(Really Cc: Alice :)
On Sat Jan 17, 2026 at 12:18 PM CET, Danilo Krummrich wrote:
> (Cc: Alice)
>
> Alice, for context, this is used when exporting a DMA buffer through debugfs,
> while the DMA buffer may be in use by the device, i.e. no slice can be
> created.
>
> On Fri Jan 16, 2026 at 10:49 PM CET, Timur Tabi wrote:
>> Add a new method to UserSliceWriter that copies data from a raw kernel
>> pointer to userspace, without requiring a Rust slice reference.
>>
>> The method takes:
>> - data: raw pointer to the source buffer
>> - len: total size of the source buffer (for bounds checking)
>> - offset: byte offset into the source buffer to start copying from
>> - count: number of bytes to copy
>>
>> The method is marked unsafe because the caller must ensure the pointer
>> is valid for the specified length and that the memory is not mutated
>> during the call.
>>
>> Signed-off-by: Timur Tabi <[email protected]>
>> ---
>> rust/kernel/uaccess.rs | 50 ++++++++++++++++++++++++++++++++++++++++++
>> 1 file changed, 50 insertions(+)
>>
>> diff --git a/rust/kernel/uaccess.rs b/rust/kernel/uaccess.rs
>> index f989539a31b4..8bbb0084abb1 100644
>> --- a/rust/kernel/uaccess.rs
>> +++ b/rust/kernel/uaccess.rs
>> @@ -481,6 +481,56 @@ pub fn write_slice(&mut self, data: &[u8]) -> Result {
>> Ok(())
>> }
>>
>> + /// Writes raw data to this user pointer from a raw kernel pointer.
>> + ///
>> + /// This is similar to [`Self::write_slice`] but takes a raw pointer
>> instead of a slice,
>> + /// along with a total buffer length, an offset into the that buffer,
>> and a count of bytes
>> + /// to copy.
>> + ///
>> + /// Returns error if the offset+count exceeds the buffer size.
>> + ///
>> + /// Fails with [`EFAULT`] if the write happens on a bad address, or if
>> the write goes out of
>> + /// bounds of this [`UserSliceWriter`]. This call may modify the
>> associated userspace slice
>> + /// even if it returns an error.
>> + ///
>> + /// # Safety
>> + ///
>> + /// - `data` must point to a valid memory region of at least `len`
>> bytes that remains allocated
>> + /// for the duration of this call.
>> + ///
>> + /// Note: Unlike [`Self::write_slice`], this method does not require
>> exclusive access to the
>> + /// source memory. The memory may be concurrently modified by other
>> threads or hardware (e.g.,
>> + /// DMA buffers). In such cases, the copied data may be inconsistent,
>> but this does not cause
>> + /// undefined behavior.
>> + pub unsafe fn write_buffer(
>> + &mut self,
>> + data: *const u8,
>> + len: usize,
>> + offset: usize,
>> + count: usize,
>> + ) -> Result {
>
> Instead of this we could probably also add a safe method write_dma() that
> takes
> a dma::CoherentAllocation<u8> instead. Once we have generic I/O in place, this
> could be replaced with a generic write_io() method.
