From: Alice Ryhl <aliceryhl@google.com>
To: Timur Tabi <ttabi@nvidia.com>
Cc: Matthew Maurer <mmaurer@google.com>,
Danilo Krummrich <dakr@kernel.org>, Gary Guo <gary@garyguo.net>,
Joel Fernandes <joelagnelf@nvidia.com>,
Alexandre Courbot <acourbot@nvidia.com>,
nouveau@lists.freedesktop.org, rust-for-linux@vger.kernel.org
Subject: Re: [PATCH v5 3/8] rust: uaccess: add UserSliceWriter::write_buffer() for raw pointer writes
Date: Sat, 17 Jan 2026 13:23:57 +0000 [thread overview]
Message-ID: <aWuNbUywGRH1zo-0@google.com> (raw)
In-Reply-To: <20260116214959.641032-4-ttabi@nvidia.com>
On Fri, Jan 16, 2026 at 03:49:54PM -0600, Timur Tabi wrote:
> Add a new method to UserSliceWriter that copies data from a raw kernel
> pointer to userspace, without requiring a Rust slice reference.
>
> The method takes:
> - data: raw pointer to the source buffer
> - len: total size of the source buffer (for bounds checking)
> - offset: byte offset into the source buffer to start copying from
> - count: number of bytes to copy
>
> The method is marked unsafe because the caller must ensure the pointer
> is valid for the specified length and that the memory is not mutated
> during the call.
>
> Signed-off-by: Timur Tabi <ttabi@nvidia.com>
> ---
> rust/kernel/uaccess.rs | 50 ++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 50 insertions(+)
>
> diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
> index f989539a31b4..8bbb0084abb1 100644
> --- a/rust/kernel/uaccess.rs
> +++ b/rust/kernel/uaccess.rs
> @@ -481,6 +481,56 @@ pub fn write_slice(&mut self, data: &[u8]) -> Result {
> Ok(())
> }
>
> + /// Writes raw data to this user pointer from a raw kernel pointer.
> + ///
> + /// This is similar to [`Self::write_slice`] but takes a raw pointer instead of a slice,
> + /// along with a total buffer length, an offset into the that buffer, and a count of bytes
> + /// to copy.
> + ///
> + /// Returns error if the offset+count exceeds the buffer size.
> + ///
> + /// Fails with [`EFAULT`] if the write happens on a bad address, or if the write goes out of
> + /// bounds of this [`UserSliceWriter`]. This call may modify the associated userspace slice
> + /// even if it returns an error.
> + ///
> + /// # Safety
> + ///
> + /// - `data` must point to a valid memory region of at least `len` bytes that remains allocated
> + /// for the duration of this call.
> + ///
> + /// Note: Unlike [`Self::write_slice`], this method does not require exclusive access to the
> + /// source memory. The memory may be concurrently modified by other threads or hardware (e.g.,
> + /// DMA buffers). In such cases, the copied data may be inconsistent, but this does not cause
> + /// undefined behavior.
> + pub unsafe fn write_buffer(
> + &mut self,
> + data: *const u8,
> + len: usize,
> + offset: usize,
> + count: usize,
> + ) -> Result {
Why not this signature?
unsafe fn write_raw_slice(&mut self, data: *const [u8]) -> Result;
You can implement `write_slice` in terms of it.
Alice
WARNING: multiple messages have this Message-ID (diff)
From: Alice Ryhl <aliceryhl@google.com>
To: Timur Tabi <ttabi@nvidia.com>
Cc: Matthew Maurer <mmaurer@google.com>,
Danilo Krummrich <dakr@kernel.org>, Gary Guo <gary@garyguo.net>,
John Hubbard <jhubbard@nvidia.com>,
Joel Fernandes <joelagnelf@nvidia.com>,
Alexandre Courbot <acourbot@nvidia.com>,
nouveau@lists.freedesktop.org, rust-for-linux@vger.kernel.org
Subject: Re: [PATCH v5 3/8] rust: uaccess: add UserSliceWriter::write_buffer() for raw pointer writes
Date: Sat, 17 Jan 2026 13:23:57 +0000 [thread overview]
Message-ID: <aWuNbUywGRH1zo-0@google.com> (raw)
In-Reply-To: <20260116214959.641032-4-ttabi@nvidia.com>
On Fri, Jan 16, 2026 at 03:49:54PM -0600, Timur Tabi wrote:
> Add a new method to UserSliceWriter that copies data from a raw kernel
> pointer to userspace, without requiring a Rust slice reference.
>
> The method takes:
> - data: raw pointer to the source buffer
> - len: total size of the source buffer (for bounds checking)
> - offset: byte offset into the source buffer to start copying from
> - count: number of bytes to copy
>
> The method is marked unsafe because the caller must ensure the pointer
> is valid for the specified length and that the memory is not mutated
> during the call.
>
> Signed-off-by: Timur Tabi <ttabi@nvidia.com>
> ---
> rust/kernel/uaccess.rs | 50 ++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 50 insertions(+)
>
> diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
> index f989539a31b4..8bbb0084abb1 100644
> --- a/rust/kernel/uaccess.rs
> +++ b/rust/kernel/uaccess.rs
> @@ -481,6 +481,56 @@ pub fn write_slice(&mut self, data: &[u8]) -> Result {
> Ok(())
> }
>
> + /// Writes raw data to this user pointer from a raw kernel pointer.
> + ///
> + /// This is similar to [`Self::write_slice`] but takes a raw pointer instead of a slice,
> + /// along with a total buffer length, an offset into the that buffer, and a count of bytes
> + /// to copy.
> + ///
> + /// Returns error if the offset+count exceeds the buffer size.
> + ///
> + /// Fails with [`EFAULT`] if the write happens on a bad address, or if the write goes out of
> + /// bounds of this [`UserSliceWriter`]. This call may modify the associated userspace slice
> + /// even if it returns an error.
> + ///
> + /// # Safety
> + ///
> + /// - `data` must point to a valid memory region of at least `len` bytes that remains allocated
> + /// for the duration of this call.
> + ///
> + /// Note: Unlike [`Self::write_slice`], this method does not require exclusive access to the
> + /// source memory. The memory may be concurrently modified by other threads or hardware (e.g.,
> + /// DMA buffers). In such cases, the copied data may be inconsistent, but this does not cause
> + /// undefined behavior.
> + pub unsafe fn write_buffer(
> + &mut self,
> + data: *const u8,
> + len: usize,
> + offset: usize,
> + count: usize,
> + ) -> Result {
Why not this signature?
unsafe fn write_raw_slice(&mut self, data: *const [u8]) -> Result;
You can implement `write_slice` in terms of it.
Alice
next prev parent reply other threads:[~2026-01-17 13:24 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-16 21:49 [PATCH v5 0/8] gpu: nova-core: expose the logging buffers via debugfs Timur Tabi
2026-01-16 21:49 ` [PATCH v5 1/8] rust: pci: add device name method Timur Tabi
2026-01-17 11:09 ` Danilo Krummrich
2026-01-17 11:09 ` Danilo Krummrich
2026-01-27 21:04 ` Timur Tabi
2026-01-27 21:04 ` Timur Tabi
2026-01-27 21:07 ` Danilo Krummrich
2026-01-27 21:07 ` Danilo Krummrich
2026-01-16 21:49 ` [PATCH v5 2/8] rust: debugfs: add Dir::empty() for conditional debugfs usage Timur Tabi
2026-01-19 12:08 ` Gary Guo
2026-01-20 17:54 ` Matthew Maurer
2026-01-20 17:54 ` Matthew Maurer
2026-01-20 18:19 ` Danilo Krummrich
2026-01-20 18:19 ` Danilo Krummrich
2026-01-16 21:49 ` [PATCH v5 3/8] rust: uaccess: add UserSliceWriter::write_buffer() for raw pointer writes Timur Tabi
2026-01-17 11:18 ` Danilo Krummrich
2026-01-17 11:18 ` Danilo Krummrich
2026-01-17 11:19 ` Danilo Krummrich
2026-01-17 11:19 ` Danilo Krummrich
2026-01-17 13:23 ` Alice Ryhl [this message]
2026-01-17 13:23 ` Alice Ryhl
2026-01-17 14:23 ` Alice Ryhl
2026-01-17 14:23 ` Alice Ryhl
2026-01-17 14:35 ` Danilo Krummrich
2026-01-17 14:35 ` Danilo Krummrich
2026-01-19 12:13 ` Gary Guo
2026-01-19 12:13 ` Gary Guo
2026-01-19 12:38 ` Danilo Krummrich
2026-01-19 12:38 ` Danilo Krummrich
2026-01-16 21:49 ` [PATCH v5 4/8] gpu: nova-core: implement BinaryWriter for LogBuffer Timur Tabi
2026-01-17 11:22 ` Danilo Krummrich
2026-01-17 11:22 ` Danilo Krummrich
2026-01-19 12:17 ` Gary Guo
2026-01-28 20:20 ` Timur Tabi
2026-01-16 21:49 ` [PATCH v5 5/8] gpu: nova-core: Replace module_pci_driver! with explicit module init Timur Tabi
2026-01-17 11:24 ` Danilo Krummrich
2026-01-17 11:24 ` Danilo Krummrich
2026-01-28 20:52 ` Timur Tabi
2026-01-28 20:52 ` Timur Tabi
2026-01-16 21:49 ` [PATCH v5 6/8] gpu: nova-core: use pin projection in method boot() Timur Tabi
2026-01-16 21:49 ` [PATCH v5 7/8] gpu: nova-core: create debugfs root in module init Timur Tabi
2026-01-17 12:18 ` Danilo Krummrich
2026-01-17 12:18 ` Danilo Krummrich
2026-01-17 12:29 ` Danilo Krummrich
2026-01-17 12:29 ` Danilo Krummrich
2026-01-17 20:58 ` Timur Tabi
2026-01-17 20:58 ` Timur Tabi
2026-01-17 21:35 ` Danilo Krummrich
2026-01-17 21:35 ` Danilo Krummrich
2026-01-17 21:52 ` Timur Tabi
2026-01-17 21:52 ` Timur Tabi
2026-01-17 22:00 ` Danilo Krummrich
2026-01-17 22:00 ` Danilo Krummrich
2026-01-16 21:49 ` [PATCH v5 8/8] gpu: nova-core: create GSP-RM logging buffers debugfs entries Timur Tabi
2026-01-17 12:21 ` Danilo Krummrich
2026-01-17 12:21 ` Danilo Krummrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aWuNbUywGRH1zo-0@google.com \
--to=aliceryhl@google.com \
--cc=acourbot@nvidia.com \
--cc=dakr@kernel.org \
--cc=gary@garyguo.net \
--cc=joelagnelf@nvidia.com \
--cc=mmaurer@google.com \
--cc=nouveau@lists.freedesktop.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=ttabi@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.