Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Programming Linux

Rust Takes 'Tentative First Step' Toward Linux Kernel (thenewstack.io) 120

In his This Week in Programming column, Mike Melanson writes: Rustaceans' dreams of Rust's inclusion in the Linux kernel are one tiny, ever so slight step closer to becoming a reality, with this week's "intentionally bare-bones" inclusion in Linux-next, the development branch of the Linux kernel... Curb your enthusiasm, however, as this remains a rather tentative first step of many necessary steps before Rust fully lands in the Linux kernel.

A rather brief post on LWN.net summarizes where we are rather succinctly:

Followers of the linux-next integration tree may have noticed a significant addition: initial support for writing device drivers in the Rust language. There is some documentation in Documentation/rust, while the code itself is in the rust top-level directory. Appearance in linux-next generally implies readiness for the upcoming merge window, but it is not clear if that is the case here; this code has not seen a lot of wider review yet. It is, regardless, an important step toward the ability to write drivers in a safer language.

Indeed, Miguel Ojeda, a software developer and maintainer of the Rust for Linux project writes that the proposed inclusion "does not mean we will make it into mainline, of course, but it is a nice step to make things as smooth as possible," with some changes expected before any decision as to Rust's inclusion are made.

For those of you less familiar with Rust, part of the appeal here comes with Rust's memory safety features, especially in comparison to C, which the Linux kernel is currently coded in. Part of the problem, however, is that Rust is compiled based on LLVM, as opposed to GCC, and subsequently supports fewer architectures. This is a problem we've seen play out recently, as the Python cryptography library has replaced some old C code with Rust, leading to a situation where certain architectures will not be supported. Presently, the proposal to include Rust in the Linux kernel limits this issue by saying that Rust would be used, at least initially, for writing drivers that, as noted in another LWN.net article on the topic, "would never be used on the more obscure architectures anyway."

This discussion has been archived. No new comments can be posted.

Rust Takes 'Tentative First Step' Toward Linux Kernel

Comments Filter:
  • by Anonymous Coward on Saturday March 20, 2021 @11:42AM (#61179496)

    I that what is called "tainting" the kernel?

  • by xack ( 5304745 )
    As is in distros will be made specifically to avoid it. Rust and Clojure are the worst things to happen to open source in a long time. There is a reason why good old C has been used for over 50 years.
    • Care to elaborate? What's wrong with Rust? All I've heard about are good things.
      • by darkain ( 749283 ) on Saturday March 20, 2021 @12:09PM (#61179554) Homepage

        The Rust language itself isnt that large of a problem, its more the implementation. The compiler / toolchain is a royal fucking pain in the ass to bootstrap. There is only one "rust", unlike C, which is a true language with multiple implementations. Rust is a full blown, in-housed ecosystem that is very complicated to move to new platforms. While there is complaints about legacy platforms not being supported, there is also issues with moving forward too. There have been countless issues with Rust compiler on ARM, and I can only imagine it getting worse as we move to other targets like RISC-V and beyond. Its "great" if you're already in the supported ecosystem (Intel CPUs), but anything else has been an absolute nightmare to support.

        • by gweihir ( 88907 )

          Well, that is a ton of exceptionally good reasons to not allow it in. I guess this will just be another meaningless stunt by the fans of a language that is not worth much at this time.

      • by xack ( 5304745 ) on Saturday March 20, 2021 @12:11PM (#61179560)
        Rust is basically trying to be forced it's way into software projects that don't want it. It's like if someone wanted to put visual basic in the kernel. Any advantages are cancelled out by it's viral nature.
        • Just like wireguard as well. I remember a few years back on the dd-wrt forums shills from the wireguard community trying to cram that shit down the throats of dd-wrt and get it into the kernel there before they got it in the mainline kernel. Now those folks are trying to ram it down the throats of *BSD. Thankfully *BSD has pushed back calling the code experimental at best.
          • Just like wireguard as well. I remember a few years back on the dd-wrt forums shills from the wireguard community trying to cram that shit down the throats of dd-wrt and get it into the kernel there before they got it in the mainline kernel. Now those folks are trying to ram it down the throats of *BSD. Thankfully *BSD has pushed back calling the code experimental at best.

            I am quite prepared to rewrite my software, currently in C, to use Rust. Its the best Lint facility that currently exists to help insure flawless code, particularly if you use malloc and free in complex environments. If you do not use dynamic memory (alloc / free), then C is great as is, for development.

            • I can understand lauding the Rust linter, but slamming malloc / free? I *like* being in full control of memory allocation / deallocation, heck, I even use alloca in some places. There is nothing wrong with malloc / calloc / realloc or whatever flavor of heap allocation you prefer. Sure memory alignment can be a bit of a pain, but even Rust defers to alloc for that. People like to complain about C, but C does exactly what you write, nothing more If you blow off your foot, it's because you loaded the gun, aim

        • by gweihir ( 88907 )

          Looks like it. yes. Basically the people that know what they are doing are not seeing any of the claimed advantages of Rust. Hence they have to resort to "stunts" like this one. I will certainly never build parts of a kernel that are in Rust.

      • Sounds like job for Hammerite or Rust-oleum.
      • Clearly the single-implementation status is undesirable, don't you think? We've already had too many problems with languages defined by their implementations.
        • Pretty much all languages have been defined by their implementations at one time or another. Haskell used to have multiple implementations, but GHC became dominant. Languages that had a hard standard (like Scheme or ML) and multiple implementations, either never really went anywhere, or the bits that went anywhere left the standards behind (Ocaml for ML, Racket for Scheme).

          Wherever there's a standard that pretends to be independent of implementations, there's dialects and differences that need to be papered

          • Wherever there's a standard that pretends to be independent of implementations, there's dialects and differences that need to be papered over - as the GCC vs. LLVM issues mentioned in this post illustrate.

            It easier to sell an idea that obsoletes on old one. The reality? LLVM implementations must/need to talk to GCC implementations...

    • There is a reason why good old C has been used for over 50 years.

      And the reason is that somebody has to provide job security for all the security hackers with hats of various colors.

      "Derp! But all the security problems are from stoopid mistakes! They wouldn't be there if all the C coders had top 1% skill level!!!"

      Math fail.

      • by phantomfive ( 622387 ) on Saturday March 20, 2021 @01:00PM (#61179668) Journal

        "Derp! But all the security problems are from stoopid mistakes! They wouldn't be there if all the C coders had top 1% skill level!!!"

        The string mistakes wouldn't be there if programmers used a better string library in C. This doesn't require top 1% skill level.
        The memory mistakes wouldn't be there if programmers used a better memory library in C. This also doesn't require a top 1% skill level.

        It doesn't require a genius to avoid buffer overflows in C, it takes general competence. Although maybe most programmers these days don't have general competence.

    • by PPH ( 736903 )

      Now there's an idea. Do systemd in Rust.

      Once you get that working, come back and we'll give you another piece to play with.

    • Hopefully slackware will avoid it as they've done with systemd thus far, but how long till all this shit get so ingrained into the kernel that you just can't make a distro without it any longer?
      • If you're running Slackware, you're halfway towards being competent enough to run a BSD system. I like Slack, but why not make the leap?

        • If you're running Slackware, you're halfway towards being competent enough to run a BSD system. I like Slack, but why not make the leap?

          Running BSD to do what? You will have to be more specific.

          • by tepples ( 727027 )

            In context, I conclude that the following was meant:

            If you administer Slackware on a desktop PC or server for a particular purpose, you're halfway towards being competent enough to administer FreeBSD for the same purpose. Why not give FreeBSD a try?

        • by zixxt ( 1547061 )

          Cause *BSD are years behind Linux on any metric. And their code quality generally sucks.

    • Just about every new language since C has been sold on the motto "..we don't need C anymore to do...Whatever...!", only to write code that must talk to a C running stack. Or even better some abstraction layer that separates the (app) developer from the dirty, cranky C register manipulation. You can technically "write" a driver in any language, especially one that is derived from C (most of em). Remember the *nix drivers exampled in C# in the beginning of it's deployment? I haven't been following the Rust
    • Comment removed based on user account deletion
      • Gentoo user here. I compile all of my software from scratch, including the kernel, because Gentoo is a source-based distribution. So this does impact me. Build dependencies tend to be as tricky in my environment as runtime ones.

        Having said that, I believe that the beginnings of what will likely be a decades-long effort to replace C and C++ are long overdue.

        You need something low-level if you truly must directly manipulate memory or CPU registers or other hardware. Today that is almost always C or C++, b

    • Avoidance of software by distros is a choice by the distro developers. The fact is new languages are patched and incremented as fast as the platform they are expected to run on and almost write themselves. I like node.js as an example of this. It already having deno "the not node.js" example which is more like a fork. As far as distros not having a subsystem included, I'll have to ask why is it easier to fork a distro that fully supports a subsystem then "edit" the subsystem out than to just create your own
  • by Gravis Zero ( 934156 ) on Saturday March 20, 2021 @12:07PM (#61179548)

    Rust needs a formal specification. Having a formal specification ensure that despite any future changes to the language that it will be possible to implement a compiler that can compile the code. A lot of work has been done to move toward standard C code (as well as supporting GNU C extensions in Clang) so adding code that relies on a single compiler with no formal specification would be a step in the wrong direction.

    • Comment removed based on user account deletion
    • It also looks like inviting tool chain bloat to me. So far you need a C compiler to build the kernel, do we really need the extra dependency on a Rust compiler?

      • Bloat is the word. I just lost 4 hrs of my life watching rust build under llvm on BSD. All because I wanted a new version of Firefox.

        This machine is not especially small or slow (4 cores, 64 bits, 8 gigs, 3 GHz...) But it reminds me of trying to compile Open Office on a 486.

        Holy shit I miss 20 yrs ago when you could configure *everything* on a RH box in minutes with plain text, some bash and C. (OK, maybe sed and awk)

  • What is a programming language doing in an operating system kernel?

    Is this only Rust, or do we already have other programming languages on the inside of the Linux kernel?
    • So how do you think they write the kernel if they don't use programming languages? The Linux Kernel is written in C but they have now opened up for new device drivers to be also written in Rust.
      • So how do you think they write the kernel if they don't use programming languages? The Linux Kernel is written in C but they have now opened up for new device drivers to be also written in Rust.

        Why does the kernel need to be "opened up" to accept Rust programs? For the kernel these are just compiled binaries, why does it need to know what language it was written in?

        • To elaborate on my previous question: what would stop me from writing a Linux device driver in, say, Pascal?
          • What would stop you is the Pascal ABI is incompatible with C and there's no support in the kernel build system to compile it.
            • And every single attempt to merge Pascal code would be rejected by the kernel maintainers even if you managed to make Pascal bind to C!
              • even if you managed to make Pascal bind to C

                Would that not be a task for the linker rather than for the compiler?

                And every single attempt to merge Pascal code would be rejected by the kernel maintainers

                Of course, but that is a management issue.

                (I'm not trying to be obnoxious, these are genuine questions and I appreciate the answer you and others have given.)

                • Yes there is nothing stopping you from creating your own home-brew linker and Pascal compilter from achieving this but that is not the question that are being solved, what is being solved is the possibility to create a device driver in Rust and having that same driver being accepted upstream in the Linux kernel proper. This means that #1 the maintainers will accept that code (which they won't do with Pascal since they currently only accept code written in C and soon some new device drivers in Rust) and #2 t

                • even if you managed to make Pascal bind to C

                  Would that not be a task for the linker rather than for the compiler?

                  The compiler still needs to know the calling convention [wikipedia.org], meaning how to set up the stack and the registers when calling a function compiled by another compiler. Only code using compatible calling conventions can be linked together without some routine in the middle that acts as a shim to translate the calling convention. Historically, the popular Pascal compiler for a platform and the popular C compiler for the same platform have used different calling conventions.

            • What would stop you is the Pascal ABI is incompatible with C and there's no support in the kernel build system to compile it.

              Indeed, in Pascal parameters are pushed on the stack in left-to-right order (and the callee cleans up the stack), while GCC uses right-to-left (and the caller cleans up the stack).

              However, GCC supports several languages, perhaps I should have chosen gfortran as an example rather than Pascal (since the GNU Pascal front-end does not seem to be supported anymore).

        • Drivers needs to communicate with the internals of the kernel and until now those internals was only exported via C. For more in-depth see e.g https://lwn.net/Articles/82985... [lwn.net]
  • I've never had an opinion on Rust before because I knew nothing about it, but if Rust programmers are called Rustaceans, I hate it.
  • Google sponsored some folks the other day to work on linux kernel security and one of them is working on llvm. This makes sense where it's going. Device drivers are the perfect place to start taking Rust. Hardware manufacturers are less likely to have security programming experts on hand but if they can make their hardware work with a Rust driver then people have less worry about including and shipping it. We get things like the iSCSI driver problem from the other day when we just build and include all
  • Rustacean (Score:3, Funny)

    by mattfoo ( 773941 ) on Saturday March 20, 2021 @12:58PM (#61179664)
    Peter: Let me ask you something. When you come in on Monday and you're programming in Rust, does anyone ever say to you, "Sounds like someone is a Rustacean?" Lawrence: No. No, man. Shit, no, man. I believe you'd get your ass kicked sayin' something like that, man.
  • Whether or not Rust is a good language, the albatross around its neck is the Rust "more woke than thou" community.
    • Yes, what a tragedy you can't be a racist mysoginistic fay-bashing asshole on their forums.

      • The woke people by far are the real racists and misandrists, making scapegoats in denial of their own failings as humans.

        • by narcc ( 412956 )

          LOL, let me guess, you think the guy carrying around the Confederate flag is just celebrating his "heritage" and the guy with the swastika tattoo is just interested in promoting an open dialog!

          You racist shit-bags are something else.

          • You call someone racist when they point out femi-nazi hatred of men, and various black leaders and performers spewing white hate. You are something else.

            Then you mention two random lowlifes, and make assumptions about how I feel about them as an argument?

            You're pathetic and prove my point, you virtue signaling empty set.

            • by narcc ( 412956 )

              If I were playing right-wing racist shitbag bingo, I'd have a coverall.

              Fuck off and die, racist shitbag!

              • Look at you spewing hate and accusations of racism like a smokescreen, to cover up your lack of rational thought.

                • by narcc ( 412956 )

                  I really don't care what a racist shit bag thinks about me. The world will be a better place once your kind is eradicated.

                  Go on, now, fuck off and die like a good shit bag racist.

                  • you're the one spewing rabid hatred, a typical woke snowflake triggered, can't handle reality.

            • If that even vaguely represented most feminists you might have a point. But "Feminazi" is some sort of bizarre assertion made by misogynists basically projecting their own insecurities and biases on to other people.

    • I really can't wait for another generation to see how history looks at the whole woke/cancel culture movement. Hopefully the next generation rebels against their "woke" parents generation the way most prior have.
  • For the mono port to be finished before ? https://linuxformat.com/tuxrad... [linuxformat.com]
  • since rust is attempting to get into the kernel, what about golang attempts?
    • by bn-7bc ( 909819 )
      Hell ehy not c# and .ner il ehile we’re at it, the more the merrier :)
    • Golang is trying to be a server language (or infrastructure language, since that's what people are calling servers these days). It does a good job of handling threads, and it has an efficient GC. Golang is trying to replace Java and C++ on the server.

      So a database might be written in Golang, but not a kernel.

      • The database seems to be what most newer languages are optimized for. The server, any server it does not matter, is a feature? A convenient one to say the least...
  • I'm a bit worried about the ability of multinational consortiums to grow communities of users and developers around the projects that they govern. When one of those projects doesn't support certain less common use cases, often it's not only because there's less people who have the knownledge and disposition required to develop the necessary code, but also because the project maintainers are less likely to accept their contribution upstream. Also, they're less likely to allow their design choices to be put i
  • Ada/SPARK can do more than Rust. It is better than C++ in most instances. It could radically improve the reliability of Linux device drivers. It is also available as a commercial compiler as well as a GCC-based open source project. Memory protection is one aspect of Ada/SPARK. Range checking and other features make it ideal for operating systems and applications in general. The big challenge these days is that Rust has mindshare. What is most surprising to me is how few Rust developers and users do not eve
  • Rust would be used, at least initially, for writing drivers that, as noted in another LWN.net article on the topic, "would never be used on the more obscure architectures anyway."

    What is that supposed to mean? What criteria are they thinking of applying? If the architecture is suitable to have a unix kernel on it, it might possibly end up interfaced with nearly any sort of hardware. This is a world where modern embedded microcontrollers exist that would easily kick an older desktop's ass. A world where someone made a retro C64 cartridge with an ethernet controller in it.

    I've seen examples of the Linux kernel running on everything from a mainframe down to an SD card.

If you didn't have to work so hard, you'd have more time to be depressed.

Working...