These will be used for the read_iter() and write_iter() callbacks, which
are now the preferred back-ends for when a user operates on a char device
with read() and write() respectively.
Cc: Christian Brauner <brauner@kernel.org>
Co-developed-by: Lee Jones <lee@kernel.org>
Signed-off-by: Lee Jones <lee@kernel.org>
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
---
rust/kernel/fs.rs | 3 +++
rust/kernel/fs/kiocb.rs | 67 +++++++++++++++++++++++++++++++++++++++++++++++
rust/kernel/miscdevice.rs | 63 +++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 132 insertions(+), 1 deletion(-)
diff --git a/rust/kernel/fs.rs b/rust/kernel/fs.rs
index 0121b38c59e63d01a89f22c8ef6983ef5c3234de..6ba6bdf143cb991c6e78215178eb585260215da0 100644
--- a/rust/kernel/fs.rs
+++ b/rust/kernel/fs.rs
@@ -6,3 +6,6 @@
pub mod file;
pub use self::file::{File, LocalFile};
+
+mod kiocb;
+pub use self::kiocb::Kiocb;
diff --git a/rust/kernel/fs/kiocb.rs b/rust/kernel/fs/kiocb.rs
new file mode 100644
index 0000000000000000000000000000000000000000..837f4be7cb8fbca6e3f9aeff74d1c904df3ff7ff
--- /dev/null
+++ b/rust/kernel/fs/kiocb.rs
@@ -0,0 +1,67 @@
+// SPDX-License-Identifier: GPL-2.0
+
+// Copyright (C) 2024 Google LLC.
+
+//! Kernel IO callbacks.
+//!
+//! C headers: [`include/linux/fs.h`](srctree/include/linux/fs.h)
+
+use core::marker::PhantomData;
+use core::ptr::NonNull;
+use kernel::types::ForeignOwnable;
+
+/// Wrapper for the kernel's `struct kiocb`.
+///
+/// Currently this abstractions is incomplete and is essentially just a tuple containing a
+/// reference to a file and a file position.
+///
+/// The type `T` represents the private data of the underlying file.
+///
+/// # Invariants
+///
+/// `inner` points at a valid `struct kiocb` whose file has the type `T` as its private data.
+pub struct Kiocb<'a, T> {
+ inner: NonNull<bindings::kiocb>,
+ _phantom: PhantomData<&'a T>,
+}
+
+impl<'a, T: ForeignOwnable> Kiocb<'a, T> {
+ /// Create a `Kiocb` from a raw pointer.
+ ///
+ /// # Safety
+ ///
+ /// The pointer must reference a valid `struct kiocb` for the duration of `'a`. The private
+ /// data of the file must be `T`.
+ pub unsafe fn from_raw(kiocb: *mut bindings::kiocb) -> Self {
+ Self {
+ // SAFETY: If a pointer is valid it is not null.
+ inner: unsafe { NonNull::new_unchecked(kiocb) },
+ _phantom: PhantomData,
+ }
+ }
+
+ /// Access the underlying `struct kiocb` directly.
+ pub fn as_raw(&self) -> *mut bindings::kiocb {
+ self.inner.as_ptr()
+ }
+
+ /// Get the Rust data stored in the private data of the file.
+ pub fn file(&self) -> <T as ForeignOwnable>::Borrowed<'a> {
+ // SAFETY: The `kiocb` lets us access the private data.
+ let private = unsafe { (*(*self.as_raw()).ki_filp).private_data };
+ // SAFETY: The kiocb has shared access to the private data.
+ unsafe { <T as ForeignOwnable>::borrow(private) }
+ }
+
+ /// Gets the current value of `ki_pos`.
+ pub fn ki_pos(&self) -> i64 {
+ // SAFETY: The `kiocb` can access `ki_pos`.
+ unsafe { (*self.as_raw()).ki_pos }
+ }
+
+ /// Gets a mutable reference to the `ki_pos` field.
+ pub fn ki_pos_mut(&mut self) -> &mut i64 {
+ // SAFETY: The `kiocb` can access `ki_pos`.
+ unsafe { &mut (*self.as_raw()).ki_pos }
+ }
+}
diff --git a/rust/kernel/miscdevice.rs b/rust/kernel/miscdevice.rs
index ad51ffc549b85da9b71ed866bf0afd4c4cb76f07..eaa626277cc39d84761a2228f5aee05640323094 100644
--- a/rust/kernel/miscdevice.rs
+++ b/rust/kernel/miscdevice.rs
@@ -13,7 +13,8 @@
device::Device,
error::{to_result, Error, Result, VTABLE_DEFAULT_ERROR},
ffi::{c_int, c_long, c_uint, c_ulong},
- fs::File,
+ fs::{File, Kiocb},
+ iov::{IovIterDest, IovIterSource},
mm::virt::VmaNew,
prelude::*,
seq_file::SeqFile,
@@ -136,6 +137,16 @@ fn mmap(
build_error!(VTABLE_DEFAULT_ERROR)
}
+ /// Read from this miscdevice.
+ fn read_iter(_kiocb: Kiocb<'_, Self::Ptr>, _iov: &mut IovIterDest<'_>) -> Result<usize> {
+ build_error!(VTABLE_DEFAULT_ERROR)
+ }
+
+ /// Write to this miscdevice.
+ fn write_iter(_kiocb: Kiocb<'_, Self::Ptr>, _iov: &mut IovIterSource<'_>) -> Result<usize> {
+ build_error!(VTABLE_DEFAULT_ERROR)
+ }
+
/// Handler for ioctls.
///
/// The `cmd` argument is usually manipulated using the utilities in [`kernel::ioctl`].
@@ -240,6 +251,46 @@ impl<T: MiscDevice> MiscdeviceVTable<T> {
0
}
+ /// # Safety
+ ///
+ /// `kiocb` must be correspond to a valid file that is associated with a
+ /// `MiscDeviceRegistration<T>`. `iter` must be a valid `struct iov_iter` for writing.
+ unsafe extern "C" fn read_iter(
+ kiocb: *mut bindings::kiocb,
+ iter: *mut bindings::iov_iter,
+ ) -> isize {
+ // SAFETY: The caller provides a valid `struct kiocb` associated with a
+ // `MiscDeviceRegistration<T>` file.
+ let kiocb = unsafe { Kiocb::from_raw(kiocb) };
+ // SAFETY: This is a valid `struct iov_iter` for writing.
+ let iov = unsafe { IovIterDest::from_raw(iter) };
+
+ match T::read_iter(kiocb, iov) {
+ Ok(res) => res as isize,
+ Err(err) => err.to_errno() as isize,
+ }
+ }
+
+ /// # Safety
+ ///
+ /// `kiocb` must be correspond to a valid file that is associated with a
+ /// `MiscDeviceRegistration<T>`. `iter` must be a valid `struct iov_iter` for writing.
+ unsafe extern "C" fn write_iter(
+ kiocb: *mut bindings::kiocb,
+ iter: *mut bindings::iov_iter,
+ ) -> isize {
+ // SAFETY: The caller provides a valid `struct kiocb` associated with a
+ // `MiscDeviceRegistration<T>` file.
+ let kiocb = unsafe { Kiocb::from_raw(kiocb) };
+ // SAFETY: This is a valid `struct iov_iter` for reading.
+ let iov = unsafe { IovIterSource::from_raw(iter) };
+
+ match T::write_iter(kiocb, iov) {
+ Ok(res) => res as isize,
+ Err(err) => err.to_errno() as isize,
+ }
+ }
+
/// # Safety
///
/// `file` must be a valid file that is associated with a `MiscDeviceRegistration<T>`.
@@ -336,6 +387,16 @@ impl<T: MiscDevice> MiscdeviceVTable<T> {
open: Some(Self::open),
release: Some(Self::release),
mmap: if T::HAS_MMAP { Some(Self::mmap) } else { None },
+ read_iter: if T::HAS_READ_ITER {
+ Some(Self::read_iter)
+ } else {
+ None
+ },
+ write_iter: if T::HAS_WRITE_ITER {
+ Some(Self::write_iter)
+ } else {
+ None
+ },
unlocked_ioctl: if T::HAS_IOCTL {
Some(Self::ioctl)
} else {
--
2.50.0.727.gbf7dc18ff4-goog"Alice Ryhl" <aliceryhl@google.com> writes:
> These will be used for the read_iter() and write_iter() callbacks, which
> are now the preferred back-ends for when a user operates on a char device
> with read() and write() respectively.
>
> Cc: Christian Brauner <brauner@kernel.org>
> Co-developed-by: Lee Jones <lee@kernel.org>
> Signed-off-by: Lee Jones <lee@kernel.org>
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
> ---
> rust/kernel/fs.rs | 3 +++
> rust/kernel/fs/kiocb.rs | 67 +++++++++++++++++++++++++++++++++++++++++++++++
> rust/kernel/miscdevice.rs | 63 +++++++++++++++++++++++++++++++++++++++++++-
> 3 files changed, 132 insertions(+), 1 deletion(-)
>
> diff --git a/rust/kernel/fs.rs b/rust/kernel/fs.rs
> index 0121b38c59e63d01a89f22c8ef6983ef5c3234de..6ba6bdf143cb991c6e78215178eb585260215da0 100644
> --- a/rust/kernel/fs.rs
> +++ b/rust/kernel/fs.rs
> @@ -6,3 +6,6 @@
>
> pub mod file;
> pub use self::file::{File, LocalFile};
> +
> +mod kiocb;
> +pub use self::kiocb::Kiocb;
> diff --git a/rust/kernel/fs/kiocb.rs b/rust/kernel/fs/kiocb.rs
> new file mode 100644
> index 0000000000000000000000000000000000000000..837f4be7cb8fbca6e3f9aeff74d1c904df3ff7ff
> --- /dev/null
> +++ b/rust/kernel/fs/kiocb.rs
> @@ -0,0 +1,67 @@
> +// SPDX-License-Identifier: GPL-2.0
> +
> +// Copyright (C) 2024 Google LLC.
> +
> +//! Kernel IO callbacks.
> +//!
> +//! C headers: [`include/linux/fs.h`](srctree/include/linux/fs.h)
> +
> +use core::marker::PhantomData;
> +use core::ptr::NonNull;
> +use kernel::types::ForeignOwnable;
> +
> +/// Wrapper for the kernel's `struct kiocb`.
> +///
> +/// Currently this abstractions is incomplete and is essentially just a tuple containing a
> +/// reference to a file and a file position.
> +///
> +/// The type `T` represents the private data of the underlying file.
In my opinion, this paragraph could use some clarification:
The type `T` represents the filesystem or driver specific data
associated with the file.
> +///
> +/// # Invariants
> +///
> +/// `inner` points at a valid `struct kiocb` whose file has the type `T` as its private data.
> +pub struct Kiocb<'a, T> {
> + inner: NonNull<bindings::kiocb>,
> + _phantom: PhantomData<&'a T>,
> +}
> +
> +impl<'a, T: ForeignOwnable> Kiocb<'a, T> {
> + /// Create a `Kiocb` from a raw pointer.
> + ///
> + /// # Safety
> + ///
> + /// The pointer must reference a valid `struct kiocb` for the duration of `'a`. The private
> + /// data of the file must be `T`.
> + pub unsafe fn from_raw(kiocb: *mut bindings::kiocb) -> Self {
> + Self {
> + // SAFETY: If a pointer is valid it is not null.
> + inner: unsafe { NonNull::new_unchecked(kiocb) },
> + _phantom: PhantomData,
> + }
> + }
> +
> + /// Access the underlying `struct kiocb` directly.
> + pub fn as_raw(&self) -> *mut bindings::kiocb {
> + self.inner.as_ptr()
> + }
> +
> + /// Get the Rust data stored in the private data of the file.
I would suggest:
Get the filesystem or driver specific data associated with the file.
> + pub fn file(&self) -> <T as ForeignOwnable>::Borrowed<'a> {
> + // SAFETY: The `kiocb` lets us access the private data.
This safety comment is strange. I like what you did in patch 1:
++ // SAFETY: We have shared access to this IO vector, so we can read its `count` field.
> + let private = unsafe { (*(*self.as_raw()).ki_filp).private_data };
> + // SAFETY: The kiocb has shared access to the private data.
> + unsafe { <T as ForeignOwnable>::borrow(private) }
> + }
> +
> + /// Gets the current value of `ki_pos`.
> + pub fn ki_pos(&self) -> i64 {
> + // SAFETY: The `kiocb` can access `ki_pos`.
Same.
> + unsafe { (*self.as_raw()).ki_pos }
> + }
> +
> + /// Gets a mutable reference to the `ki_pos` field.
> + pub fn ki_pos_mut(&mut self) -> &mut i64 {
> + // SAFETY: The `kiocb` can access `ki_pos`.
Same.
Best regards,
Andreas Hindborg
© 2016 - 2025 Red Hat, Inc.