[PATCH v4 10/13] rust: init: implement `Zeroable` for `UnsafeCell<T>` and `Opaque<T>`
From: Benno Lossin
Date: Mon Aug 14 2023 - 04:48:48 EST
`UnsafeCell<T>` and `T` have the same layout so if `T` is `Zeroable`
then so should `UnsafeCell<T>` be. This allows using the derive macro
for `Zeroable` on types that contain an `UnsafeCell<T>`.
Since `Opaque<T>` contains a `MaybeUninit<T>`, all bytes zero is a valid
bit pattern for that type.
Reviewed-by: Gary Guo <gary@xxxxxxxxxxx>
Reviewed-by: Martin Rodriguez Reboredo <yakoyoku@xxxxxxxxx>
Signed-off-by: Benno Lossin <benno.lossin@xxxxxxxxx>
---
v3 -> v4:
- added Reviewed-by's from Gary and Martin.
v2 -> v3:
- also implement Zeroable for `UnsafeCell<T>` when `T: Zeroable`,
- use `impl_zeroable!` instead of `derive(Zeroable)`.
rust/kernel/init.rs | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/rust/kernel/init.rs b/rust/kernel/init.rs
index b54f32017d00..f91ecd3b1edf 100644
--- a/rust/kernel/init.rs
+++ b/rust/kernel/init.rs
@@ -212,11 +212,12 @@
use crate::{
error::{self, Error},
sync::UniqueArc,
- types::ScopeGuard,
+ types::{Opaque, ScopeGuard},
};
use alloc::boxed::Box;
use core::{
alloc::AllocError,
+ cell::UnsafeCell,
convert::Infallible,
marker::PhantomData,
mem::MaybeUninit,
@@ -1159,6 +1160,11 @@ macro_rules! impl_zeroable {
// SAFETY: Type is allowed to take any value, including all zeros.
{<T>} MaybeUninit<T>,
+ // SAFETY: Type is allowed to take any value, including all zeros.
+ {<T>} Opaque<T>,
+
+ // SAFETY: `T: Zeroable` and `UnsafeCell` is `repr(transparent)`.
+ {<T: ?Sized + Zeroable>} UnsafeCell<T>,
// SAFETY: All zeros is equivalent to `None` (option layout optimization guarantee).
Option<NonZeroU8>, Option<NonZeroU16>, Option<NonZeroU32>, Option<NonZeroU64>,
--
2.41.0