Commit bb9749f3 authored by Alice Ryhl's avatar Alice Ryhl Committed by Danilo Krummrich
Browse files

rust: alloc: take the allocator into account for FOREIGN_ALIGN 



When converting a Box<T> into a void pointer, the allocator might
guarantee a higher alignment than the type itself does, and in that case
it is guaranteed that the void pointer has that higher alignment.

This is quite useful when combined with the XArray, which you can only
create using a ForeignOwnable whose FOREIGN_ALIGN is at least 4. This
means that you can now always use a Box<T> with the XArray no matter the
alignment of T.

Reviewed-by: default avatarBenno Lossin <lossin@kernel.org>
Signed-off-by: default avatarAlice Ryhl <aliceryhl@google.com>
Acked-by: default avatarLiam R. Howlett <Liam.Howlett@oracle.com>
Reviewed-by: default avatarAndreas Hindborg <a.hindborg@kernel.org>
Link: https://lore.kernel.org/r/20250811-align-min-allocator-v2-2-3386cc94f4fc@google.com


Signed-off-by: default avatarDanilo Krummrich <dakr@kernel.org>
parent 1b1a946d

rust/kernel/alloc/kbox.rs

+9 −4
Original line number Diff line number Diff line
@@ -401,12 +401,17 @@ fn try_init<E>(init: impl Init<T, E>, flags: Flags) -> Result<Self, E> 
}



// SAFETY: The pointer returned by `into_foreign` comes from a well aligned

// pointer to `T`.

// pointer to `T` allocated by `A`.

unsafe impl<T: 'static, A> ForeignOwnable for Box<T, A>

where

    A: Allocator,

{

    const FOREIGN_ALIGN: usize = core::mem::align_of::<T>();

    const FOREIGN_ALIGN: usize = if core::mem::align_of::<T>() < A::MIN_ALIGN {

        A::MIN_ALIGN

    } else {

        core::mem::align_of::<T>()

    };



    type Borrowed<'a> = &'a T;

    type BorrowedMut<'a> = &'a mut T;
@@ -435,12 +440,12 @@ unsafe fn borrow_mut<'a>(ptr: *mut c_void) -> &'a mut T { 
}



// SAFETY: The pointer returned by `into_foreign` comes from a well aligned

// pointer to `T`.

// pointer to `T` allocated by `A`.

unsafe impl<T: 'static, A> ForeignOwnable for Pin<Box<T, A>>

where

    A: Allocator,

{

    const FOREIGN_ALIGN: usize = core::mem::align_of::<T>();

    const FOREIGN_ALIGN: usize = <Box<T, A> as ForeignOwnable>::FOREIGN_ALIGN;

    type Borrowed<'a> = Pin<&'a T>;

    type BorrowedMut<'a> = Pin<&'a mut T>;

rust/kernel/sync/arc.rs

+3 −3
Original line number Diff line number Diff line
@@ -373,10 +373,10 @@ pub fn into_unique_or_drop(self) -> Option<Pin<UniqueArc<T>>> { 
    }

}



// SAFETY: The pointer returned by `into_foreign` comes from a well aligned

// pointer to `ArcInner<T>`.

// SAFETY: The pointer returned by `into_foreign` was originally allocated as an

// `KBox<ArcInner<T>>`, so that type is what determines the alignment.

unsafe impl<T: 'static> ForeignOwnable for Arc<T> {

    const FOREIGN_ALIGN: usize = core::mem::align_of::<ArcInner<T>>();

    const FOREIGN_ALIGN: usize = <KBox<ArcInner<T>> as ForeignOwnable>::FOREIGN_ALIGN;



    type Borrowed<'a> = ArcBorrow<'a, T>;

    type BorrowedMut<'a> = Self::Borrowed<'a>;