Re: [PATCH 1/2] rust: sync: require `Send` and `Sync` for `Backend::State`

[Benno Lossin]

On 03.09.24 11:30, Alice Ryhl wrote:
> On Tue, Sep 3, 2024 at 11:17 AM Benno Lossin <benno.lossin@xxxxxxxxx> wrote:
>>
>> `Lock<T, B>` implements `Send` and `Sync` when `T` is `Send` or `Sync`
>> respectively. Since this does not depend on `B`, creating a `Lock` that
>> is `Send` and `Sync`, but with a `!Sync` or `!Send` state is possible.
>> This is a soundness issue, thus add the bounds to the respective impls.
>>
>> Signed-off-by: Benno Lossin <benno.lossin@xxxxxxxxx>
> 
> Currently, B::State is set directly to `bindings::spinlock_t` or
> `bindings::mutex` and these types are pretty unlikely to be Send/Sync
> on all kernel configurations. If you're going to make this change, you
> will need to change these types.

Oh yeah you are correct. I did try to compile it, but maybe I missed
some config options, since it didn't complain?

> Considering that B::State is already stored in Opaque meaning that we
> don't run its destructor either, it's not really treated as a normal
> field right now. Perhaps it would be better to change the safety
> requirements of the `Backend` trait to impose restrictions on the
> thread safety of B::State?

Yes that sounds like a better idea.

---
Cheers,
Benno