Re: [PATCH] uaccess: rust: add strncpy_from_user

From: Miguel Ojeda
Date: Thu Apr 24 2025 - 12:39:57 EST

Next message: Ard Biesheuvel: "Re: [PATCH] x86/boot: Work around broken busybox truncate tool"
Previous message: Peter Zijlstra: "Re: [PATCH v5 13/17] perf: Support deferred user callchains"
In reply to: Danilo Krummrich: "Re: [PATCH] uaccess: rust: add strncpy_from_user"
Next in thread: Alice Ryhl: "Re: [PATCH] uaccess: rust: add strncpy_from_user"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 24, 2025 at 5:18 PM Alice Ryhl <aliceryhl@xxxxxxxxxx> wrote:
>
> + if res < 0 {
> + Err(Error::from_errno(res as i32))
> + } else {
> + #[cfg(CONFIG_RUST_OVERFLOW_CHECKS)]
> + assert!(res <= len);
> + Ok(res as usize)
> + }

What about:

if res < 0 {
return Err(...);
}

overflow_assert!(res <= len);
Ok(res as usize)

That follows a bit better what is usually done on the C side, in using
early returns (especially for error paths) and in avoiding local
`#ifdef`s.

Of course, we can leave this `overflow_assert!` to a different patch
later on with this code as an example use case, or a good first issue
etc. It also allows to document it etc. Happy to send it or create the
issue.

(I wrote that instead of `assert_overflow!` because it follows the
`{static,debug}_assert!` patterns, i.e. it changes more the "kind" of
assert rather than asserting a particular thing, like `_eq!` or
`_same_type!`).

Thanks!

Cheers,
Miguel

Next message: Ard Biesheuvel: "Re: [PATCH] x86/boot: Work around broken busybox truncate tool"
Previous message: Peter Zijlstra: "Re: [PATCH v5 13/17] perf: Support deferred user callchains"
In reply to: Danilo Krummrich: "Re: [PATCH] uaccess: rust: add strncpy_from_user"
Next in thread: Alice Ryhl: "Re: [PATCH] uaccess: rust: add strncpy_from_user"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]