Using the `as` operator for integer conversions is discouraged, as it silently strips data if the destination type is smaller than the source. Many such conversions can be replaced with `from`/`into` or (when justified) `try_from`/`try_into`, but these traits cannot unfortunately cover all conversions satisfyingly.
There is for instance the case of converting a `usize` to `u64`, which, in the case of the kernel today, is completely lossless but cannot be done because the Rust standard library does not provide a `From` implementation for conversions that are not future-proof. Still, in the kernel it is very practical to be able to perform such conversions when they are safe to do for the current build target. This patchset tries to eradicate the use of `as` in nova-core, by using existing means and introducing new ones. The first 4 patches use the already-available `From` and `TryFrom` trait where it is possible or advisable. The fifth patch introduces a new module that proposes conversion functions for those that are infallible under the current build target. This is done through a set of const functions, and the `FromSafeCast` and `IntoSafeCast` extension traits which, as their names lightly suggest, offer conversion for those types on which the `as` operator can be used losslessly. This new module is put to use in the sixth patch. The idea was first suggested by Danilo. As Danilo suggested, this could eventually find its place in the kernel crate if the implementation is deemed to be fit, but for now let's review and let it mature in nova-core. Suggested-by: Danilo Krummrich <[email protected]> Link: https://lore.kernel.org/rust-for-linux/[email protected]/ Signed-off-by: Alexandre Courbot <[email protected]> --- Changes in v3: - Rename `FromAs`/`IntoAs` to `FromSafeCast`/`IntoSafeCast` (thanks Gemini!). - Remove unused import. - Fix build error on second patch. - Fix build with Rust 1.78. - Use `image_type` instead of u8 comparisons for `BiosImageType`. - Rename generating macro to `impl_safe_as`. - Make the const functions `inline(always)`. - Link to v2: https://lore.kernel.org/r/[email protected] Changes in v2: - Use macro to generate const conversion functions. - Use `CAST:` comments to justify remaining `as` conversions. - Add more conditional compilation guards. - Link to v1: https://lore.kernel.org/r/[email protected] --- Alexandre Courbot (6): gpu: nova-core: replace `as` with `from` conversions where possible gpu: nova-core: vbios: do not use `as` when comparing BiosImageType gpu: nova-core: use `try_from` instead of `as` for u32 conversions gpu: nova-core: add functions and traits for lossless integer conversions gpu: nova-core: replace use of `as` with functions from `num` gpu: nova-core: justify remaining uses of `as` drivers/gpu/nova-core/falcon.rs | 9 +- drivers/gpu/nova-core/falcon/hal/ga102.rs | 6 +- drivers/gpu/nova-core/fb.rs | 7 +- drivers/gpu/nova-core/fb/hal/ga100.rs | 4 + drivers/gpu/nova-core/fb/hal/tu102.rs | 16 ++- drivers/gpu/nova-core/firmware.rs | 7 +- drivers/gpu/nova-core/firmware/booter.rs | 34 ++++--- drivers/gpu/nova-core/firmware/fwsec.rs | 25 +++-- drivers/gpu/nova-core/firmware/gsp.rs | 6 +- drivers/gpu/nova-core/firmware/riscv.rs | 7 +- drivers/gpu/nova-core/nova_core.rs | 1 + drivers/gpu/nova-core/num.rs | 163 ++++++++++++++++++++++++++++++ drivers/gpu/nova-core/regs.rs | 5 +- drivers/gpu/nova-core/vbios.rs | 56 +++++----- 14 files changed, 265 insertions(+), 81 deletions(-) --- base-commit: ca16b15e78f4dee1631c0a68693f5e7d9b3bb3ec change-id: 20251022-nova-as-8ece4142872a Best regards, -- Alexandre Courbot <[email protected]>
