[PATCH v10 1/8] rust: types: add `NotThreadSafe`
Gary Guo
gary at garyguo.net
Fri Sep 27 10:20:21 UTC 2024
On Wed, 25 Sep 2024 08:59:04 -0500
"Serge E. Hallyn" <serge at hallyn.com> wrote:
> On Wed, Sep 25, 2024 at 01:06:10PM +0200, Alice Ryhl wrote:
> > On Tue, Sep 24, 2024 at 9:45 PM Serge E. Hallyn <serge at hallyn.com> wrote:
> > >
> > > On Sun, Sep 15, 2024 at 02:31:27PM +0000, Alice Ryhl wrote:
> > > > This introduces a new marker type for types that shouldn't be thread
> > > > safe. By adding a field of this type to a struct, it becomes non-Send
> > > > and non-Sync, which means that it cannot be accessed in any way from
> > > > threads other than the one it was created on.
> > > >
> > > > This is useful for APIs that require globals such as `current` to remain
> > > > constant while the value exists.
> > > >
> > > > We update two existing users in the Kernel to use this helper:
> > > >
> > > > * `Task::current()` - moving the return type of this value to a
> > > > different thread would not be safe as you can no longer be guaranteed
> > > > that the `current` pointer remains valid.
> > > > * Lock guards. Mutexes and spinlocks should be unlocked on the same
> > > > thread as where they were locked, so we enforce this using the Send
> > > > trait.
> > >
> > > Hi,
> > >
> > > this sounds useful, however from kernel side when I think thread-safe,
> > > I think must not be used across a sleep. Would something like ThreadLocked
> > > or LockedToThread make sense?
> >
> > Hmm, those names seem pretty similar to the current name to me?
>
> Seems very different to me:
>
> If @foo is not threadsafe, it may be global or be usable by many
> threads, but must be locked to one thread during access.
>
> What you're describing here is (iiuc) that @foo must only be used
> by one particular thread.
"locked to one thread during access" means it might be `Send` but not
`!Sync`.
What Alice has here is something is neither `Send` nor `Sync`, so I
think the `NotThreadSafe` is a good name here because it cancels both
guarantees.
Best,
Gary
More information about the Linux-security-module-archive
mailing list