From: Alice Ryhl <aliceryhl@google.com>
To: Danilo Krummrich <dakr@kernel.org>
Cc: gregkh@linuxfoundation.org, rafael@kernel.org, ojeda@kernel.org,
alex.gaynor@gmail.com, boqun.feng@gmail.com, gary@garyguo.net,
bjorn3_gh@protonmail.com, lossin@kernel.org,
a.hindborg@kernel.org, tmgross@umich.edu, mmaurer@google.com,
rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/7] rust: debugfs: support for binary large objects
Date: Fri, 17 Oct 2025 12:59:32 +0000 [thread overview]
Message-ID: <aPI9tNoh0I3KGDjl@google.com> (raw)
In-Reply-To: <20251003222729.322059-4-dakr@kernel.org>
On Sat, Oct 04, 2025 at 12:26:40AM +0200, Danilo Krummrich wrote:
> Introduce support for read-only, write-only, and read-write binary files
> in Rust debugfs. This adds:
>
> - BinaryWriter and BinaryReader traits for writing to and reading from
> user slices in binary form.
> - New Dir methods: read_binary_file(), write_binary_file(),
> `read_write_binary_file`.
> - Corresponding FileOps implementations: BinaryReadFile,
> BinaryWriteFile, BinaryReadWriteFile.
>
> This allows kernel modules to expose arbitrary binary data through
> debugfs, with proper support for offsets and partial reads/writes.
>
> Signed-off-by: Danilo Krummrich <dakr@kernel.org>
> +extern "C" fn blob_write<T: BinaryReader>(
> + file: *mut bindings::file,
> + buf: *const c_char,
> + count: usize,
> + ppos: *mut bindings::loff_t,
> +) -> isize {
> + // SAFETY:
> + // - `file` is a valid pointer to a `struct file`.
> + // - The type invariant of `FileOps` guarantees that `private_data` points to a valid `T`.
> + let this = unsafe { &*((*file).private_data.cast::<T>()) };
> +
> + // SAFETY: `ppos` is a valid `loff_t` pointer.
> + let pos = unsafe { &mut *ppos };
> +
> + let mut reader = UserSlice::new(UserPtr::from_ptr(buf.cast_mut().cast()), count).reader();
> +
> + let ret = || -> Result<isize> {
> + let offset = (*pos).try_into()?;
So offsets larger than the buffer result in Ok(0) unless the offset
doesn't fit in an usize, in which case it's an error instead? I think we
should treat offsets that are too large in the same manner no matter
how large they are.
> + let read = this.read_from_slice(&mut reader, offset)?;
> + *pos += bindings::loff_t::try_from(read)?;
This addition could overflow and panic the kernel.
> + Ok(read.try_into()?)
> + }();
> +
> + match ret {
> + Ok(n) => n,
> + Err(e) => e.to_errno() as isize,
> + }
> +}
> +
> +pub(crate) trait BinaryWriteFile<T> {
> + const FILE_OPS: FileOps<T>;
> +}
Hmm ... this is inconsistent with how we do vtables in other parts of
`kernel`. Normally a struct is used instead of a trait (see e.g.
miscdevice or block). But the inconsistency is already present.
Alice
next prev parent reply other threads:[~2025-10-17 12:59 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-03 22:26 [PATCH 0/7] Binary Large Objects for Rust DebugFS Danilo Krummrich
2025-10-03 22:26 ` [PATCH 1/7] rust: uaccess: add UserSliceReader::read_slice_partial() Danilo Krummrich
2025-10-17 11:11 ` Alice Ryhl
2025-10-17 11:50 ` Danilo Krummrich
2025-10-03 22:26 ` [PATCH 2/7] rust: uaccess: add UserSliceWriter::write_slice_partial() Danilo Krummrich
2025-10-03 22:26 ` [PATCH 3/7] rust: debugfs: support for binary large objects Danilo Krummrich
2025-10-17 12:59 ` Alice Ryhl [this message]
2025-10-17 14:37 ` Danilo Krummrich
2025-10-17 14:53 ` Danilo Krummrich
2025-10-19 9:44 ` Alice Ryhl
2025-10-19 12:01 ` Danilo Krummrich
2025-10-20 8:12 ` Alice Ryhl
2025-10-20 9:40 ` Danilo Krummrich
2025-10-20 9:42 ` Alice Ryhl
2025-10-20 9:49 ` Danilo Krummrich
2025-10-19 9:50 ` Alice Ryhl
2025-10-19 11:24 ` Danilo Krummrich
2025-10-20 8:13 ` Alice Ryhl
2025-10-20 9:35 ` Danilo Krummrich
2025-10-20 9:39 ` Alice Ryhl
2025-10-20 9:41 ` Danilo Krummrich
2025-10-03 22:26 ` [PATCH 4/7] rust: debugfs: support blobs from smart pointers Danilo Krummrich
2025-10-03 23:12 ` Matthew Maurer
2025-10-03 23:26 ` Danilo Krummrich
2025-10-03 23:36 ` Matthew Maurer
2025-10-03 22:26 ` [PATCH 5/7] samples: rust: debugfs: add example for blobs Danilo Krummrich
2025-10-20 10:01 ` Alice Ryhl
2025-10-03 22:26 ` [PATCH 6/7] rust: debugfs: support binary large objects for ScopedDir Danilo Krummrich
2025-10-17 13:00 ` Alice Ryhl
2025-10-17 14:55 ` Danilo Krummrich
2025-10-03 22:26 ` [PATCH 7/7] samples: rust: debugfs_scoped: add example for blobs Danilo Krummrich
2025-10-20 10:02 ` Alice Ryhl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aPI9tNoh0I3KGDjl@google.com \
--to=aliceryhl@google.com \
--cc=a.hindborg@kernel.org \
--cc=alex.gaynor@gmail.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=dakr@kernel.org \
--cc=gary@garyguo.net \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=mmaurer@google.com \
--cc=ojeda@kernel.org \
--cc=rafael@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.