Re: [PATCH v4 4/9] rust: cred: add Rust abstraction for `struct cred`

[Martin Rodriguez Reboredo]

On 2/2/24 07:55, Alice Ryhl wrote:
> From: Wedson Almeida Filho <wedsonaf@xxxxxxxxx>
>
> Add a wrapper around `struct cred` called `Credential`, and provide
> functionality to get the `Credential` associated with a `File`.
>
> Rust Binder must check the credentials of processes when they attempt to
> perform various operations, and these checks usually take a
> `&Credential` as parameter. The security_binder_set_context_mgr function
> would be one example. This patch is necessary to access these security_*
> methods from Rust.
>
> Signed-off-by: Wedson Almeida Filho <wedsonaf@xxxxxxxxx>
> Co-developed-by: Alice Ryhl <aliceryhl@xxxxxxxxxx>
> Signed-off-by: Alice Ryhl <aliceryhl@xxxxxxxxxx>
> ---
> [...]
> +    /// Returns the credentials of the task that originally opened the file.
> +    pub fn cred(&self) -> &Credential {
> +        // SAFETY: It's okay to read the `f_cred` field without synchronization because `f_cred` is
> +        // never changed after initialization of the file.
> +        let ptr = unsafe { (*self.as_ptr()).f_cred };

From what I can see `file.f_cred` is valid from the moment `file` was
initialized, worth to notice too IMO.

> +
> +        // SAFETY: The signature of this function ensures that the caller will only access the
> +        // returned credential while the file is still valid, and the C side ensures that the
> +        // credential stays valid at least as long as the file.
> +        unsafe { Credential::from_ptr(ptr) }
> +    }
> [...]

Reviewed-by: Martin Rodriguez Reboredo <yakoyoku@xxxxxxxxx>