srcu*.c diff --git a/rust/helpers/helpers.c b/rust/helpers/helpers.c index dcf827a61b52..060750af6524 100644 --- a/rust/helpers/helpers.c +++ b/rust/helpers/helpers.c @@ -20,6 +20,7 @@ #include "page.c" #include "pid_namespace.c" #include "rbtree.c" +#include "rcu.c" #include "refcount.c" #include "security.c" #include "signal.c" diff --git a/rust/helpers/rcu.c b/rust/helpers/rcu.c new file mode 100644 index 000000000000..f1cec6583513 --- /dev/null +++ b/rust/helpers/rcu.c @@ -0,0 +1,13 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include <linux/rcupdate.h> + +void rust_helper_rcu_read_lock(void) +{ + rcu_read_lock(); +} + +void rust_helper_rcu_read_unlock(void) +{ + rcu_read_unlock(); +} diff --git a/rust/kernel/sync.rs b/rust/kernel/sync.rs index 1eab7ebf25fd..0654008198b2 100644 --- a/rust/kernel/sync.rs +++ b/rust/kernel/sync.rs @@ -12,6 +12,7 @@ pub mod lock; mod locked_by; pub mod poll; +pub mod rcu; pub use arc::{Arc, ArcBorrow, UniqueArc}; pub use condvar::{new_condvar, CondVar, CondVarTimeoutResult}; diff --git a/rust/kernel/sync/rcu.rs b/rust/kernel/sync/rcu.rs new file mode 100644 index 000000000000..b51d9150ffe2 --- /dev/null +++ b/rust/kernel/sync/rcu.rs @@ -0,0 +1,47 @@ +// SPDX-License-Identifier: GPL-2.0 + +//! RCU support. +//! +//! C header: [`include/linux/rcupdate.h`](srctree/include/linux/rcupdate.h) + +use crate::{bindings, types::NotThreadSafe}; + +/// Evidence that the RCU read side lock is held on the current thread/CPU. +/// +/// The type is explicitly not `Send` because this property is per-thread/CPU. +/// +/// # Invariants +/// +/// The RCU read side lock is actually held while instances of this guard exist. +pub struct Guard(NotThreadSafe); + +impl Guard { + /// Acquires the RCU read side lock and returns a guard. + pub fn new() -> Self { + // SAFETY: An FFI call with no additional requirements. + unsafe { bindings::rcu_read_lock() }; + // INVARIANT: The RCU read side lock was just acquired above. + Self(NotThreadSafe) + } + + /// Explicitly releases the RCU read side lock. + pub fn unlock(self) {} +} + +impl Default for Guard { + fn default() -> Self { + Self::new() + } +} + +impl Drop for Guard { + fn drop(&mut self) { + // SAFETY: By the type invariants, the RCU read side is locked, so it is ok to unlock it. + unsafe { bindings::rcu_read_unlock() }; + } +} + +/// Acquires the RCU read side lock. +pub fn read_lock() -> Guard { + Guard::new() +}