Miguel Ojeda, author of the Rust-for-Linux project, has proposed a fifth option for Rust device driver development components for consideration by Linux kernel developers. Rust support is considered experimental, but is already included in the linux-next branch and mature enough to start working on creating abstraction layers over kernel subsystems, as well as writing drivers and modules. The development is funded by Google and the ISRG (Internet Security Research Group), which is the founder of the Let's Encrypt project and promotes HTTPS and the development of technologies to increase the security of the Internet.
Recall that the proposed changes make it possible to use Rust as a second language for developing drivers and kernel modules. Rust support is presented as an option that is not enabled by default and does not result in the inclusion of Rust among the required build dependencies for the kernel. Using Rust to develop drivers will allow you to create safer and better drivers with minimal effort, free from problems such as accessing a memory area after it is freed, dereferencing null pointers, and buffer overruns.
Memory-safe handling is provided in Rust at compile time through reference checking, keeping track of object ownership and object lifetime (scope), as well as through evaluation of the correctness of memory access during code execution. Rust also provides protection against integer overflows, requires mandatory initialization of variable values ββbefore use, handles errors better in the standard library, applies the concept of immutable references and variables by default, offers strong static typing to minimize logical errors.
The new version of the patches continues to eliminate the comments made during the discussion of the first, second, third and fourth editions of the patches. In the new version:
- Component validation for Rust support has been added to the continuous integration system based on the Intel-supported 0DAY/LKP bot, and testing reports have begun to be published. The integration of Rust support into the automated testing system KernelCI is being prepared. Testing based on GitHub CI has been switched to using containers.
- Rust kernel modules are spared the need to define crate attributes "#![no_std]" and "#![feature(β¦)]".
- Added support for single build targets (.o, .s, .ll and .i).
- Code guidelines define rules for delimiting comments ("//") and documenting code ("///").
- The is_rust_module.sh script has been redesigned.
- Added support for static (global shared variables) synchronization primitives based on the "CONFIG_CONSTRUCTORS" implementation.
- Simplified blocking management: Guard and GuardMut are merged and one parameterized type.
- Added the ability to define additional parameters when registering devices.
- Added abstraction "RwSemaphore", acting as a wrapper over the C-structure rw_semaphore.
- To use mmap, a new mm module and VMA abstraction (binding over the vm_area_struct structure) have been added.
- The PL061 GPIO driver has been translated to use the "dev_*!" macro.
- General cleaning of the code.
Source: opennet.ru