At the ongoing Maintainers Summit conference, a discussion was held on the results of an experiment to add Rust component development capabilities to the Linux kernel. Participants deemed the experiment a success and decided to move Rust support into the core kernel, removing its experimental designation.
Three years ago, the ability to develop drivers and modules in Rust was added to kernel 6.1. Since then, the kernel has included abstractions for developing drivers in Rust for GPUs, file systems, block devices, network adapters, and USB devices. The Nova driver for NVIDIA GPUs, asahi for Apple AGX GPUs, Tyr for ARM Mali GPUs, and rust_ext2 for the Ext2 file system are all developed in Rust. An IPC Binder implementation written in Rust has been adopted into the kernel. The RROS project is developing a real-time subsystem for the Linux kernel, written in Rust. Rust support is disabled by default and does not include Rust as a mandatory kernel build dependency.
Rust's proponents believe that the language eliminates most of the core bugs caused by C language corner cases, allowing code reviewers to focus on logic errors and race conditions. Rust helps eliminate issues such as access-after-free, buffer overruns, incorrect resource releases during error handling, and forgotten error return code checks. Using Rust for new code also reduces development time by reducing debugging efforts and the language's strong guarantees that detect errors early in the development process.
Opponents of Rust's inclusion in the kernel consider it unacceptable to use multiple programming languages in complex projects. Mixed codebases complicate the work of maintainers, as they make them dependent on code written in another language. For example, if there are Rust bindings, developers of C-based subsystems must consider the impact of changes on the continued functionality of those bindings.
Source: opennet.ru
