lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <DDKKPM9ICZRG.2S66MFUQJ38KC@kernel.org>
Date: Fri, 17 Oct 2025 13:50:38 +0200
From: "Danilo Krummrich" <dakr@...nel.org>
To: "Alice Ryhl" <aliceryhl@...gle.com>
Cc: <gregkh@...uxfoundation.org>, <rafael@...nel.org>, <ojeda@...nel.org>,
 <alex.gaynor@...il.com>, <boqun.feng@...il.com>, <gary@...yguo.net>,
 <bjorn3_gh@...tonmail.com>, <lossin@...nel.org>, <a.hindborg@...nel.org>,
 <tmgross@...ch.edu>, <mmaurer@...gle.com>,
 <rust-for-linux@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 1/7] rust: uaccess: add
 UserSliceReader::read_slice_partial()

On Fri Oct 17, 2025 at 1:11 PM CEST, Alice Ryhl wrote:
> On Sat, Oct 04, 2025 at 12:26:38AM +0200, Danilo Krummrich wrote:
>> The existing read_slice() method is a wrapper around copy_from_user()
>> and expects the user buffer to be larger than the destination buffer.
>> 
>> However, userspace may split up writes in multiple partial operations
>> providing an offset into the destination buffer and a smaller user
>> buffer.
>> 
>> In order to support this common case, provide a helper for partial
>> reads.
>> 
>> Signed-off-by: Danilo Krummrich <dakr@...nel.org>
>> ---
>>  rust/kernel/uaccess.rs | 13 +++++++++++++
>>  1 file changed, 13 insertions(+)
>> 
>> diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
>> index a8fb4764185a..1b0b57e855c9 100644
>> --- a/rust/kernel/uaccess.rs
>> +++ b/rust/kernel/uaccess.rs
>> @@ -287,6 +287,19 @@ pub fn read_slice(&mut self, out: &mut [u8]) -> Result {
>>          self.read_raw(out)
>>      }
>>  
>> +    /// Reads raw data from the user slice into a kernel buffer partially.
>> +    ///
>> +    /// This is the same as [`Self::read_slice`] but considers the given `offset` into `out` and
>> +    /// truncates the read to the boundaries of `self` and `out`.
>> +    ///
>> +    /// On success, returns the number of bytes read.
>> +    pub fn read_slice_partial(&mut self, out: &mut [u8], offset: usize) -> Result<usize> {
>> +        let end = offset.checked_add(self.len()).ok_or(EINVAL)?.min(out.len());
>
> Should this be?
> let end = offset.checked_add(self.len()).unwrap_or(out.len()).min(out.len());

Yes, that seems reasonable.

>> +        out.get_mut(offset..end)
>> +            .map_or(Ok(0), |dst| self.read_slice(dst).map(|()| dst.len()))
>
> So if out.len() < offset, then we return Ok(0)?

Yes, because it tells userspace that there are no more bytes left to read.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ