lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87ldnldm4v.fsf@t14s.mail-host-address-is-not-set>
Date: Fri, 15 Aug 2025 10:28:32 +0200
From: Andreas Hindborg <a.hindborg@...nel.org>
To: Alice Ryhl <aliceryhl@...gle.com>
Cc: Boqun Feng <boqun.feng@...il.com>, Miguel Ojeda <ojeda@...nel.org>, Alex
 Gaynor <alex.gaynor@...il.com>, Gary Guo <gary@...yguo.net>, Björn Roy
 Baron <bjorn3_gh@...tonmail.com>, Benno Lossin <lossin@...nel.org>, Trevor
 Gross <tmgross@...ch.edu>, Danilo Krummrich <dakr@...nel.org>, Jens Axboe
 <axboe@...nel.dk>, Breno Leitao <leitao@...ian.org>,
 linux-block@...r.kernel.org, rust-for-linux@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 06/18] rust: str: add `bytes_to_bool` helper function

"Alice Ryhl" <aliceryhl@...gle.com> writes:

> On Fri, Aug 15, 2025 at 09:30:41AM +0200, Andreas Hindborg wrote:
>> Add a convenience function to convert byte slices to boolean values by
>> wrapping them in a null-terminated C string and delegating to the
>> existing `kstrtobool` function. Only considers the first two bytes of
>> the input slice, following the kernel's boolean parsing semantics.
>>
>> Signed-off-by: Andreas Hindborg <a.hindborg@...nel.org>
>> ---
>>  rust/kernel/str.rs | 10 ++++++++++
>>  1 file changed, 10 insertions(+)
>>
>> diff --git a/rust/kernel/str.rs b/rust/kernel/str.rs
>> index 5611f7846dc0..ced1cb639efc 100644
>> --- a/rust/kernel/str.rs
>> +++ b/rust/kernel/str.rs
>> @@ -978,6 +978,16 @@ pub fn kstrtobool(string: &CStr) -> Result<bool> {
>>      kernel::error::to_result(ret).map(|()| result)
>>  }
>>
>> +/// Convert `&[u8]` to `bool` by deferring to [`kernel::str::kstrtobool`].
>> +///
>> +/// Only considers at most the first two bytes of `bytes`.
>> +pub fn bytes_to_bool(bytes: &[u8]) -> Result<bool> {
>> +    // `ktostrbool` only considers the first two bytes of the input.
>> +    let nbuffer = [*bytes.first().unwrap_or(&0), *bytes.get(1).unwrap_or(&0), 0];
>> +    let c_str = CStr::from_bytes_with_nul(nbuffer.split_inclusive(|c| *c == 0).next().unwrap())?;
>> +    kstrtobool(c_str)
>> +}
>
> Ouch. That's unpleasant. I would probably suggest this instead to avoid
> the length computation:
>
> /// # Safety
> /// `string` is a readable NUL-terminated string
> unsafe fn kstrtobool_raw(string: *const c_char) -> Result<bool> {
>     let mut result: bool = false;
>     let ret = unsafe { bindings::kstrtobool(string, &raw mut result) };
>     kernel::error::to_result(ret).map(|()| result)
> }
>
> pub fn kstrtobool(string: &CStr) -> Result<bool> {
>     // SAFETY: Caller ensures that `string` is NUL-terminated.
>     unsafe { kstrtobool_cstr(string.as_char_ptr()) }
> }
>
> pub fn kstrtobool_bytes(string: &[u8]) -> Result<bool> {
>     let mut stack_string = [0u8; 3];
>
>     if let Some(first) = string.get(0) {

Clippy will complain about `string.get(0)` suggesting `string.first()`.

>         stack_string[0] = *first;
>     }
>     if let Some(second) = string.get(1) {
>         stack_string[1] = *second;
>     }

I don't really think this procedural assignment is better or worse than assigning
at declaration.

>
>     // SAFETY: stack_string[2] is zero, so the string is NUL-terminated.
>     unsafe { kstrtobool_cstr(stack_string.as_ptr()) }

I'll split it up.


Best regards,
Andreas Hindborg

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ