Re: [PATCH v3 05/10] rust: uaccess: add UserSliceWriter::write_slice_file()

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: "Danilo Krummrich" <dakr@kernel.org>
To: "Alice Ryhl" <aliceryhl@google.com>
Cc: <gregkh@linuxfoundation.org>, <rafael@kernel.org>,
	<ojeda@kernel.org>, <alex.gaynor@gmail.com>,
	<boqun.feng@gmail.com>, <gary@garyguo.net>,
	<bjorn3_gh@protonmail.com>, <lossin@kernel.org>,
	<a.hindborg@kernel.org>, <tmgross@umich.edu>,
	<mmaurer@google.com>, <rust-for-linux@vger.kernel.org>,
	<linux-fsdevel@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v3 05/10] rust: uaccess: add UserSliceWriter::write_slice_file()
Date: Thu, 23 Oct 2025 12:35:00 +0200	[thread overview]
Message-ID: <DDPMUZAEIEBR.ORPLOPEERGNB@kernel.org> (raw)
In-Reply-To: <aPnnkU3IWwgERuT3@google.com>

On Thu Oct 23, 2025 at 10:30 AM CEST, Alice Ryhl wrote:
> On Wed, Oct 22, 2025 at 04:30:39PM +0200, Danilo Krummrich wrote:
>> Add UserSliceWriter::write_slice_file(), which is the same as
>> UserSliceWriter::write_slice_partial() but updates the given
>> file::Offset by the number of bytes written.
>> 
>> This is equivalent to C's `simple_read_from_buffer()` and useful when
>> dealing with file offsets from file operations.
>> 
>> Signed-off-by: Danilo Krummrich <dakr@kernel.org>
>> ---
>>  rust/kernel/uaccess.rs | 24 ++++++++++++++++++++++++
>>  1 file changed, 24 insertions(+)
>> 
>> diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
>> index 539e77a09cbc..20ea31781efb 100644
>> --- a/rust/kernel/uaccess.rs
>> +++ b/rust/kernel/uaccess.rs
>> @@ -495,6 +495,30 @@ pub fn write_slice_partial(&mut self, data: &[u8], offset: usize) -> Result<usiz
>>              .map_or(Ok(0), |src| self.write_slice(src).map(|()| src.len()))
>>      }
>>  
>> +    /// Writes raw data to this user pointer from a kernel buffer partially.
>> +    ///
>> +    /// This is the same as [`Self::write_slice_partial`] but updates the given [`file::Offset`] by
>> +    /// the number of bytes written.
>> +    ///
>> +    /// This is equivalent to C's `simple_read_from_buffer()`.
>> +    ///
>> +    /// On success, returns the number of bytes written.
>> +    pub fn write_slice_file(&mut self, data: &[u8], offset: &mut file::Offset) -> Result<usize> {
>> +        if offset.is_negative() {
>> +            return Err(EINVAL);
>> +        }
>> +
>> +        let Ok(offset_index) = (*offset).try_into() else {
>> +            return Ok(0);
>> +        };
>> +
>> +        let written = self.write_slice_partial(data, offset_index)?;
>> +
>> +        *offset = offset.saturating_add_usize(written);
>
> This addition should never overflow:

It probably never will (which is why this was a + operation in v1).

> 	offset + written <= data.len() <= isize::MAX <= Offset::MAX

However, this would rely on implementation details you listed, i.e. the
invariant that a slice length should be at most isize::MAX and what's the
maximum size of file::Offset::MAX.

Even though I don't expect any of the above to change any time soon
saturating_add_usize() seems reasonable to me.

> I can't help but think that maybe this should be a + operation instead?

next prev parent reply	other threads:[~2025-10-23 10:35 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-10-22 14:30 [PATCH v3 00/10] Binary Large Objects for Rust DebugFS Danilo Krummrich
2025-10-22 14:30 ` [PATCH v3 01/10] rust: fs: add new type file::Offset Danilo Krummrich
2025-10-22 14:42   ` Miguel Ojeda
2025-10-24 12:15   ` Alice Ryhl
2025-10-28 11:04   ` Danilo Krummrich
2025-11-01 14:16   ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 02/10] rust: uaccess: add UserSliceReader::read_slice_partial() Danilo Krummrich
2025-10-24 10:39   ` Alice Ryhl
2025-11-01 14:16   ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 03/10] rust: uaccess: add UserSliceReader::read_slice_file() Danilo Krummrich
2025-11-01 14:16   ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 04/10] rust: uaccess: add UserSliceWriter::write_slice_partial() Danilo Krummrich
2025-10-23  8:33   ` Alice Ryhl
2025-10-28 13:57     ` Miguel Ojeda
2025-11-01 14:19   ` Alexandre Courbot
2025-10-22 14:30 ` [PATCH v3 05/10] rust: uaccess: add UserSliceWriter::write_slice_file() Danilo Krummrich
2025-10-23  8:30   ` Alice Ryhl
2025-10-23 10:35     ` Danilo Krummrich [this message]
2025-10-23 10:37       ` Alice Ryhl
2025-10-23 11:03         ` Danilo Krummrich
2025-10-23 11:20           ` Alice Ryhl
2025-10-23 12:43             ` Danilo Krummrich
2025-10-24 10:37               ` Alice Ryhl
2025-10-24 18:02             ` Miguel Ojeda
2025-11-01 14:27               ` Alexandre Courbot
2025-11-01 15:06                 ` Miguel Ojeda
2025-10-28 14:07   ` Miguel Ojeda
2025-10-22 14:30 ` [PATCH v3 06/10] rust: debugfs: support for binary large objects Danilo Krummrich
2025-10-23  8:26   ` Alice Ryhl
2025-10-23 10:09     ` Danilo Krummrich
2025-10-23 10:21       ` Alice Ryhl
2025-10-24 10:36         ` Alice Ryhl
2025-10-22 14:30 ` [PATCH v3 07/10] rust: debugfs: support blobs from smart pointers Danilo Krummrich
2025-10-23  8:24   ` Alice Ryhl
2025-10-22 14:30 ` [PATCH v3 08/10] samples: rust: debugfs: add example for blobs Danilo Krummrich
2025-10-22 14:30 ` [PATCH v3 09/10] rust: debugfs: support binary large objects for ScopedDir Danilo Krummrich
2025-10-23  8:23   ` Alice Ryhl
2025-10-22 14:30 ` [PATCH v3 10/10] samples: rust: debugfs_scoped: add example for blobs Danilo Krummrich
2025-10-28 13:47 ` [PATCH v3 00/10] Binary Large Objects for Rust DebugFS Miguel Ojeda
2025-11-05  0:25 ` Danilo Krummrich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=DDPMUZAEIEBR.ORPLOPEERGNB@kernel.org \
    --to=dakr@kernel.org \
    --cc=a.hindborg@kernel.org \
    --cc=alex.gaynor@gmail.com \
    --cc=aliceryhl@google.com \
    --cc=bjorn3_gh@protonmail.com \
    --cc=boqun.feng@gmail.com \
    --cc=gary@garyguo.net \
    --cc=gregkh@linuxfoundation.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lossin@kernel.org \
    --cc=mmaurer@google.com \
    --cc=ojeda@kernel.org \
    --cc=rafael@kernel.org \
    --cc=rust-for-linux@vger.kernel.org \
    --cc=tmgross@umich.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox