Miguel Ojeda, author of the Rust-for-Linux project, has proposed a release of v8 components for Rust device driver development for Linux kernel developers to consider. This is a revision of the patches, taking into account the first version published without a version number. Rust support is considered experimental, but is already included in the linux-next branch, claims to be integrated in the fall 5.20/6.0 release, and is mature enough to start working on creating abstraction layers over kernel subsystems, as well as writing drivers and modules. The development is funded by Google and the ISRG (Internet Security Research Group), which is the founder of the Let's Encrypt project and promotes HTTPS and the development of technologies to increase the security of the Internet.
In the new version:
- The toolkit and a variant of the alloc library, which got rid of the possible generation of the "panic" state when errors occur, have been updated to the release of Rust 1.62. Compared to the previous version, the Rust toolkit has stabilized support for the const_fn_trait_bound functionality used in kernel patches.
- The bindings code is separated into a separate crate-package "bindings", which simplifies rebuilding in case of making changes only to the main "kernel" package.
- The implementation of the macro "concat_idents!" rewritten in the form of a procedural macro, not tied to the concat_idents functionality and allowing the use of references to local variables.
- The "static_assert!" macro has been rewritten, which allows using "core::assert!()" in any context instead of constants.
- Macro "build_error!" adapted to work when set for modules of the "RUST_BUILD_ASSERT_{WARN,ALLOW}" mode.
- Added a separate configuration file "kernel/configs/rust.config".
- The "*.i" files processed in macro substitutions have been renamed to "*.rsi".
- Removed support for building Rust components with optimization levels other than those used for C code.
- Added fs module providing bindings for working with file systems. An example of a simple file system written in Rust is proposed.
- Added workqueue module for working with system queues (provides bindings over work_struct and workqueue_struct kernel structures).
- The development of the kasync module continued with the implementation of asynchronous programming methods (async). Added an example of a kernel-level TCP server written in Rust.
- Added the ability to handle interrupts in Rust using the [Threaded]Handler traits and [Threaded]Registration` types.
- A procedural macro "#[vtable]" has been added to make it easier to work with function pointer tables, such as the file_operations structure.
- Implementation of bidirectional linked lists "unsafe_list::List" has been added.
- Added initial support for RCU (Read-copy-update) and the Guard type to check if a read lock is bound to the current thread.
- Added Task::spawn() function to spawn and automatically start kernel threads. The Task::wake_up() method has also been added.
- Added delay module, allowing to use delays (wrapper over msleep()).
The proposed changes make it possible to use Rust as a second language for developing drivers and kernel modules. Rust support is presented as an option that is not enabled by default and does not result in the inclusion of Rust among the required build dependencies for the kernel. Using Rust to develop drivers will allow you to create safer and better drivers with minimal effort, free from problems such as accessing a memory area after it is freed, dereferencing null pointers, and buffer overruns.
Memory-safe handling is provided in Rust at compile time through reference checking, keeping track of object ownership and object lifetime (scope), as well as through evaluation of the correctness of memory access during code execution. Rust also provides protection against integer overflows, requires mandatory initialization of variable values ββbefore use, handles errors better in the standard library, applies the concept of immutable references and variables by default, offers strong static typing to minimize logical errors.
Source: opennet.ru