3 //! Generic kernel lock and guard.
5 //! It contains a generic Rust lock and guard that allow for different backends (e.g., mutexes,
22 /// The "backend" of a lock.
24 /// It is the actual implementation of the lock, without the need to repeat patterns used in all
29 /// - Implementers must ensure that only one thread/CPU may access the protected data once the lock
30 ///   is owned, that is, between calls to [`lock`] and [`unlock`].
32 ///   lock operation.
34 /// [`lock`]: Backend::lock
38     /// The state required by the lock.
41     /// The state required to be kept between [`lock`] and [`unlock`].
43     /// [`lock`]: Backend::lock
47     /// Initialises the lock.
59     /// Acquires the lock, making the caller its owner.
65     unsafe fn lock(ptr: *mut Self::State) -> Self::GuardState;  in lock()  method
67     /// Tries to acquire the lock.
74     /// Releases the lock, giving up its ownership.
78     /// It must only be called by the current owner of the lock.
81     /// Reacquires the lock, making the caller its owner.
85     /// Callers must ensure that `guard_state` comes from a previous call to [`Backend::lock`] (or
88         // SAFETY: The safety requirements ensure that the lock is initialised.  in relock()
89         *guard_state = unsafe { Self::lock(ptr) };  in relock()
92     /// Asserts that the lock is held using lockdep.
102 /// Exposes one of the kernel locking primitives. Which one is exposed depends on the lock
106 pub struct Lock<T: ?Sized, B: Backend> {  struct
107     /// The kernel lock object.
117     /// The data protected by the lock.
121 // SAFETY: `Lock` can be transferred across thread boundaries iff the data it protects can.  argument
122 unsafe impl<T: ?Sized + Send, B: Backend> Send for Lock<T, B> {}  implementation
124 // SAFETY: `Lock` serialises the interior mutability it provides, so it is `Sync` as long as the
126 unsafe impl<T: ?Sized + Send, B: Backend> Sync for Lock<T, B> {}  implementation
128 impl<T, B: Backend> Lock<T, B> {  implementation
129     /// Constructs a new lock initialiser.
143 impl<B: Backend> Lock<(), B> {  impl
144     /// Constructs a [`Lock`] from a raw pointer.
146     /// This can be useful for interacting with a lock which was initialised outside of Rust.
157         // - Since the lock data type is `()` which is a ZST, `state` is the only non-ZST member of  in from_raw()
165 impl<T: ?Sized, B: Backend> Lock<T, B> {  impl
166     /// Acquires the lock and gives the caller access to the data protected by it.
167     pub fn lock(&self) -> Guard<'_, T, B> {  in lock()  method
170         let state = unsafe { B::lock(self.state.get()) };  in lock()
171         // SAFETY: The lock was just acquired.  in lock()
175     /// Tries to acquire the lock.
177     /// Returns a guard that can be used to access the data protected by the lock if successful.
179     #[must_use = "if unused, the lock will be immediately unlocked"]
187 /// A lock guard.
191 /// protected by the lock.
192 #[must_use = "the lock unlocks immediately when the guard is unused"]
194     pub(crate) lock: &'a Lock<T, B>,  field
199 // SAFETY: `Guard` is sync when the data protected by the lock is also sync.
203     /// Returns the lock that this guard originates from.
208     /// lock is held.
211     /// # use kernel::{new_spinlock, sync::lock::{Backend, Guard, Lock}};
214     /// fn assert_held<T, B: Backend>(guard: &Guard<'_, T, B>, lock: &Lock<T, B>) {
215     ///     // Address-equal means the same lock.
216     ///     assert!(core::ptr::eq(guard.lock_ref(), lock));
219     /// // Creates a new lock on the stack.
224     /// let g = l.lock();
229     pub fn lock_ref(&self) -> &'a Lock<T, B> {  in lock_ref()
230         self.lock  in lock_ref()
234         // SAFETY: The caller owns the lock, so it is safe to unlock it.  in do_unlocked()
235         unsafe { B::unlock(self.lock.state.get(), &self.state) };  in do_unlocked()
238                 // SAFETY: The lock was just unlocked above and is being relocked now.  in do_unlocked()
239                 unsafe { B::relock(self.lock.state.get(), &mut self.state) });  in do_unlocked()
249         // SAFETY: The caller owns the lock, so it is safe to deref the protected data.  in deref()
250         unsafe { &*self.lock.data.get() }  in deref()
256         // SAFETY: The caller owns the lock, so it is safe to deref the protected data.  in deref_mut()
257         unsafe { &mut *self.lock.data.get() }  in deref_mut()
263         // SAFETY: The caller owns the lock, so it is safe to unlock it.  in drop()
264         unsafe { B::unlock(self.lock.state.get(), &self.state) };  in drop()
269     /// Constructs a new immutable lock guard.
273     /// The caller must ensure that it owns the lock.
274     pub unsafe fn new(lock: &'a Lock<T, B>, state: B::GuardState) -> Self {  in new()
275         // SAFETY: The caller can only hold the lock if `Backend::init` has already been called.  in new()
276         unsafe { B::assert_is_held(lock.state.get()) };  in new()
279             lock,  in new()