From: Danilo Krummrich <dakr@kernel.org>
Date: Sat, 28 Jun 2025 16:49:54 +0000 (+0200)
Subject: rust: dma: require mutable reference for as_slice_mut() and write()
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2dedf83d54c6248317ce86d9fc677f89e37ab04c;p=thirdparty%2Fkernel%2Flinux.git

rust: dma: require mutable reference for as_slice_mut() and write()

Given the safety requirements of as_slice_mut() and write() taking an
immutable reference is technically not incorrect.

However, let's leverage the compiler's capabilities and require a
mutable reference to ensure exclusive access.

This also fixes a clippy warning introduced with 1.88:

  warning: mutable borrow from immutable input(s)
     --> rust/kernel/dma.rs:297:78
      |
  297 |     pub unsafe fn as_slice_mut(&self, offset: usize, count: usize) -> Result<&mut [T]> {
      |                                                                              ^^^^^^^^

Fixes: d37a39f607c4 ("rust: dma: add as_slice/write functions for CoherentAllocation")
Reviewed-by: Alice Ryhl <aliceryhl@google.com>
Reviewed-by: Andreas Hindborg <a.hindborg@kernel.org>
Reviewed-by: Abdiel Janulgue <abdiel.janulgue@gmail.com>
Reviewed-by: Alexandre Courbot <acourbot@nvidia.com>
Link: https://lore.kernel.org/r/20250628165120.90149-1-dakr@kernel.org
Signed-off-by: Danilo Krummrich <dakr@kernel.org>
---

diff --git a/rust/kernel/dma.rs b/rust/kernel/dma.rs
index 25dfa0e6cc3ce..2ac4c47aeed34 100644
--- a/rust/kernel/dma.rs
+++ b/rust/kernel/dma.rs
@@ -294,7 +294,7 @@ impl<T: AsBytes + FromBytes> CoherentAllocation<T> {
     ///   slice is live.
     /// * Callers must ensure that this call does not race with a read or write to the same region
     ///   while the returned slice is live.
-    pub unsafe fn as_slice_mut(&self, offset: usize, count: usize) -> Result<&mut [T]> {
+    pub unsafe fn as_slice_mut(&mut self, offset: usize, count: usize) -> Result<&mut [T]> {
         self.validate_range(offset, count)?;
         // SAFETY:
         // - The pointer is valid due to type invariant on `CoherentAllocation`,
@@ -326,7 +326,7 @@ impl<T: AsBytes + FromBytes> CoherentAllocation<T> {
     /// unsafe { alloc.write(buf, 0)?; }
     /// # Ok::<(), Error>(()) }
     /// ```
-    pub unsafe fn write(&self, src: &[T], offset: usize) -> Result {
+    pub unsafe fn write(&mut self, src: &[T], offset: usize) -> Result {
         self.validate_range(offset, src.len())?;
         // SAFETY:
         // - The pointer is valid due to type invariant on `CoherentAllocation`