rust: add basic owned C strings

For now they're only constructible from formatted arguments. They will
be used in a subsequent patch to allow registration of miscdevs with
names that are constructed at runtime.

Signed-off-by: Wedson Almeida Filho <[email protected]>

Author: wedsonaf

rust/kernel/prelude.rs

@@ -20,7 +20,7 @@ pub use macros::module;
 pub use super::build_assert;
 
 pub use super::{
-    dbg, dev_alert, dev_crit, dev_dbg, dev_emerg, dev_err, dev_info, dev_notice, dev_warn,
+    dbg, dev_alert, dev_crit, dev_dbg, dev_emerg, dev_err, dev_info, dev_notice, dev_warn, fmt,
     pr_alert, pr_crit, pr_debug, pr_emerg, pr_err, pr_info, pr_notice, pr_warn,
 };
 

rust/kernel/str.rs

@@ -2,11 +2,11 @@
 
 //! String representations.
 
+use alloc::vec::Vec;
 use core::fmt::{self, Write};
 use core::ops::{self, Deref, Index};
 
-use crate::bindings;
-use crate::c_types;
+use crate::{bindings, c_types, Error};
 
 /// Byte string without UTF-8 validity guarantee.
 ///
@@ -500,3 +500,77 @@ impl fmt::Write for Formatter {
         }
     }
 }
+
+/// An owned string that is guaranteed to have exactly one `NUL` byte, which is at the end.
+///
+/// Used for interoperability with kernel APIs that take C strings.
+///
+/// # Examples
+///
+/// ```
+/// # use kernel::prelude::*;
+/// use kernel::str::CString;
+///
+/// let s = CString::try_from_fmt(fmt!("{}{}{}", "abc", 10, 20)).unwrap();
+/// assert_eq!(s.as_bytes_with_nul(), "abc1020\0".as_bytes());
+///
+/// let tmp = "testing";
+/// let s = CString::try_from_fmt(fmt!("{tmp}{}", 123)).unwrap();
+/// assert_eq!(s.as_bytes_with_nul(), "testing123\0".as_bytes());
+/// ```
+pub struct CString {
+    buf: Vec<u8>,
+}
+
+impl CString {
+    /// Creates an instance of [`CString`] from the given formatted arguments.
+    pub fn try_from_fmt(args: fmt::Arguments<'_>) -> Result<Self, Error> {
+        // Calculate the size needed (formatted string plus `NUL` terminator). Since we're
+        // initialising the initial buffer to `null`, we know the insert position will hold the
+        // required length after we've written everything.
+        // SAFETY: The buffer is empty, so we guarantee its validity vacuously.
+        let mut f =
+            unsafe { RawFormatter::from_ptrs(core::ptr::null_mut(), core::ptr::null_mut()) };
+        f.write_fmt(args)?;
+        f.write_str("\0")?;
+        let size = f.pos() as _;
+
+        // Allocate a vector with the required number of bytes, and write to it.
+        let mut buf = Vec::try_with_capacity(size)?;
+        // SAFETY: The buffer stored in `buf` is at least of size `size` and is valid for writes.
+        let mut f = unsafe { Formatter::from_buffer(buf.as_mut_ptr(), size) };
+        f.write_fmt(args)?;
+        f.write_str("\0")?;
+
+        // SAFETY: `size` is exactly the capacity of `buf`, and all elements have been initialised
+        // by the formatter above.
+        unsafe { buf.set_len(size) };
+
+        // Check that there are no `NUL` bytes before the end.
+        for c in buf.iter().take(size - 1) {
+            if *c == 0 {
+                return Err(Error::EINVAL);
+            }
+        }
+
+        Ok(Self { buf })
+    }
+
+    /// Returns a C pointer to the string.
+    #[inline]
+    pub fn as_char_ptr(&self) -> *const c_types::c_char {
+        self.buf.as_ptr() as _
+    }
+
+    /// Converts the string to a byte slice containing the trailing 0 byte.
+    #[inline]
+    pub fn as_bytes_with_nul(&self) -> &[u8] {
+        self.buf.as_slice()
+    }
+}
+
+/// A convenience alias for [`core::format_args`].
+#[macro_export]
+macro_rules! fmt {
+    ($($f:tt)*) => ( core::format_args!($($f)*) )
+}