Re: Rust kernel policy

From: Christoph Hellwig
Date: Thu Feb 20 2025 - 01:48:49 EST

Next message: Jemmy Wong: "Re: [PATCH 0/2] sched: Refine scheduler naming for clarity and specificity"
Previous message: Dmitry Torokhov: "[PATCH 2/2] driver core: fix potential NULL pointer dereference in dev_uevent()"
In reply to: Miguel Ojeda: "Re: Rust kernel policy"
Next in thread: James Bottomley: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 19, 2025 at 11:03:28AM -0500, James Bottomley wrote:
> > This has come up a few times, and we indeed would like to have some
> > annotations in the C headers so that we can generate more (and to
> > keep the information local).
> >
> > For instance, it would be nice to have bindgen's `__opaque` near the
> > C items, or being able to mark functions as `__safe`, or to have
> > other `enum`s-related annotations, or even custom attributes, as well
> > as "formatted-formally-enough" docs so that can be rendered properly
> > on the Rust side, or even references/lifetimes with an eventual "Safe
> > C"-like approach, and so on and so forth.
> >
> > However, even if we automate more and even reach a point where most C
> > APIs are e.g. "safe" (which would be great),
>
> I wouldn't say C API safety would be the main goal, although it might
> be a nice add on feature.

Why not? Why is safety suddenly less a goal when you don't use the
right syntactic sugar?

Next message: Jemmy Wong: "Re: [PATCH 0/2] sched: Refine scheduler naming for clarity and specificity"
Previous message: Dmitry Torokhov: "[PATCH 2/2] driver core: fix potential NULL pointer dereference in dev_uevent()"
In reply to: Miguel Ojeda: "Re: Rust kernel policy"
Next in thread: James Bottomley: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]