From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 97CB4C071FD
	for <linux-mm@archiver.kernel.org>; Fri, 19 Apr 2024 17:11:53 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 18C7D6B0093; Fri, 19 Apr 2024 13:11:53 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 13C7F6B0095; Fri, 19 Apr 2024 13:11:53 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id F1E086B0099; Fri, 19 Apr 2024 13:11:52 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id D4FE46B0093
	for <linux-mm@kvack.org>; Fri, 19 Apr 2024 13:11:52 -0400 (EDT)
Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay05.hostedemail.com (Postfix) with ESMTP id 82CFC4151F
	for <linux-mm@kvack.org>; Fri, 19 Apr 2024 17:11:52 +0000 (UTC)
X-FDA: 82026923664.23.CF29BB5
Received: from mail-qk1-f177.google.com (mail-qk1-f177.google.com [209.85.222.177])
	by imf26.hostedemail.com (Postfix) with ESMTP id 46AB5140029
	for <linux-mm@kvack.org>; Fri, 19 Apr 2024 17:11:49 +0000 (UTC)
Authentication-Results: imf26.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20230601 header.b=a4sy8Kzg;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf26.hostedemail.com: domain of boqun.feng@gmail.com designates 209.85.222.177 as permitted sender) smtp.mailfrom=boqun.feng@gmail.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1713546709;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=etFE82tcfTZVhWATTB9AHQDcgyv5F3QBoyzAyqb3uco=;
	b=iO3YVpLiiqMJyNxbHcAQqv7yft0x14OA4E7igsJz+/HKGLeeLhqhF5fDMUigKLF+hFxNg7
	Px4egAqQIk0OHXp6UcYH1ZyalmjXT7ZhP0KCZFkItX79F5cJgL3h90JkGDDE0+ct/B25UD
	TUnNkdlPFvjLq0A/fpHzwo+JlNsWOcE=
ARC-Authentication-Results: i=1;
	imf26.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20230601 header.b=a4sy8Kzg;
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (imf26.hostedemail.com: domain of boqun.feng@gmail.com designates 209.85.222.177 as permitted sender) smtp.mailfrom=boqun.feng@gmail.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1713546709; a=rsa-sha256;
	cv=none;
	b=21lcLC6mfNJI4VcsvVDKMi1Juh1wQIjUFQ2f/sfkHEONZWq6yPcGZm8sWSdPtud7RBlMzw
	1R0rIT1fJqQcp+IbZ3mXk6/vT5rbgWw5I6UT/dlF/lzVaxW/VCpmpuzJBXOxhMMj2frsar
	FK2XP9qjhw0bBB5qFU53upGgodjXc34=
Received: by mail-qk1-f177.google.com with SMTP id af79cd13be357-78efd1a0022so158268785a.3
        for <linux-mm@kvack.org>; Fri, 19 Apr 2024 10:11:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1713546707; x=1714151507; darn=kvack.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:feedback-id:from:to:cc:subject:date
         :message-id:reply-to;
        bh=etFE82tcfTZVhWATTB9AHQDcgyv5F3QBoyzAyqb3uco=;
        b=a4sy8KzgM3lt1PA8nJoFRbMp02OwpEvfVGdQrQyMlxzFiIZnqGkaGEwF9UGDY4KnU1
         yBrVLEVyVY1/TaNQdp2qhDQyN7LuNcBdJ8CieBALR36WufWT5h0vnujcJ0zp1jFN5TZc
         wUE0pHbxpjSZoma0kI7awAwq+M098fIQf+KKDkTAIjKaXm3M5Yyb0yoCFftBzceBj4r6
         6dQn4Vsg6OaJyjs3f0wDyaHwB4YI9gaO3hrdnquiazrXAdLw9uqoY82Et4zpyK199sJQ
         TFhTr0Xw0IMoQv/rUv9ZSLDR6yy3UzaF4nwaMVy/eg3MTFZLym/I4tnSHblly2W4Y9ll
         veDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1713546707; x=1714151507;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:feedback-id:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=etFE82tcfTZVhWATTB9AHQDcgyv5F3QBoyzAyqb3uco=;
        b=JyzPAvsSs0JDduHG2WyRBfi8PoW3UZja/N0RDwlxCVj6IDYNB3mqG0rOakyHDiedks
         majTp7e1u9D6RkCXA+1OtOzBykwQ34bYZz+QjVzubkp5TTo5UVjebm9tppbEC05rTXJM
         70c/IbAyJxWV0kz2e6r1SQ1S0Tvxcr06ZHliwdeXdmhpx4VtkkkLGCwG5oGnlqZf5fpw
         D5AyfuVIKonWebVnr61L0ZbF3iZc56AKcQfy83KDOaBK+Q1yD+8LT49sQlVQ44fxYHof
         PLotMFu+eW3ZY3vu13aCAutDgwYiF6KgvW5OMiOEVqQHjAIqqG120zoEqGGLuI1/vdO+
         fXxg==
X-Forwarded-Encrypted: i=1; AJvYcCV1R4rN6csPqkmddzCc9E3fkdxoy1Yi/IZc9E6DKbgPlztJFO6AEpbxMrs/LNBk48U0o2i0n983igFg2LBIsvlZeKM=
X-Gm-Message-State: AOJu0YxDRWO2nfevUzrLHUuGYwEhbrQY2fsWEquYxk0BJ5BHY0usf+xR
	dmYHxi2V39qbULaM3zCQdwDOWJpdPwvLWAzZbUop57IuruaJTVsoMSe34g==
X-Google-Smtp-Source: AGHT+IFFep7UovV+uvyU+cQO4IWzeXpZBAOpFsUdttQtI/h3gTiHDpMDMDoLwJyOro/ZCj5auCJHrQ==
X-Received: by 2002:a05:620a:5650:b0:78b:ac85:3b79 with SMTP id vw16-20020a05620a565000b0078bac853b79mr2904061qkn.40.1713546707344;
        Fri, 19 Apr 2024 10:11:47 -0700 (PDT)
Received: from fauth1-smtp.messagingengine.com (fauth1-smtp.messagingengine.com. [103.168.172.200])
        by smtp.gmail.com with ESMTPSA id a4-20020a05620a066400b0078d73685803sm1760929qkh.99.2024.04.19.10.11.46
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 19 Apr 2024 10:11:46 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46])
	by mailfauth.nyi.internal (Postfix) with ESMTP id D72DA1200043;
	Fri, 19 Apr 2024 13:11:45 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
  by compute2.internal (MEProxy); Fri, 19 Apr 2024 13:11:45 -0400
X-ME-Sender: <xms:0aUiZhSPzSuQg4DTApEsEAjpXHt8CmgJrO1vDLtmTiJimCpEckwTUw>
    <xme:0aUiZqz_d9vv7PPpAH9HcAnuhp-Jrun3mEMLAm4WevDUelHoVDUXvJuxGD13SZ_Bo
    09SE9dQlkVxVnNCwA>
X-ME-Received: <xmr:0aUiZm28vBNG8_GgM2huFOEesi0b1riz3u6pJ1kfYVNW0OwXAEH9RTTN0ZM>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudekvddgudduvdcutefuodetggdotefrod
    ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
    necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
    enucfjughrpeffhffvvefukfhfgggtuggjsehttdortddttddvnecuhfhrohhmpeeuohhq
    uhhnucfhvghnghcuoegsohhquhhnrdhfvghnghesghhmrghilhdrtghomheqnecuggftrf
    grthhtvghrnhepiedtfeevhfetkeelgfethfegleekfeffledvvefhheeukedtvefhtedt
    vdetvedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh
    epsghoqhhunhdomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqieelvdeghedt
    ieegqddujeejkeehheehvddqsghoqhhunhdrfhgvnhhgpeepghhmrghilhdrtghomhesfh
    higihmvgdrnhgrmhgv
X-ME-Proxy: <xmx:0aUiZpCUBXgWv12Ldrj4S-GSVQi7WFp6yzWoS2HFGt73FbL7USWdGw>
    <xmx:0aUiZqhl3S6DOGlIhZRC-lkgPCAD086VJ1r7yiyKlsKUfeZRRlpbgQ>
    <xmx:0aUiZtrUX8XkXzc9jLWOTVcebbOEliXvZRscJQ4RiuyDgOnsF2AA3A>
    <xmx:0aUiZlgOn9oLlNYRCPSDP0uBlTzQ-gAVtZ6x97vouXW_BWtXJURCUA>
    <xmx:0aUiZlT4bI7fS71Yy7zhszobVzjSXoBXNANObMS0Rj_0ejNKqAnA6WQR>
Feedback-ID: iad51458e:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri,
 19 Apr 2024 13:11:45 -0400 (EDT)
Date: Fri, 19 Apr 2024 10:11:18 -0700
From: Boqun Feng <boqun.feng@gmail.com>
To: Alice Ryhl <aliceryhl@google.com>
Cc: Miguel Ojeda <ojeda@kernel.org>, Matthew Wilcox <willy@infradead.org>,
	Al Viro <viro@zeniv.linux.org.uk>,
	Andrew Morton <akpm@linux-foundation.org>,
	Kees Cook <keescook@chromium.org>,
	Alex Gaynor <alex.gaynor@gmail.com>,
	Wedson Almeida Filho <wedsonaf@gmail.com>,
	Gary Guo <gary@garyguo.net>,
	=?iso-8859-1?Q?Bj=F6rn?= Roy Baron <bjorn3_gh@protonmail.com>,
	Benno Lossin <benno.lossin@proton.me>,
	Andreas Hindborg <a.hindborg@samsung.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Arve =?iso-8859-1?B?SGr4bm5lduVn?= <arve@android.com>,
	Todd Kjos <tkjos@android.com>, Martijn Coenen <maco@android.com>,
	Joel Fernandes <joel@joelfernandes.org>,
	Carlos Llamas <cmllamas@google.com>,
	Suren Baghdasaryan <surenb@google.com>,
	Arnd Bergmann <arnd@arndb.de>, Trevor Gross <tmgross@umich.edu>,
	linux-mm@kvack.org, linux-kernel@vger.kernel.org,
	rust-for-linux@vger.kernel.org,
	Christian Brauner <brauner@kernel.org>
Subject: Re: [PATCH v6 1/4] rust: uaccess: add userspace pointers
Message-ID: <ZiKltinLGvKlBivm@boqun-archlinux>
References: <20240418-alice-mm-v6-0-cb8f3e5d688f@google.com>
 <20240418-alice-mm-v6-1-cb8f3e5d688f@google.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240418-alice-mm-v6-1-cb8f3e5d688f@google.com>
X-Rspam-User: 
X-Rspamd-Server: rspam08
X-Rspamd-Queue-Id: 46AB5140029
X-Stat-Signature: rt8acysdqwtkfw1syemgz4cuyjh7gzkx
X-HE-Tag: 1713546709-367711
X-HE-Meta: U2FsdGVkX18xRqeJNAAQfmKNjz+9sXW1XugI2vwjamHU0QjUAuWqhge/jOwZbMyavMVWHdHyhb9aPBl1qtXA66M7qvN8oGlPQrVxd2ay7QF+5WwERytiK3LuJuCinprYOtD3HnzCc1gHdlKvT6UsMFszI7og1A0f7kjrCjaxemh36Ia52/aXdBz+AJyph8GAgI2b4Mdv1TAMnvXwY7BFytIyN8vmuMpqfUAFiSa80QdFH047GgYuy5sVtIB2XcBH8z4EJDeGYmBNuc8X7PyLDwzeIjkfu42NgtEkhzP0bV0iChqVnJDYmBOnQ2N8EAEPDpqgmr6VfB0yrJdRsl40Ko5Cll+5xYYb53gLCBhGt7uivuChfCh/5a/LIurlSRjHkQWeVQ8dg53m2ZBEhzMwvxg6SiGSEe51ipL8/GL4ZjQntT+2tX2jFUycXHmhJll8rC0mMdo9i3kn5f0djS2RL5cp00XWZGxqJCEMl+g0Y15rjfzSXNysW/ptqDNVADtzAsvHIFW5nU5yH2XKHqNguruwmeFS7M3cRjN1UG8X5Iy7OEyu7FJxKxqNLXsoOywHGGT/sMozx8BRmCLz8iMFDObqyNxRw920ojY2YMuikoas/R+jP6cCIfpIlgI0yDsWkGkC2A46uhtyuYs3m5l0evz2nfDw98fPx5lhPhC9TEdv1lMkBci4YEaVGpSMxjFTBTQpuKBSr0v4XWD3fhktgTal9chp6NSBNzzWP6n6sXy/30ZzVclLtUsAurnBn2kxBxpovJIAGEO+gHZY/0rwR9sTu2OfZDa8N0YPAQSfpm2v4d7hVsEZd5EQbv6uT8rz1i6IabebpzkRBATv0dfoY6SvpTcjV+0jWafCa1kOsmE7GOAvKC0KQpQ4LbIwitgGtec2zSxMaZg9HmEEiEPpaGHGe0Nlg+F6jorHTyl2ZSIzeQUnvBtKfFfX4Rnu2WP7G+DCObLeIzF78AUb2kN
 7ZTDSo84
 Wuoy4PF0xpPaFq/ECRSQBctikZtFIo8YQlftrefAXlX8pU7/QosQMQzn6FFrUPwB6kW9UUzZaBGBiXYlIMUg9o1IITfT8kVQDyAvIMs6PUTpUvL24n050bo+idycEIbyUlkZiRFy3dNYucpvaIXLKfFEq2KN+eG0J4dXv+qTnCAjB0OEbjG0Q1yKOGfckgAqBSZaR1iTZCNuyU9eMD/QkIx6mvJ4FA3kVi0hvlSiyY/aW2kaizWIZrGk6UphqA2xEhELVCEDyQz3pZuQGRSy2/9GtE/e47U4vw+vRcVsXUti1kMWocsgDKUov9kJyCHM5BFBELAZXbOkrttv0Fdnn25y5zqMb6+IytJn/i8tjVxLVngNh6YTlnERI02JZNsjN4CGLj6RGI+EP4ALSv0jhLxL7wTXwOZw/YX+vce1beQiT6pt1rGgFNSfucUOem7vXYncuNnd/LUYlZQQl5Kikp3LKeS2HVQ9XPOrT3dG5Ph6xXIFuMZWnJE0hTXHQlz0cDSSoaYNxUHrGCuw=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

On Thu, Apr 18, 2024 at 08:59:17AM +0000, Alice Ryhl wrote:
[...]
> +    /// Reads the entirety of the user slice, appending it to the end of the provided buffer.
> +    ///
> +    /// Fails with `EFAULT` if the read happens on a bad address.
> +    pub fn read_all(mut self, buf: &mut Vec<u8>, flags: Flags) -> Result {
> +        let len = self.length;
> +        buf.reserve(len, flags)?;

(Reportedy by Miguel)

When compile with `make rusttest`, kernel crate is compiled as userspace
program, so we need to explicitly pick where the `reserve` comes from
(Vec or VecExt), the current version will hit the following error:

	error[E0061]: this method takes 1 argument but 2 arguments were supplied
	   --> rust/kernel/uaccess.rs:296:13
	    |
	296 |         buf.reserve(len, flags)?;
	    |             ^^^^^^^    -------
	    |                        | |
	    |                        | unexpected argument of type `Flags`
	    |                        help: remove the extra argument
	    |
	note: method defined here
	   --> /home/boqun/linux-rust/rust/test/sysroot/lib/rustlib/src/rust/library/alloc/src/vec/mod.rs:910:12
	    |
	910 |     pub fn reserve(&mut self, additional: usize) {
	    |            ^^^^^^^

	error[E0277]: the `?` operator can only be applied to values that implement `Try`
	   --> rust/kernel/uaccess.rs:296:9
	    |
	296 |         buf.reserve(len, flags)?;
	    |         ^^^^^^^^^^^^^^^^^^^^^^^^ the `?` operator cannot be applied to type `()`
	    |
	    = help: the trait `Try` is not implemented for `()`

	error: aborting due to 2 previous errors

	Some errors have detailed explanations: E0061, E0277.
	For more information about an error, try `rustc --explain E0061`.

and we need to the following fix

diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
index 39481e374c40..80f7e7ca2f5e 100644
--- a/rust/kernel/uaccess.rs
+++ b/rust/kernel/uaccess.rs
@@ -293,7 +293,7 @@ pub fn read<T: FromBytes>(&mut self) -> Result<T> {
     /// Fails with `EFAULT` if the read happens on a bad address.
     pub fn read_all(mut self, buf: &mut Vec<u8>, flags: Flags) -> Result {
         let len = self.length;
-        buf.reserve(len, flags)?;
+        VecExt::<u8>::reserve(buf, len, flags)?;
 
         // The call to `try_reserve` was successful, so the spare capacity is at least `len` bytes
         // long.

Regards,
Boqun

> +
> +        // The call to `try_reserve` was successful, so the spare capacity is at least `len` bytes
> +        // long.
> +        self.read_raw(&mut buf.spare_capacity_mut()[..len])?;
> +
> +        // SAFETY: Since the call to `read_raw` was successful, so the next `len` bytes of the
> +        // vector have been initialized.
> +        unsafe { buf.set_len(buf.len() + len) };
> +        Ok(())
> +    }
> +}
> +
> +/// A writer for [`UserSlice`].
> +///
> +/// Used to incrementally write into the user slice.
> +pub struct UserSliceWriter {
> +    ptr: UserPtr,
> +    length: usize,
> +}
> +
> +impl UserSliceWriter {
> +    /// Returns the amount of space remaining in this buffer.
> +    ///
> +    /// Note that even writing less than this number of bytes may fail.
> +    pub fn len(&self) -> usize {
> +        self.length
> +    }
> +
> +    /// Returns `true` if no more data can be written to this buffer.
> +    pub fn is_empty(&self) -> bool {
> +        self.length == 0
> +    }
> +
> +    /// Writes raw data to this user pointer from a kernel buffer.
> +    ///
> +    /// Fails with `EFAULT` if the write happens on a bad address, or if the write goes out of bounds
> +    /// of this [`UserSliceWriter`]. This call may modify the associated userspace slice even if it
> +    /// returns an error.
> +    pub fn write_slice(&mut self, data: &[u8]) -> Result {
> +        let len = data.len();
> +        let data_ptr = data.as_ptr().cast::<c_void>();
> +        if len > self.length {
> +            return Err(EFAULT);
> +        }
> +        let Ok(len_ulong) = c_ulong::try_from(len) else {
> +            return Err(EFAULT);
> +        };
> +        // SAFETY: `data_ptr` points into an immutable slice of length `len_ulong`, so we may read
> +        // that many bytes from it.
> +        let res = unsafe { bindings::copy_to_user(self.ptr as *mut c_void, data_ptr, len_ulong) };
> +        if res != 0 {
> +            return Err(EFAULT);
> +        }
> +        self.ptr = self.ptr.wrapping_add(len);
> +        self.length -= len;
> +        Ok(())
> +    }
> +}
> 
> -- 
> 2.44.0.683.g7961c838ac-goog
>