Normally it is undefined behavior for a bool to take any value other than 0 or 1. However, in the case of READ_ONCE(some_bool) is used, this UB seems dangerous and unnecessary. I can easily imagine some Rust code that looks like this: if READ_ONCE(&raw const (*my_c_struct).my_bool_field) { ... } And by making an analogy to what the equivalent C code is, anyone writing this probably just meant to treat any non-zero value as true. For WRITE_ONCE no special logic is required. Signed-off-by: Alice Ryhl --- rust/kernel/sync/rwonce.rs | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/rust/kernel/sync/rwonce.rs b/rust/kernel/sync/rwonce.rs index a1660e43c9ef94011812d1816713cf031a73de1d..73477f53131926996614df573b2d50fff98e624f 100644 --- a/rust/kernel/sync/rwonce.rs +++ b/rust/kernel/sync/rwonce.rs @@ -163,6 +163,7 @@ unsafe fn write_once(ptr: *mut Self, val: Self) { // sizes, so picking the wrong helper should lead to a build error. impl_rw_once_type! { + bool, read_once_bool, write_once_1; u8, read_once_1, write_once_1; i8, read_once_1, write_once_1; u16, read_once_2, write_once_2; @@ -186,3 +187,21 @@ unsafe fn write_once(ptr: *mut Self, val: Self) { usize, read_once_8, write_once_8; isize, read_once_8, write_once_8; } + +/// Read an integer as a boolean once. +/// +/// Returns `true` if the value behind the pointer is non-zero. Otherwise returns `false`. +/// +/// # Safety +/// +/// It must be safe to `READ_ONCE` the `ptr` with type `u8`. +#[inline(always)] +#[track_caller] +unsafe fn read_once_bool(ptr: *const bool) -> bool { + // Implement `read_once_bool` in terms of `read_once_1`. The arch-specific logic is inside + // of `read_once_1`. + // + // SAFETY: It is safe to `READ_ONCE` the `ptr` with type `u8`. + let byte = unsafe { read_once_1(ptr.cast::()) }; + byte != 0u8 +} -- 2.52.0.351.gbe84eed79e-goog