Merge tag 'rust-6.13' of https://github.com/Rust-for-Linux/linux

Pull rust updates from Miguel Ojeda:
 "Toolchain and infrastructure:

   - Enable a series of lints, including safety-related ones, e.g. the
     compiler will now warn about missing safety comments, as well as
     unnecessary ones. How safety documentation is organized is a
     frequent source of review comments, thus having the compiler guide
     new developers on where they are expected (and where not) is very
     nice.

   - Start using '#[expect]': an interesting feature in Rust (stabilized
     in 1.81.0) that makes the compiler warn if an expected warning was
     _not_ emitted. This is useful to avoid forgetting cleaning up
     locally ignored diagnostics ('#[allow]'s).

   - Introduce '.clippy.toml' configuration file for Clippy, the Rust
     linter, which will allow us to tweak its behaviour. For instance,
     our first use cases are declaring a disallowed macro and, more
     importantly, enabling the checking of private items.

   - Lints-related fixes and cleanups related to the items above.

   - Migrate from 'receiver_trait' to 'arbitrary_self_types': to get the
     kernel into stable Rust, one of the major pieces of the puzzle is
     the support to write custom types that can be used as 'self', i.e.
     as receivers, since the kernel needs to write types such as 'Arc'
     that common userspace Rust would not. 'arbitrary_self_types' has
     been accepted to become stable, and this is one of the steps
     required to get there.

   - Remove usage of the 'new_uninit' unstable feature.

   - Use custom C FFI types. Includes a new 'ffi' crate to contain our
     custom mapping, instead of using the standard library 'core::ffi'
     one. The actual remapping will be introduced in a later cycle.

   - Map '__kernel_{size_t,ssize_t,ptrdiff_t}' to 'usize'/'isize'
     instead of 32/64-bit integers.

   - Fix 'size_t' in bindgen generated prototypes of C builtins.

   - Warn on bindgen < 0.69.5 and libclang >= 19.1 due to a double issue
     in the projects, which we managed to trigger with the upcoming
     tracepoint support. It includes a build test since some
     distributions backported the fix (e.g. Debian -- thanks!). All
     major distributions we list should be now OK except Ubuntu non-LTS.

  'macros' crate:

   - Adapt the build system to be able run the doctests there too; and
     clean up and enable the corresponding doctests.

  'kernel' crate:

   - Add 'alloc' module with generic kernel allocator support and remove
     the dependency on the Rust standard library 'alloc' and the
     extension traits we used to provide fallible methods with flags.

     Add the 'Allocator' trait and its implementations '{K,V,KV}malloc'.
     Add the 'Box' type (a heap allocation for a single value of type
     'T' that is also generic over an allocator and considers the
     kernel's GFP flags) and its shorthand aliases '{K,V,KV}Box'. Add
     'ArrayLayout' type. Add 'Vec' (a contiguous growable array type)
     and its shorthand aliases '{K,V,KV}Vec', including iterator
     support.

     For instance, now we may write code such as:

         let mut v = KVec::new();
         v.push(1, GFP_KERNEL)?;
         assert_eq!(&v, &[1]);

     Treewide, move as well old users to these new types.

   - 'sync' module: add global lock support, including the
     'GlobalLockBackend' trait; the 'Global{Lock,Guard,LockedBy}' types
     and the 'global_lock!' macro. Add the 'Lock::try_lock' method.

   - 'error' module: optimize 'Error' type to use 'NonZeroI32' and make
     conversion functions public.

   - 'page' module: add 'page_align' function.

   - Add 'transmute' module with the existing 'FromBytes' and 'AsBytes'
     traits.

   - 'block::mq::request' module: improve rendered documentation.

   - 'types' module: extend 'Opaque' type documentation and add simple
     examples for the 'Either' types.

  drm/panic:

   - Clean up a series of Clippy warnings.

  Documentation:

   - Add coding guidelines for lints and the '#[expect]' feature.

   - Add Ubuntu to the list of distributions in the Quick Start guide.

  MAINTAINERS:

   - Add Danilo Krummrich as maintainer of the new 'alloc' module.

  And a few other small cleanups and fixes"

* tag 'rust-6.13' of https://github.com/Rust-for-Linux/linux: (82 commits)
  rust: alloc: Fix `ArrayLayout` allocations
  docs: rust: remove spurious item in `expect` list
  rust: allow `clippy::needless_lifetimes`
  rust: warn on bindgen < 0.69.5 and libclang >= 19.1
  rust: use custom FFI integer types
  rust: map `__kernel_size_t` and friends also to usize/isize
  rust: fix size_t in bindgen prototypes of C builtins
  rust: sync: add global lock support
  rust: macros: enable the rest of the tests
  rust: macros: enable paste! use from macro_rules!
  rust: enable macros::module! tests
  rust: kbuild: expand rusttest target for macros
  rust: types: extend `Opaque` documentation
  rust: block: fix formatting of `kernel::block::mq::request` module
  rust: macros: fix documentation of the paste! macro
  rust: kernel: fix THIS_MODULE header path in ThisModule doc comment
  rust: page: add Rust version of PAGE_ALIGN
  rust: helpers: remove unnecessary header includes
  rust: exports: improve grammar in commentary
  drm/panic: allow verbose version check
  ...

diff --cc MAINTAINERS
index e455ca5202d16f448faaa7867741d020f49bb542,b77f4495dcf427f9901686985296721b82b3f91f..443217066eb97d102b8a4b8109751b620fdb62b2
--- 1/MAINTAINERS
--- 2/MAINTAINERS
+++ b/MAINTAINERS
@@@ -20368,8 -20222,8 +20368,9 @@@ B:   https://github.com/Rust-for-Linux/li
  C:    zulip://rust-for-linux.zulipchat.com
  P:    https://rust-for-linux.com/contributing
  T:    git https://github.com/Rust-for-Linux/linux.git rust-next
+ F:    .clippy.toml
  F:    Documentation/rust/
 +F:    include/trace/events/rust_sample.h
  F:    rust/
  F:    samples/rust/
  F:    scripts/*rust*

diff --cc Makefile
Simple merge

diff --cc rust/Makefile
Simple merge

diff --cc rust/bindings/bindings_helper.h
Simple merge

diff --cc rust/helpers/helpers.c
Simple merge

diff --cc rust/helpers/spinlock.c
Simple merge

diff --cc rust/helpers/task.c
Simple merge

diff --cc rust/kernel/lib.rs
index 661939357e8087ca217a8a2d0bdd8b1da097829d,bf8d7f841f9425d19a24f3910929839cfe705c7f..04dbee70d3e66a256240c4fb5c36b2a05d07db03
--- 1/rust/kernel/lib.rs
--- 2/rust/kernel/lib.rs
+++ b/rust/kernel/lib.rs
@@@ -59,7 -56,7 +62,8 @@@ pub mod str
  pub mod sync;
  pub mod task;
  pub mod time;
 +pub mod tracepoint;
+ pub mod transmute;
  pub mod types;
  pub mod uaccess;
  pub mod workqueue;

diff --cc rust/kernel/net/phy.rs
Simple merge

diff --cc rust/kernel/sync.rs
Simple merge

diff --cc rust/kernel/sync/lock.rs
Simple merge

diff --cc rust/kernel/task.rs
index c1163237a4aa6e4970458558378037d249c13bb9,5bce090a386977596c3007bb7531d78c94fee181..7a76be58312692d9cb116a066870358db563a041
--- 1/rust/kernel/task.rs
--- 2/rust/kernel/task.rs
+++ b/rust/kernel/task.rs
@@@ -4,17 -4,9 +4,13 @@@
  //!
  //! C header: [`include/linux/sched.h`](srctree/include/linux/sched.h).
  
- use core::{
-     cmp::{Eq, PartialEq},
-     ffi::{c_int, c_long, c_uint},
-     ops::Deref,
-     ptr,
- };
 +use crate::{
 +    bindings,
 +    pid_namespace::PidNamespace,
 +    types::{ARef, NotThreadSafe, Opaque},
 +};
 -use crate::types::Opaque;
 -use core::{marker::PhantomData, ops::Deref, ptr};
+ use crate::ffi::{c_int, c_long, c_uint};
++use core::{cmp::{Eq, PartialEq},ops::Deref, ptr};
  
  /// A sentinel value used for infinite timeouts.
  pub const MAX_SCHEDULE_TIMEOUT: c_long = c_long::MAX;

diff --cc rust/kernel/types.rs
index 3238ffaab031be09a3c264e7016c65fd4958464b,a7eaa29f08a40a0f46d616c5b6aab8f9897a0f62..7a133d938551f95c9768c7fe2e592bc867c9ea0d
--- 1/rust/kernel/types.rs
--- 2/rust/kernel/types.rs
+++ b/rust/kernel/types.rs
@@@ -468,88 -480,3 +480,24 @@@ pub enum Either<L, R> 
      /// Constructs an instance of [`Either`] containing a value of type `R`.
      Right(R),
  }
- /// Types for which any bit pattern is valid.
- ///
- /// Not all types are valid for all values. For example, a `bool` must be either zero or one, so
- /// reading arbitrary bytes into something that contains a `bool` is not okay.
- ///
- /// It's okay for the type to have padding, as initializing those bytes has no effect.
- ///
- /// # Safety
- ///
- /// All bit-patterns must be valid for this type. This type must not have interior mutability.
- pub unsafe trait FromBytes {}
- 
- // SAFETY: All bit patterns are acceptable values of the types below.
- unsafe impl FromBytes for u8 {}
- unsafe impl FromBytes for u16 {}
- unsafe impl FromBytes for u32 {}
- unsafe impl FromBytes for u64 {}
- unsafe impl FromBytes for usize {}
- unsafe impl FromBytes for i8 {}
- unsafe impl FromBytes for i16 {}
- unsafe impl FromBytes for i32 {}
- unsafe impl FromBytes for i64 {}
- unsafe impl FromBytes for isize {}
- // SAFETY: If all bit patterns are acceptable for individual values in an array, then all bit
- // patterns are also acceptable for arrays of that type.
- unsafe impl<T: FromBytes> FromBytes for [T] {}
- unsafe impl<T: FromBytes, const N: usize> FromBytes for [T; N] {}
- 
- /// Types that can be viewed as an immutable slice of initialized bytes.
- ///
- /// If a struct implements this trait, then it is okay to copy it byte-for-byte to userspace. This
- /// means that it should not have any padding, as padding bytes are uninitialized. Reading
- /// uninitialized memory is not just undefined behavior, it may even lead to leaking sensitive
- /// information on the stack to userspace.
- ///
- /// The struct should also not hold kernel pointers, as kernel pointer addresses are also considered
- /// sensitive. However, leaking kernel pointers is not considered undefined behavior by Rust, so
- /// this is a correctness requirement, but not a safety requirement.
- ///
- /// # Safety
- ///
- /// Values of this type may not contain any uninitialized bytes. This type must not have interior
- /// mutability.
- pub unsafe trait AsBytes {}
- 
- // SAFETY: Instances of the following types have no uninitialized portions.
- unsafe impl AsBytes for u8 {}
- unsafe impl AsBytes for u16 {}
- unsafe impl AsBytes for u32 {}
- unsafe impl AsBytes for u64 {}
- unsafe impl AsBytes for usize {}
- unsafe impl AsBytes for i8 {}
- unsafe impl AsBytes for i16 {}
- unsafe impl AsBytes for i32 {}
- unsafe impl AsBytes for i64 {}
- unsafe impl AsBytes for isize {}
- unsafe impl AsBytes for bool {}
- unsafe impl AsBytes for char {}
- unsafe impl AsBytes for str {}
- // SAFETY: If individual values in an array have no uninitialized portions, then the array itself
- // does not have any uninitialized portions either.
- unsafe impl<T: AsBytes> AsBytes for [T] {}
- unsafe impl<T: AsBytes, const N: usize> AsBytes for [T; N] {}
- 
 +
 +/// Zero-sized type to mark types not [`Send`].
 +///
 +/// Add this type as a field to your struct if your type should not be sent to a different task.
 +/// Since [`Send`] is an auto trait, adding a single field that is `!Send` will ensure that the
 +/// whole type is `!Send`.
 +///
 +/// If a type is `!Send` it is impossible to give control over an instance of the type to another
 +/// task. This is useful to include in types that store or reference task-local information. A file
 +/// descriptor is an example of such task-local information.
 +///
 +/// This type also makes the type `!Sync`, which prevents immutable access to the value from
 +/// several threads in parallel.
 +pub type NotThreadSafe = PhantomData<*mut ()>;
 +
 +/// Used to construct instances of type [`NotThreadSafe`] similar to how `PhantomData` is
 +/// constructed.
 +///
 +/// [`NotThreadSafe`]: type@NotThreadSafe
 +#[allow(non_upper_case_globals)]
 +pub const NotThreadSafe: NotThreadSafe = PhantomData;

diff --cc samples/rust/rust_print_main.rs
Simple merge

diff --cc scripts/Makefile.build
index 03ee558fcd4dfb602361744b79b2ff87ccbcc62c,2bba59e790b8a43f7f521e9c50a8ea6d43c2141a..f483a54380e71b460c1d54f2c2380e89de491f71
--- 1/scripts/Makefile.build
--- 2/scripts/Makefile.build
+++ b/scripts/Makefile.build
@@@ -248,7 -248,7 +248,7 @@@ $(obj)/%.lst: $(obj)/%.c FORC
  # Compile Rust sources (.rs)
  # ---------------------------------------------------------------------------
  
- rust_allowed_features := asm_const,asm_goto,new_uninit
 -rust_allowed_features := arbitrary_self_types,lint_reasons
++rust_allowed_features := asm_const,asm_goto,arbitrary_self_types,lint_reasons
  
  # `--out-dir` is required to avoid temporaries being created by `rustc` in the
  # current working directory, which may be not accessible in the out-of-tree