From: "Danilo Krummrich" <dakr@kernel.org>
To: "Alice Ryhl" <aliceryhl@google.com>
Cc: <gregkh@linuxfoundation.org>, <rafael@kernel.org>,
<ojeda@kernel.org>, <alex.gaynor@gmail.com>,
<boqun.feng@gmail.com>, <gary@garyguo.net>,
<bjorn3_gh@protonmail.com>, <lossin@kernel.org>,
<a.hindborg@kernel.org>, <tmgross@umich.edu>,
<mmaurer@google.com>, <rust-for-linux@vger.kernel.org>,
<linux-fsdevel@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v3 05/10] rust: uaccess: add UserSliceWriter::write_slice_file()
Date: Thu, 23 Oct 2025 14:43:20 +0200 [thread overview]
Message-ID: <DDPPL8HKEERV.2JXDADIJPM6NY@kernel.org> (raw)
In-Reply-To: <aPoPbFXGXk_ohOpW@google.com>
On Thu Oct 23, 2025 at 1:20 PM CEST, Alice Ryhl wrote:
> I would love to have infallible conversions from usize to u64 (and u32
> to usize), but we can't really modify the stdlib to add them.
We can (and probably should) implement a kernel specific infallible one.
I think we also want a helper for `slice::len() as isize`.
> But even if we had them, it wouldn't help here since the target type is
> i64, not u64. And there are usize values that don't fit in i64 - it's
> just that in this case the usize fits in isize.
Sure, it doesn't change the code required for this case. Yet, I think that if we
agree on having a kernel specific infallible conversions for usize -> u64 and
isize -> i64, it makes this + operation formally more consistent.
Here's the diff I'd apply:
diff --git a/rust/kernel/fs/file.rs b/rust/kernel/fs/file.rs
index 681b8a9e5d52..63478dd7deb8 100644
--- a/rust/kernel/fs/file.rs
+++ b/rust/kernel/fs/file.rs
@@ -125,6 +125,22 @@ pub fn saturating_sub_usize(self, rhs: usize) -> Offset {
}
}
+impl core::ops::Add<isize> for Offset {
+ type Output = Offset;
+
+ #[inline]
+ fn add(self, rhs: isize) -> Offset {
+ Offset(self.0 + rhs as bindings::loff_t)
+ }
+}
+
+impl core::ops::AddAssign<isize> for Offset {
+ #[inline]
+ fn add_assign(&mut self, rhs: isize) {
+ self.0 += rhs as bindings::loff_t;
+ }
+}
+
impl From<bindings::loff_t> for Offset {
#[inline]
fn from(v: bindings::loff_t) -> Self {
diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
index 20ea31781efb..44ee334c4507 100644
--- a/rust/kernel/uaccess.rs
+++ b/rust/kernel/uaccess.rs
@@ -514,7 +514,8 @@ pub fn write_slice_file(&mut self, data: &[u8], offset: &mut file::Offset) -> Re
let written = self.write_slice_partial(data, offset_index)?;
- *offset = offset.saturating_add_usize(written);
+ // OVERFLOW: `offset + written <= data.len() <= isize::MAX <= Offset::MAX`
+ *offset += written as isize;
Ok(written)
}
next prev parent reply other threads:[~2025-10-23 12:43 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-22 14:30 [PATCH v3 00/10] Binary Large Objects for Rust DebugFS Danilo Krummrich
2025-10-22 14:30 ` [PATCH v3 01/10] rust: fs: add new type file::Offset Danilo Krummrich
2025-10-22 14:42 ` Miguel Ojeda
2025-10-24 12:15 ` Alice Ryhl
2025-10-28 11:04 ` Danilo Krummrich
2025-11-01 14:16 ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 02/10] rust: uaccess: add UserSliceReader::read_slice_partial() Danilo Krummrich
2025-10-24 10:39 ` Alice Ryhl
2025-11-01 14:16 ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 03/10] rust: uaccess: add UserSliceReader::read_slice_file() Danilo Krummrich
2025-11-01 14:16 ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 04/10] rust: uaccess: add UserSliceWriter::write_slice_partial() Danilo Krummrich
2025-10-23 8:33 ` Alice Ryhl
2025-10-28 13:57 ` Miguel Ojeda
2025-11-01 14:19 ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 05/10] rust: uaccess: add UserSliceWriter::write_slice_file() Danilo Krummrich
2025-10-23 8:30 ` Alice Ryhl
2025-10-23 10:35 ` Danilo Krummrich
2025-10-23 10:37 ` Alice Ryhl
2025-10-23 11:03 ` Danilo Krummrich
2025-10-23 11:20 ` Alice Ryhl
2025-10-23 12:43 ` Danilo Krummrich [this message]
2025-10-24 10:37 ` Alice Ryhl
2025-10-24 18:02 ` Miguel Ojeda
2025-11-01 14:27 ` Alexandre Courbot
2025-11-01 15:06 ` Miguel Ojeda
2025-10-28 14:07 ` Miguel Ojeda
2025-10-22 14:30 ` [PATCH v3 06/10] rust: debugfs: support for binary large objects Danilo Krummrich
2025-10-23 8:26 ` Alice Ryhl
2025-10-23 10:09 ` Danilo Krummrich
2025-10-23 10:21 ` Alice Ryhl
2025-10-24 10:36 ` Alice Ryhl
2025-10-22 14:30 ` [PATCH v3 07/10] rust: debugfs: support blobs from smart pointers Danilo Krummrich
2025-10-23 8:24 ` Alice Ryhl
2025-10-22 14:30 ` [PATCH v3 08/10] samples: rust: debugfs: add example for blobs Danilo Krummrich
2025-10-22 14:30 ` [PATCH v3 09/10] rust: debugfs: support binary large objects for ScopedDir Danilo Krummrich
2025-10-23 8:23 ` Alice Ryhl
2025-10-22 14:30 ` [PATCH v3 10/10] samples: rust: debugfs_scoped: add example for blobs Danilo Krummrich
2025-10-28 13:47 ` [PATCH v3 00/10] Binary Large Objects for Rust DebugFS Miguel Ojeda
2025-11-05 0:25 ` Danilo Krummrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DDPPL8HKEERV.2JXDADIJPM6NY@kernel.org \
--to=dakr@kernel.org \
--cc=a.hindborg@kernel.org \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=gary@garyguo.net \
--cc=gregkh@linuxfoundation.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=mmaurer@google.com \
--cc=ojeda@kernel.org \
--cc=rafael@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).