On Fri Oct 17, 2025 at 1:11 PM CEST, Alice Ryhl wrote:
> On Sat, Oct 04, 2025 at 12:26:38AM +0200, Danilo Krummrich wrote:
>> The existing read_slice() method is a wrapper around copy_from_user()
>> and expects the user buffer to be larger than the destination buffer.
>>
>> However, userspace may split up writes in multiple partial operations
>> providing an offset into the destination buffer and a smaller user
>> buffer.
>>
>> In order to support this common case, provide a helper for partial
>> reads.
>>
>> Signed-off-by: Danilo Krummrich <dakr@kernel.org>
>> ---
>> rust/kernel/uaccess.rs | 13 +++++++++++++
>> 1 file changed, 13 insertions(+)
>>
>> diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
>> index a8fb4764185a..1b0b57e855c9 100644
>> --- a/rust/kernel/uaccess.rs
>> +++ b/rust/kernel/uaccess.rs
>> @@ -287,6 +287,19 @@ pub fn read_slice(&mut self, out: &mut [u8]) -> Result {
>> self.read_raw(out)
>> }
>>
>> + /// Reads raw data from the user slice into a kernel buffer partially.
>> + ///
>> + /// This is the same as [`Self::read_slice`] but considers the given `offset` into `out` and
>> + /// truncates the read to the boundaries of `self` and `out`.
>> + ///
>> + /// On success, returns the number of bytes read.
>> + pub fn read_slice_partial(&mut self, out: &mut [u8], offset: usize) -> Result<usize> {
>> + let end = offset.checked_add(self.len()).ok_or(EINVAL)?.min(out.len());
>
> Should this be?
> let end = offset.checked_add(self.len()).unwrap_or(out.len()).min(out.len());
Yes, that seems reasonable.
>> + out.get_mut(offset..end)
>> + .map_or(Ok(0), |dst| self.read_slice(dst).map(|()| dst.len()))
>
> So if out.len() < offset, then we return Ok(0)?
Yes, because it tells userspace that there are no more bytes left to read.