Rust was not exempt from the criticisms of Linus Torvalds

Few weeks ago the news of about some implementations that were made in the linux-next branch, which includes an initial set of components to develop device drivers in the Rust language.

This documentation was published separately on the use of Rust in the Linux kernel and an example of a kernel module with a character device driver in the Rust language. The code was added by Stephen Rothwell, maintainer of the branch.

After that Linus Torvalds went over the implementation review patch of possibilities to set Rust language drivers in Linux kernel and voiced some criticism.

The biggest complaints were caused by escape potential "Run-time failure panicen" in wrong situations, for example, in an out-of-memory situation, when dynamic memory allocation operations, including kernel operations, may fail.

Torvalds stated that such a focus on the kernel is fundamentally unacceptable, And if you don't understand this point, you can completely reject any code that tries to use such an approach. On the other hand, the developer of the patch agreed with the problem and found it solvable.

Another problem has been attempts to use floating point or 128 bit types, which are not valid for environments like the Linux kernel.

You may not understand the ramifications of when it can happen, so maybe
is less of a problem than I think it is, but fundamentally
I think if any Rust mapping can cause panic this is simply
_ fundamentally_ not acceptable.

Mapping failures in a non-core controller or code, and that is, for
definition, all new Rust code, can never NEVER cause
panic validly. The same goes for «oh, in some cases I did not try the use of
128-bit integers or floating point '.

So if the Rust compiler causes hidden assignments that cannot be
detect and return as errors, then I seriously believe that all of this
approach should be completely NAK'ed, and the Rust infrastructure,
either at compiler level or in kernel wrappers, you need more
job.

This turned out to be a more serious problem., since at this moment Rust's central library is indivisible and represents a large stain; there is no way to request only some of the features, thus avoiding the use of one or another problematic functionality.

The solution to the problem may require changes to the rust compiler and library, although the team does not yet have a strategy on how to implement modularity for language libraries.

In addition, Torvalds pointed out that the provided example controller is useless and advised to attach as an example a driver that solves one of the real problems.

Before this Google announced its participation in an initiative to promote Rust support in the Linux kernel y provided technical aspects of the feasibility of implementing Rust to combat problems that arise from errors in working with memory.

Google thinks Rust is ready to join C as a development language Linux kernel components. The article also provides examples of the use of the Rust language to develop kernel drivers, in the context of its use on the Android platform (Rust is recognized as an officially supported language for Android development).

Note that Google has prepared an initial prototype of a controller written in Rust for Binder's inter-process communication mechanism, which will allow a detailed performance and security comparison of Binder implementations in C and Rust.

In its current form, the work is not yet complete, but for almost all the basic abstractions of kernel functionality required for Binder to work, layers have been prepared to use these abstractions in the Rust code.

Finally, if you want to know more about it, you can check the details In the following link.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

      Miguel Rodríguez said

    All their criticisms are valid, given that Rust is a new language that works with a different paradigm to that of C, it is understandable the concern about any detail in the libraries or in the compiler itself where, although the code is valid, it causes the kernel to break as well. how it is implemented and built. That is why suggestions such as being able to modularize the library to call and keep active only those functions necessary for the program (or in this case for any controller) work correctly. Nor is what you ask for is unreasonable, that they bring you a real prototype controller that does a job well on a current problem (or at least does the same job as an existing one in the kernel and works without panic).

      Sete said

    From time to time I go back to read Linux Addicts articles but it takes me very little to despair when I see that despite having very good content, the final result is destroyed with an awful spelling.
    Will spelling and grammar be so difficult?
    A shame!
    Cheer up!