[PATCH 2/2] rust: dma: use NonNull<T> instead of *mut T

From: Danilo Krummrich
Date: Mon Nov 03 2025 - 14:07:45 EST

Next message: Marco Felsch: "Re: [EXT] Re: [PATCH v19 0/7] firmware: imx: driver for NXP secure-enclave"
Previous message: Randy Dunlap: "Re: [PATCH 5/5] Documentation/amdgpu: Add UMA carveout details"
In reply to: Danilo Krummrich: "[PATCH 1/2] rust: dma: make use of start_ptr() and start_ptr_mut()"
Next in thread: Alice Ryhl: "Re: [PATCH 2/2] rust: dma: use NonNull<T> instead of *mut T"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In struct CoherentAllocation, use NonNull<T> instead of a raw *mut T for
the CPU address; the CPU address of a valid CoherentAllocation won't
ever be NULL.

Signed-off-by: Danilo Krummrich <dakr@xxxxxxxxxx>
---
rust/kernel/dma.rs | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/rust/kernel/dma.rs b/rust/kernel/dma.rs
index f066cbb53cfa..f67c6686a440 100644
--- a/rust/kernel/dma.rs
+++ b/rust/kernel/dma.rs
@@ -12,6 +12,7 @@
sync::aref::ARef,
transmute::{AsBytes, FromBytes},
};
+use core::ptr::NonNull;

/// DMA address type.
///
@@ -358,7 +359,7 @@ pub struct CoherentAllocation<T: AsBytes + FromBytes> {
dev: ARef<device::Device>,
dma_handle: DmaAddress,
count: usize,
- cpu_addr: *mut T,
+ cpu_addr: NonNull<T>,
dma_attrs: Attrs,
}

@@ -392,7 +393,7 @@ pub fn alloc_attrs(
.ok_or(EOVERFLOW)?;
let mut dma_handle = 0;
// SAFETY: Device pointer is guaranteed as valid by the type invariant on `Device`.
- let ret = unsafe {
+ let addr = unsafe {
bindings::dma_alloc_attrs(
dev.as_raw(),
size,
@@ -401,9 +402,7 @@ pub fn alloc_attrs(
dma_attrs.as_raw(),
)
};
- if ret.is_null() {
- return Err(ENOMEM);
- }
+ let addr = NonNull::new(addr).ok_or(ENOMEM)?;
// INVARIANT:
// - We just successfully allocated a coherent region which is accessible for
// `count` elements, hence the cpu address is valid. We also hold a refcounted reference
@@ -414,7 +413,7 @@ pub fn alloc_attrs(
dev: dev.into(),
dma_handle,
count,
- cpu_addr: ret.cast::<T>(),
+ cpu_addr: addr.cast(),
dma_attrs,
})
}
@@ -446,13 +445,13 @@ pub fn size(&self) -> usize {

/// Returns the base address to the allocated region in the CPU's virtual address space.
pub fn start_ptr(&self) -> *const T {
- self.cpu_addr
+ self.cpu_addr.as_ptr()
}

/// Returns the base address to the allocated region in the CPU's virtual address space as
/// a mutable pointer.
pub fn start_ptr_mut(&mut self) -> *mut T {
- self.cpu_addr
+ self.cpu_addr.as_ptr()
}

/// Returns a DMA handle which may be given to the device as the DMA address base of
--
2.51.0

Next message: Marco Felsch: "Re: [EXT] Re: [PATCH v19 0/7] firmware: imx: driver for NXP secure-enclave"
Previous message: Randy Dunlap: "Re: [PATCH 5/5] Documentation/amdgpu: Add UMA carveout details"
In reply to: Danilo Krummrich: "[PATCH 1/2] rust: dma: make use of start_ptr() and start_ptr_mut()"
Next in thread: Alice Ryhl: "Re: [PATCH 2/2] rust: dma: use NonNull<T> instead of *mut T"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]