1. Patchew
  2. linux
  3. [PATCH v8 0/7] rust/hrtimer: Various hrtimer + time additions
  4. View patch

[PATCH v8 6/7] rust: time: Add Instant::from_ktime()

Lyude Paul posted 7 patches 1 month, 2 weeks ago
[PATCH v8 6/7] rust: time: Add Instant::from_ktime()
Posted by Lyude Paul 1 month, 2 weeks ago 
For implementing Rust bindings which can return a point in time.

Signed-off-by: Lyude Paul <lyude@redhat.com>

---
V4:
* Turn from_nanos() into an unsafe function in order to ensure that we
  uphold the invariants of Instant
V5:
* Add debug_assert!() to from_nanos
V8:
* Change name of function from Instant::from_nanos() to
  Instant::from_ktime()

 rust/kernel/time.rs | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/rust/kernel/time.rs b/rust/kernel/time.rs
index 64c8dcf548d63..5c40ebe096357 100644
--- a/rust/kernel/time.rs
+++ b/rust/kernel/time.rs
@@ -200,6 +200,29 @@ pub fn elapsed(&self) -> Delta {
     pub(crate) fn as_nanos(&self) -> i64 {
         self.inner
     }
+
+    /// Create an [`Instant`] from a `ktime_t` without checking if it is non-negative.
+    ///
+    /// # Panics
+    ///
+    /// On debug builds, this function will panic if `nanos` is not in the range from 0 to
+    /// `KTIME_MAX`.
+    ///
+    /// # Safety
+    ///
+    /// The caller promises that `nanos` is in the range from 0 to `KTIME_MAX`.
+    #[expect(unused)]
+    #[inline]
+    pub(crate) unsafe fn from_ktime(ktime: bindings::ktime_t) -> Self {
+        debug_assert!(ktime >= 0);
+
+        // INVARIANT: Our safety contract ensures that `nanos` is in the range from 0 to
+        // `KTIME_MAX`.
+        Self {
+            inner: ktime,
+            _c: PhantomData,
+        }
+    }
 }
 
 impl<C: ClockSource> core::ops::Sub for Instant<C> {
-- 
2.50.0
Re: [PATCH v8 6/7] rust: time: Add Instant::from_ktime()
Posted by FUJITA Tomonori 1 month, 2 weeks ago 
On Tue, 19 Aug 2025 16:05:57 -0400
Lyude Paul <lyude@redhat.com> wrote:

> For implementing Rust bindings which can return a point in time.
> 
> Signed-off-by: Lyude Paul <lyude@redhat.com>
> 
> ---
> V4:
> * Turn from_nanos() into an unsafe function in order to ensure that we
>   uphold the invariants of Instant
> V5:
> * Add debug_assert!() to from_nanos
> V8:
> * Change name of function from Instant::from_nanos() to
>   Instant::from_ktime()
> 
>  rust/kernel/time.rs | 23 +++++++++++++++++++++++
>  1 file changed, 23 insertions(+)

Thanks!


> diff --git a/rust/kernel/time.rs b/rust/kernel/time.rs
> index 64c8dcf548d63..5c40ebe096357 100644
> --- a/rust/kernel/time.rs
> +++ b/rust/kernel/time.rs
> @@ -200,6 +200,29 @@ pub fn elapsed(&self) -> Delta {
>      pub(crate) fn as_nanos(&self) -> i64 {
>          self.inner
>      }
> +
> +    /// Create an [`Instant`] from a `ktime_t` without checking if it is non-negative.
> +    ///
> +    /// # Panics
> +    ///
> +    /// On debug builds, this function will panic if `nanos` is not in the range from 0 to
> +    /// `KTIME_MAX`.
> +    ///
> +    /// # Safety
> +    ///
> +    /// The caller promises that `nanos` is in the range from 0 to `KTIME_MAX`.

The comment looks outdated. 'ktime'?


> +    #[expect(unused)]
> +    #[inline]
> +    pub(crate) unsafe fn from_ktime(ktime: bindings::ktime_t) -> Self {
> +        debug_assert!(ktime >= 0);
> +
> +        // INVARIANT: Our safety contract ensures that `nanos` is in the range from 0 to

Ditto.

> +        // `KTIME_MAX`.
> +        Self {
> +            inner: ktime,
> +            _c: PhantomData,
> +        }
> +    }
>  }
>  
>  impl<C: ClockSource> core::ops::Sub for Instant<C> {
> -- 
> 2.50.0
> 
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.