Linux

47237 readers

3343 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

Are there any advantages of using Rust instead of C in the Linux kernel? (lemmy.world)

submitted 1 year ago by [email protected] to c/[email protected]

41 comments fedilink hide all child comments

Will there be performance and security improvements?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 10 points 1 year ago* (last edited 9 months ago) (3 children)

[This comment has been deleted by an automated system]

[–] [email protected] 8 points 1 year ago

Not all guarantees are gone, even with unsafe

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

Well, it largely removes an attack surface for memory bugs, which is a huge thing. If we're writing a big driver (see the Rust driver for the Apple GPU) then suddenly waving hands incoherently 90% or more of the driver (depending) is likely to be much more memory safe and stable. As has been demonstrated with that particular driver already.

I was watching the streams and when it compiled Asahi Lina usually only had to deal with logical type errors, not memory issues, it was basically a great showcase for Rust and memory safely. Unsafe is perfectly fine Rust, but it's a contract where the developer says to the compiler: "I know you can't guarantee this block is safe, so I'll keep a special eye on that, peer review more, test, etc. while you keep an eye on all the other code I can't fit in my head". In the case of Linux an Unsafe blocks means "we'll trust the Linux kernel code we connect to, though review it carefully".

So saying all safety goes out the window is wrong, see it as a vastly reduced potential for memory problems, better error handling and more stable drivers, as demonstrated by the Apple GPU driver.

[–] [email protected] 4 points 1 year ago* (last edited 9 months ago)

[This comment has been deleted by an automated system]

[–] [email protected] 4 points 1 year ago

It just depends on how isolated that part of the kernel is. Unsafe code should be done only in interop, and so it still theoretically has a memory safety benefit over C in that sense.

In terms of how much interop code needs to be written for Rust at this point is another discussion though.