Conversation

Thinking about Rust in the kernel again, does Rust have some kind of generic version of the idea of unsafe/safe code, as an attribute? Often in kernel land you're allowed to call functions only in certain contexts (process, atomic, etc.) and locking has to follow an order.

171

Replying to

It can be represented this in the type system with ownership similar to managing resources, lock scopes, etc. Those functions can require a reference to the type of object representing the required state and then it's not possible to call them outside of the lifetime of it.

Replying to

and

You can implement transitions between different states by taking that type by value (consuming it) and returning another type representing another state. What you can't do is enforce the destructor is called since safe code allows making reference cycles or otherwise leaking.

7:59 AM · May 16, 2022Twitter Web App

Who can reply?

People @marcan42 follows or mentioned can reply