| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGSQo02ASwf3Wn21jgB804LMLi3qivhtZuo7SmmD9O4m5O_Qfw@mail.gmail.com>
Date: Fri, 3 Oct 2025 16:12:11 -0700
From: Matthew Maurer <mmaurer@...gle.com>
To: Danilo Krummrich <dakr@...nel.org>
Cc: gregkh@...uxfoundation.org, rafael@...nel.org, ojeda@...nel.org,
alex.gaynor@...il.com, boqun.feng@...il.com, gary@...yguo.net,
bjorn3_gh@...tonmail.com, lossin@...nel.org, a.hindborg@...nel.org,
aliceryhl@...gle.com, tmgross@...ch.edu, rust-for-linux@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4/7] rust: debugfs: support blobs from smart pointers
On Fri, Oct 3, 2025 at 3:27 PM Danilo Krummrich <dakr@...nel.org> wrote:
>
> Extend Rust debugfs binary support to allow exposing data stored in
> common smart pointers and heap-allocated collections.
>
> - Implement BinaryWriter for Box<T>, Pin<Box<T>>, Arc<T>, and Vec<T>.
> - Introduce BinaryReaderMut for mutable binary access with outer locks.
> - Implement BinaryReaderMut for Box<T>, Vec<T>, and base types.
> - Update BinaryReader to delegate to BinaryReaderMut for Mutex<T>,
> Box<T>, Pin<Box<T>> and Arc<T>.
>
> This enables debugfs files to directly expose or update data stored
> inside heap-allocated, reference-counted, or lock-protected containers
> without manual dereferencing or locking.
>
> Signed-off-by: Danilo Krummrich <dakr@...nel.org>
> ---
> rust/kernel/debugfs.rs | 2 +-
> rust/kernel/debugfs/traits.rs | 145 +++++++++++++++++++++++++++++++++-
> 2 files changed, 144 insertions(+), 3 deletions(-)
>
> diff --git a/rust/kernel/debugfs.rs b/rust/kernel/debugfs.rs
> index b1a3adca7fd4..3c3bbcc126ef 100644
> --- a/rust/kernel/debugfs.rs
> +++ b/rust/kernel/debugfs.rs
> @@ -21,7 +21,7 @@
> use core::ops::Deref;
>
> mod traits;
> -pub use traits::{BinaryReader, BinaryWriter, Reader, Writer};
> +pub use traits::{BinaryReader, BinaryReaderMut, BinaryWriter, Reader, Writer};
>
> mod callback_adapters;
> use callback_adapters::{FormatAdapter, NoWriter, WritableAdapter};
> diff --git a/rust/kernel/debugfs/traits.rs b/rust/kernel/debugfs/traits.rs
> index 60a6ee6c6b58..bcd0a9db3cc9 100644
> --- a/rust/kernel/debugfs/traits.rs
> +++ b/rust/kernel/debugfs/traits.rs
> @@ -3,11 +3,14 @@
>
> //! Traits for rendering or updating values exported to DebugFS.
>
> +use crate::alloc::Allocator;
> use crate::prelude::*;
> +use crate::sync::Arc;
> use crate::sync::Mutex;
> use crate::transmute::{AsBytes, FromBytes};
> use crate::uaccess::{UserSliceReader, UserSliceWriter};
> use core::fmt::{self, Debug, Formatter};
> +use core::ops::{Deref, DerefMut};
> use core::str::FromStr;
> use core::sync::atomic::{
> AtomicI16, AtomicI32, AtomicI64, AtomicI8, AtomicIsize, AtomicU16, AtomicU32, AtomicU64,
> @@ -50,12 +53,14 @@ pub trait BinaryWriter {
> fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<usize>;
> }
>
> +// Base implementation for any `T: AsBytes`.
> impl<T: AsBytes> BinaryWriter for T {
> fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<usize> {
> writer.write_slice_partial(self.as_bytes(), offset)
> }
> }
>
> +// Delegate for `Mutex<T>`: Support a `T` with an outer mutex.
> impl<T: BinaryWriter> BinaryWriter for Mutex<T> {
> fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<usize> {
> let guard = self.lock();
> @@ -64,6 +69,56 @@ fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<
> }
> }
>
> +// Delegate for `Box<T, A>`: Support a `Box<T, A>` with no lock or an inner lock.
> +impl<T, A> BinaryWriter for Box<T, A>
> +where
> + T: BinaryWriter,
> + A: Allocator,
> +{
> + fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<usize> {
> + self.deref().write_to_slice(writer, offset)
> + }
> +}
> +
> +// Delegate for `Pin<Box<T, A>>`: Support a `Pin<Box<T, A>>` with no lock or an inner lock.
> +impl<T, A> BinaryWriter for Pin<Box<T, A>>
> +where
> + T: BinaryWriter,
> + A: Allocator,
> +{
> + fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<usize> {
> + self.deref().write_to_slice(writer, offset)
> + }
> +}
> +
> +// Delegate for `Arc<T>`: Support a `Arc<T>` with no lock or an inner lock.
> +impl<T> BinaryWriter for Arc<T>
> +where
> + T: BinaryWriter,
> +{
> + fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<usize> {
> + self.deref().write_to_slice(writer, offset)
> + }
> +}
For `Box`, `Pin<Box<`, and `Arc`, where the only operation being
performed is to deref, is there a reason that we couldn't have the
`File` object be *inside* the object, thus avoiding any need for
these? I can't see them causing trouble, but
```
Box<File<T>>
Pin<Box<File<T>>>
Arc<File<T>>
```
seem like they'd usually be fine. The one caveat I can think of is
that if you had other functions that wanted to take an `&Arc<T>` for
operations on the Arc, then having an `Arc<File<T>>` would be
suboptimal. Am I missing something?
Depending on the use case I'm missing, would a blanket implementation
for `T: Deref` in this case and `DerefMut` later on make more sense?
That should contract these into a single definition and generalize to
e.g. `ListArc` without further code.
> +
> +// Delegate for `Vec<T, A>`.
> +impl<T, A> BinaryWriter for Vec<T, A>
> +where
> + T: AsBytes,
> + A: Allocator,
> +{
> + fn write_to_slice(&self, writer: &mut UserSliceWriter, offset: usize) -> Result<usize> {
> + let slice = self.as_slice();
> +
> + // SAFETY: `T: AsBytes` allows us to treat `&[T]` as `&[u8]`.
> + let buffer = unsafe {
> + core::slice::from_raw_parts(slice.as_ptr().cast(), core::mem::size_of_val(slice))
> + };
> +
> + writer.write_slice_partial(buffer, offset)
> + }
> +}
> +
> /// A trait for types that can be updated from a user slice.
> ///
> /// This works similarly to `FromStr`, but operates on a `UserSliceReader` rather than a &str.
> @@ -92,6 +147,70 @@ fn read_from_slice(&self, reader: &mut UserSliceReader) -> Result {
> }
>
> /// Trait for types that can be constructed from a binary representation.
> +///
> +/// See also [`BinaryReader`] for interior mutability.
> +pub trait BinaryReaderMut {
> + /// Reads the binary form of `self` from `reader`.
> + ///
> + /// Same as [`BinaryReader::read_from_slice`], but takes a mutable reference.
> + ///
> + /// `offset` is the requested offset into the binary representation of `self`.
> + ///
> + /// On success, returns the number of bytes read from `reader`.
> + fn read_from_slice_mut(&mut self, reader: &mut UserSliceReader, offset: usize)
> + -> Result<usize>;
> +}
> +
> +// Base implementation for any `T: AsBytes + FromBytes`.
> +impl<T: AsBytes + FromBytes> BinaryReaderMut for T {
> + fn read_from_slice_mut(
> + &mut self,
> + reader: &mut UserSliceReader,
> + offset: usize,
> + ) -> Result<usize> {
> + reader.read_slice_partial(self.as_bytes_mut(), offset)
> + }
> +}
> +
> +// Delegate for `Box<T, A>`: Support a `Box<T, A>` with an outer lock.
> +impl<T: ?Sized + BinaryReaderMut, A: Allocator> BinaryReaderMut for Box<T, A> {
> + fn read_from_slice_mut(
> + &mut self,
> + reader: &mut UserSliceReader,
> + offset: usize,
> + ) -> Result<usize> {
> + self.deref_mut().read_from_slice_mut(reader, offset)
> + }
> +}
> +
> +// Delegate for `Vec<T, A>`: Support a `Vec<T, A>` with an outer lock.
> +impl<T, A> BinaryReaderMut for Vec<T, A>
> +where
> + T: AsBytes + FromBytes,
> + A: Allocator,
> +{
> + fn read_from_slice_mut(
> + &mut self,
> + reader: &mut UserSliceReader,
> + offset: usize,
> + ) -> Result<usize> {
> + let slice = self.as_mut_slice();
> +
Nit: This is safe, but it also requires `FromBytes`, and is &mut, &mut
> + // SAFETY: `T: AsBytes` allows us to treat `&[T]` as `&[u8]`.
> + let buffer = unsafe {
> + core::slice::from_raw_parts_mut(
> + slice.as_mut_ptr().cast(),
> + core::mem::size_of_val(slice),
> + )
> + };
> +
> + reader.read_slice_partial(buffer, offset)
> + }
> +}
> +
> +/// Trait for types that can be constructed from a binary representation.
> +///
> +/// See also [`BinaryReaderMut`] for the mutable version.
> pub trait BinaryReader {
> /// Reads the binary form of `self` from `reader`.
> ///
> @@ -101,11 +220,33 @@ pub trait BinaryReader {
> fn read_from_slice(&self, reader: &mut UserSliceReader, offset: usize) -> Result<usize>;
> }
>
> -impl<T: AsBytes + FromBytes> BinaryReader for Mutex<T> {
> +// Delegate for `Mutex<T>`: Support a `T` with an outer `Mutex`.
> +impl<T: BinaryReaderMut> BinaryReader for Mutex<T> {
> fn read_from_slice(&self, reader: &mut UserSliceReader, offset: usize) -> Result<usize> {
> let mut this = self.lock();
>
> - reader.read_slice_partial(this.as_bytes_mut(), offset)
> + this.read_from_slice_mut(reader, offset)
> + }
> +}
> +
> +// Delegate for `Box<T, A>`: Support a `Box<T, A>` with an inner lock.
> +impl<T: ?Sized + BinaryReader, A: Allocator> BinaryReader for Box<T, A> {
> + fn read_from_slice(&self, reader: &mut UserSliceReader, offset: usize) -> Result<usize> {
> + self.deref().read_from_slice(reader, offset)
> + }
> +}
> +
> +// Delegate for `Pin<Box<T, A>>`: Support a `Pin<Box<T, A>>` with an inner lock.
> +impl<T: ?Sized + BinaryReader, A: Allocator> BinaryReader for Pin<Box<T, A>> {
> + fn read_from_slice(&self, reader: &mut UserSliceReader, offset: usize) -> Result<usize> {
> + self.deref().read_from_slice(reader, offset)
> + }
> +}
> +
> +// Delegate for `Arc<T>`: Support an `Arc<T>` with an inner lock.
> +impl<T: ?Sized + BinaryReader> BinaryReader for Arc<T> {
> + fn read_from_slice(&self, reader: &mut UserSliceReader, offset: usize) -> Result<usize> {
> + self.deref().read_from_slice(reader, offset)
> }
> }
>
> --
> 2.51.0
>
Powered by blists - more mailing lists