RustConf speakers affirm Rust for Linux project despite challenges of unstable Rust, maintainer resignation

RustConf speakers affirm Rust for Linux project despite challenges of unstable Rust, maintainer resignation

At RustConf in Montreal last week, Miguel Ojeda, a lead maintainer for the Rust for Linux project, described the resignation of fellow maintainer Wedson Almeida Filho as a “darkest before the dawn” moment for the project, which aims to make Rust a second main programming language for the Linux kernel alongside C.

Miguel Ojeda speaks at RustConf

Initial support for Rust in the kernel was merged in October 2022, for Linux 6.1, but there are obstacles to progress – including that Rust for Linux still requires use of unstable features in Rust. This is recognized as undesirable, but there are many such features, as documented on GitHub, and they cover areas including the language, standard library, compiler, and more.

Nicholas Matsakis, co-lead of the Rust language design team, reiterated at RustConf that Rust for Linux is a flagship project for the Rust team – but that it would take more than six months before it could use stable Rust. “We’ve got a bunch of people working on this,” he said.

The requirement for unstable Rust is a problem, Matsakis explained, because “in some sense, the prime audience of this is the people who want to work on the Linux kernel in C. Those people don’t want to use nightly Rust, they don’t even want to know that Rust is there. They’re working on their C code. They just want to know that whatever Rust compiler is in their Debian distribution works. And unfortunately right now they can’t do that.” 

Ambitious goals

Rust for Linux means the language being used “in probably the most demanding possible low level environment,” said Matsakis. He was also keen to emphasize that Rust for Linux does not just use unsafe Rust – which he had heard described as “just C++ with a better syntax.”

Instead, Rust for Linux is about “building safe abstractions and letting you actually do the majority of your work in safe Rust,” stressed Matsakis.

How the kernel create allows developers to use safe Rust – though the kernel crate is being split

Ojeda explained that unsafe code is intended to be contained within a module called the kernel crate. The intention is that developers write safe Rust and leave the kernel crate to handle unsafe code behind the scenes. The kernel create is being split into multiple parts, but the same principle will apply.

This is how the Rust for Linux project will achieve its goal of making programming for the Linux kernel more secure, as well as potentially enabling a new cohort of Rust developers to become kernel contributors.

Hesitation still a barrier

Another issue for the project is that some existing C programmers are resistant to the idea of Rust as a second language – fearing that it will complicate their work or put them under pressure to learn Rust. Disquiet about this recently caused key Rust for Linux maintainer Filho to resign.

“For me it was of course very hard,” Ojeda told RustConf, “but on the positive side, it may be one of those darkest before the dawn moments … I want to assure you that the project is going forward.”

Ojeda remarked that there were many big developers with an interest in “Rust in the kernel being successful” – including Google, Microsoft, AWS and many others. “So let’s make it happen,” he urged.