Rust’s Growing Role in the Linux Kernel: A Stable Future with Linux 7.0

The Linux kernel is increasingly embracing the Rust programming language, marking a significant shift in kernel development. Recent updates culminating in the Linux 7.0 merge window officially conclude the “Rust experiment,” signaling that Rust is now considered a stable and integral part of the kernel ecosystem.

Rust Officially ‘Here to Stay’ in Linux 7.0

For years, Rust has been undergoing testing and refinement within the Linux kernel. The recent patch, discussed in December and implemented for Linux 7.0, formally acknowledges Rust’s successful integration. Miguel Ojeda, a key contributor to the project, expressed hope that this decision will encourage further investment from companies and developers in Rust kernel programming. Phoronix reports that Ojeda initially credited 173 names for their contributions, a number that has grown substantially since the initial integration.

Preparing for Rust 1.95

Alongside the formal acceptance of Rust, preparations are underway for compatibility with the upcoming Rust 1.95 release. The Linux 7.0 updates include passing the “-Zunstable-options” flag, which will be required by Rust 1.95. This flag enables the use of new, unstable command-line options. Rust 1.95 is slated for branching from master on February 27th and a stable release on April 16th.

Key Improvements and Fixes

Recent Rust fixes for Linux 7.0 address several key areas:

• Irq Module: A missing bound detection issue, identified by in-development Rust 1.95 code, has been resolved.
• Pin-init Crate: A Clippy warning, which changed behavior with the upcoming Rust 1.95 release, has been addressed.
• Objtool Warning: A fix was implemented to resolve an objtool warning when using the older Rust 1.84 release.
• List Module: Missing “unsafe” blocks and placeholder safety comments in macros have been corrected.

AppArmor Enhancements in Linux 7.0

In addition to Rust-related updates, Linux 7.0 also includes enhancements to the AppArmor security module. Phoronix details that AppArmor now supports loading per-permission tagging. This feature, authored by John Johansen of Canonical, allows for annotating accept states with context and debug information, as well as enabling rule tainting and triggers. The update also adds support for execpath in the user namespace, providing more reliable identification of binaries triggering denials.

Looking Ahead

The formal conclusion of the Rust experiment and the ongoing integration of Rust features demonstrate a commitment to enhancing the Linux kernel’s security and performance. As Rust continues to mature and gain wider adoption, its role in kernel development is expected to expand, paving the way for more innovative and secure systems.