Google supports the introduction of Rust into Linux kernel development
In addition to the Linux kernel development mailing list, Google engineers also published their opinions on the introduction of Rust into Linux kernel development in their official security blog. The article stated that although the C language has been the language of choice for writing the kernel for nearly half a century, and the development of the kernel has high standards of code review and carefully implemented safeguards, memory security vulnerabilities still occur frequently. Therefore, it believes that Rust can now be introduced into kernel development to help reduce potential bugs and security vulnerabilities in privileged code while taking into account its performance requirements. Previously, Google has allowed Rust to be used for Android system-level code development.
Google engineers talk about the prototype design of the Binder driver and the comparison of safety and performance characteristics between the existing C version and its Rust counterpart. Engineers said that the goal of using Rust is not to convert all the Linux kernel code to Rust but to allow Rust to write new code. This incremental approach can not only ensure the existing high performance of the kernel but also provide new kernel developers with new tools to improve memory safety and guarantee future performance.
In addition, engineers also introduce the kernel’s Rust sample driver in detail and compare it with the corresponding C version. Finally, it said that almost all common kernel functions required by Binder have been encapsulated in a safe Rust abstraction, and engineers is collecting feedback from the wider Linux kernel community to upstream the existing Rust support.