Re: C aggregate passing (Rust kernel policy)

From: Ralf Jung
Date: Fri Feb 28 2025 - 02:53:24 EST

Next message: Heiko Stübner: "Re: [PATCH 2/7] dt-bindings: pinctrl: Add pinctrl support for RK3528"
Previous message: Stephen Rothwell: "linux-next: build warning after merge of the edac tree"
In reply to: Linus Torvalds: "Re: C aggregate passing (Rust kernel policy)"
Next in thread: Martin Uecker: "Re: C aggregate passing (Rust kernel policy)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On 27.02.25 20:15, Linus Torvalds wrote:

On Thu, 27 Feb 2025 at 10:33, Ralf Jung <post@xxxxxxxx> wrote:

The way you do global flags in Rust is like this:

Note that I was really talking mainly about the unsafe cases, an din
particular when interfacing with C code.

When Rust code and C code share memory that is concurrently accessed, all accesses to that from the Rust side must be explicitly marked as atomic. A pointer to such a memory should look like `&AtomicBool` in Rust, not `*mut bool`. To my knowledge, the kernel already has appropriate APIs for that. That will then ensure things behave like the AtomicBool example.

Kind regards,
Ralf

Also, honestly:

FLAG.store(true, Ordering::SeqCst); // or release/acquire/relaxed

I suspect in reality it would be hidden as accessor functions, or
people just continue to write things in C.

Yes, I know all about the C++ memory ordering. It's not only a
standards mess, it's all very illegible code too.

Linus

Next message: Heiko Stübner: "Re: [PATCH 2/7] dt-bindings: pinctrl: Add pinctrl support for RK3528"
Previous message: Stephen Rothwell: "linux-next: build warning after merge of the edac tree"
In reply to: Linus Torvalds: "Re: C aggregate passing (Rust kernel policy)"
Next in thread: Martin Uecker: "Re: C aggregate passing (Rust kernel policy)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]