Re: [PATCH 0/5] Rust support for `struct iov_iter`

[Greg Kroah-Hartman]

On Tue, Mar 11, 2025 at 02:25:11PM +0000, Alice Ryhl wrote:
> This series adds support for the `struct iov_iter` type. This type
> represents an IO buffer for reading or writing, and can be configured
> for either direction of communication.
> 
> In Rust, we define separate types for reading and writing. This will
> ensure that you cannot mix them up and e.g. call copy_from_iter in a
> read_iter syscall.
> 
> To use the new abstractions, miscdevices are given new methods read_iter
> and write_iter that can be used to implement the read/write syscalls on
> a miscdevice. The miscdevice sample is updated to provide read/write
> operations.

Nice, this is good to have, but what's the odds of tieing in the
"untrusted buffer" logic here so that all misc drivers HAVE to properly
validate the data sent to them before they can touch it:
	https://lore.kernel.org/r/20240925205244.873020-1-benno.lossin@xxxxxxxxx

I'd like to force drivers to do this, otherwise it's just going to force
us to audit all paths from userspace->kernel that happen.

thanks,

greg k-h