Linus Torvalds reviewed the patches to enable Rust drivers for the Linux kernel, and made some criticisms.
The greatest complaints were caused by the potential possibility of going to panic () in erroneous situations, for example, in a situation of lack of memory, when dynamic memory allocation operations, including those inside the kernel, can end in an error. Torvalds stated that such an approach in the kernel is fundamentally unacceptable, and if this point is not understood, he can completely turn away (totally NAKed) any code that tries to use such an approach. On the other hand, the patch developer agreed with the problem and considers it to be solved.
Another problem has been attempts to use floating point calculations or 128-bit types, which is not allowed in environments such as the Linux kernel. This turned out to be a more serious problem, since at the moment the Rust core library is indivisible and is one big blob - there is no way to request only some of the features in it, preventing the use of one or another problematic functionality. Solving the problem may require changes to the rust compiler and libraries, although at the moment the team does not yet have a strategy on how to implement the modularity of the language libraries.
In addition, Torvalds noted that the provided driver example is useless and advised to attach some driver that solves one of the real problems as an example.
Addendum: Google announced its participation in an initiative to bring Rust support into the Linux kernel and gave technical aspects of the feasibility of introducing Rust to combat problems arising from memory errors. Google believes that Rust is ready to join C as a language for developing components of the Linux kernel. The article also provides examples of using the Rust language for developing kernel drivers, in the context of their use in the Android platform (Rust is recognized as an officially supported language for Android development).
It is noted that Google has prepared an initial prototype of a driver written in Rust for the Binder interprocess communication mechanism, which will allow for a detailed comparison of the performance and security of Binder implementations in C and Rust. In its current form, the work has not yet been completed, but for almost all the basic abstractions of the core functionality necessary for Binder to work, layers have been prepared for using these abstractions in Rust code.
Source: opennet.ru