Merge pull request #574 from wedsonaf/file-in-open

rust: add `&File` argument to `open` callback.

Author: wedsonaf

drivers/android/process.rs

@@ -802,7 +802,7 @@ impl IoctlHandler for Process {
 }
 
 impl FileOpener<Ref<Context>> for Process {
-    fn open(ctx: &Ref<Context>) -> Result<Self::Wrapper> {
+    fn open(ctx: &Ref<Context>, _file: &File) -> Result<Self::Wrapper> {
         Self::new(ctx.clone())
     }
 }

drivers/char/hw_random/bcm2835_rng_rust.rs

@@ -6,15 +6,8 @@
 #![feature(allocator_api, global_asm)]
 
 use kernel::{
-    file::File,
-    file_operations::{FileOpener, FileOperations},
-    io_buffer::IoBufferWriter,
-    miscdev,
-    of::ConstOfMatchTable,
-    platdev::PlatformDriver,
-    prelude::*,
-    str::CStr,
-    ThisModule, {c_str, platdev},
+    c_str, file::File, file_operations::FileOperations, io_buffer::IoBufferWriter, miscdev,
+    of::ConstOfMatchTable, platdev, platdev::PlatformDriver, prelude::*,
 };
 
 module! {
@@ -25,14 +18,9 @@ module! {
     license: b"GPL v2",
 }
 
+#[derive(Default)]
 struct RngDevice;
 
-impl FileOpener<()> for RngDevice {
-    fn open(_state: &()) -> Result<Self::Wrapper> {
-        Ok(Box::try_new(RngDevice)?)
-    }
-}
-
 impl FileOperations for RngDevice {
     kernel::declare_file_operations!(read);
 

rust/kernel/file_operations.rs

@@ -95,12 +95,17 @@ unsafe extern "C" fn open_callback<A: FileOpenAdapter, T: FileOpener<A::Arg>>(
         // should point to data in the inode or file that lives longer
         // than the following use of `T::open`.
         let arg = unsafe { A::convert(inode, file) };
+        // SAFETY: The C contract guarantees that `file` is valid. Additionally,
+        // `fileref` never outlives this function, so it is guaranteed to be
+        // valid.
+        let fileref = unsafe { FileRef::from_ptr(file) };
         // SAFETY: `arg` was previously returned by `A::convert` and must
         // be a valid non-null pointer.
-        let ptr = T::open(unsafe { &*arg })?.into_pointer();
-        // SAFETY: `ptr` was previously returned by `T::open`. The returned
-        // value should be a boxed value and should live the length of the
-        // given file.
+        let ptr = T::open(unsafe { &*arg }, &fileref)?.into_pointer();
+        // SAFETY: The C contract guarantees that `private_data` is available
+        // for implementers of the file operations (no other C code accesses
+        // it), so we know that there are no concurrent threads/CPUs accessing
+        // it (it's not visible to any other Rust code).
         unsafe { (*file).private_data = ptr as *mut c_types::c_void };
         Ok(0)
     }
@@ -591,11 +596,11 @@ pub trait FileOpener<T: ?Sized>: FileOperations {
     /// Creates a new instance of this file.
     ///
     /// Corresponds to the `open` function pointer in `struct file_operations`.
-    fn open(context: &T) -> Result<Self::Wrapper>;
+    fn open(context: &T, file: &File) -> Result<Self::Wrapper>;
 }
 
 impl<T: FileOperations<Wrapper = Box<T>> + Default> FileOpener<()> for T {
-    fn open(_: &()) -> Result<Self::Wrapper> {
+    fn open(_: &(), _file: &File) -> Result<Self::Wrapper> {
         Ok(Box::try_new(T::default())?)
     }
 }

samples/rust/rust_miscdev.rs

@@ -57,7 +57,7 @@ impl SharedState {
 struct Token;
 
 impl FileOpener<Ref<SharedState>> for Token {
-    fn open(shared: &Ref<SharedState>) -> Result<Self::Wrapper> {
+    fn open(shared: &Ref<SharedState>, _file: &File) -> Result<Self::Wrapper> {
         Ok(shared.clone())
     }
 }

samples/rust/rust_semaphore.rs

@@ -66,7 +66,7 @@ impl FileState {
 }
 
 impl FileOpener<Ref<Semaphore>> for FileState {
-    fn open(shared: &Ref<Semaphore>) -> Result<Box<Self>> {
+    fn open(shared: &Ref<Semaphore>, _file: &File) -> Result<Box<Self>> {
         Ok(Box::try_new(Self {
             read_count: AtomicU64::new(0),
             shared: shared.clone(),