Rust-for-Linux
rfcs
| Rust-for-Linux | rfcs | |
|---|---|---|
| 84 | 684 | |
| 4,141 | 6,113 | |
| 1.2% | 0.9% | |
| 0.0 | 9.5 | |
| 4 days ago | 18 days ago | |
| C | Markdown | |
| GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Rust-for-Linux
- Rewriting Rust
-
Committing to Rust in the Kernel
You're welcome.
> Any concerns of the same kind of thing?
Here's the canonical list: https://github.com/Rust-for-Linux/linux/issues/2
There's a lot, and I don't know the status of many of them, personally. But I don't see anything there that I know is not gonna work out, like for example, they aren't using specialization. Most of it feels like very nuts and bolts codegen options and similar things.
That said, back in August, the Rust Project announced their goals for the second half of this year: https://blog.rust-lang.org/2024/08/12/Project-goals.html
They say that they're committed to getting this stuff done, and in particular: https://rust-lang.github.io/rust-project-goals/2024h2/rfl_st...
> Closing these issues gets us within striking distance of being able to build the RFL codebase on stable Rust.
So, things sound good, in my mind.
-
Deploying Rust in Existing Firmware Codebases
The goal of rust for linux isn't to wholesale translate linux into rust, but simply to be able to write pieces of linux (largely new ones) in rust. I think it's very unlikely anyone (including google) will take on a wholesale translation anytime soon. That said
> It's unlikely that Google has much sway here
Google has helped fund the rust for linux project pretty much from the start [1], they're one of three organizations mentioned on the homepage due to their sponorship [2]. They're actively involved in it, and have already ported their android "binder" driver into it with the intent to ship it in android. This strikes me as a very weird take.
[1] https://www.memorysafety.org/blog/supporting-miguel-ojeda-ru...
[2] https://rust-for-linux.com/
- Rust for Linux
-
The Linux Kernel Prepares for Rust 1.77 Upgrade
Rust is backwards compatible when you stick to stable features, but the kernel uses unstable features that can and do incur breaking changes.
https://github.com/Rust-for-Linux/linux/issues/2
- Rust in Linux Kernel
-
Mark Russinovich: “Working towards enabling Windows driver development in Rust”
> How would this work?
Don't know exactly what you're asking.
> And why would it be a better idea?
Poorly written device drivers are a significant attack vector. It's one of the reasons Linux is now exploring using Rust for its own device drivers.[0] You may be asking -- why Rust and not some other language? Rust has many of the performance and interoperability advantages of C and C++, but as noted, makes certain classes of memory safety issues impossible. Rust also has significant mindshare among systems programming communities.
[0]: https://rust-for-linux.com
- The Linux Kernel Module Programming Guide
- Teknisk karrierevej i Danmark som softwareudvikler
-
The state of Flatpak security: major Projects are the worst?
Rust-for-Linux issue tracker
rfcs
-
Rust to C compiler – 95.9% test pass rate, odd platforms
> > no dynamic linking
> There is.
Eh, I'm a Rust fan, and I hate the dynamic linking situation too.
I genuinely cannot see how Rust would be able to scale to something usable for all system applications the way it is now. Is every graphical application supposed to duplicate and statically link the entire set of GNOME/GTK or KDE/Qt libraries it needs? The system would become ginormous.
The only shared library support we have now is either using the C ABI, which would make for a horrible way to use Rust dependencies, or by pinning an exact version of the Rust compiler, which makes developing for the system almost impossible.
Hopefully we'll get something with #[export] [1] and extern "crabi" [2], but until then Rust won't be able to replace many things C and C++ are used for.
[1] https://github.com/rust-lang/rfcs/pull/3435
[2] https://github.com/rust-lang/rfcs/pull/3470
-
Traits in Rust Explained: From Usage to Internal Mechanics
As you can see, all trait methods are stored in sequence without any distinction between which method belongs to which trait. This is why upcasting is not possible. There's an ongoing RFC—RFC 2765—tracking this issue. Instead of discussing the solution proposed by the RFC here, we’ll introduce a more general workaround by adding an AsBase trait:
- Tail Call Recursion in Java with ASM (2023)
-
Rust Any part 3: we have upcasts
And for extra context the RFc lays out the current design and future options: https://github.com/rust-lang/rfcs/blob/master/text/3324-dyn-...
-
Crabtime: Zig's Comptime in Rust
> so your claim is that rust compiler knows in advance which will be used by the target and adjusts its softfloat accordingly?
Rust performs FP operations using the precision of the underlying type. For compile time evaluation this is enforced by Miri, and for runtime evaluation this is enforced by carefully emitting the appropriate LLVM IR.
> IIRC there are cases for SIMD where there is only a 2 ULP guarantee and some tryhard silicon gives you 1 ULP for the same opcode.
Rust only permits operations in constant contexts when it's confident that it can make useful guarantees about their behavior. In particular, FP ops in const contexts are currently limited as follows:
"This RFC specifies the behavior of +, - (unary and binary), *, /, %, abs, copysign, mul_add, sqrt, as-casts that involve floating-point types, and all comparison operations on floating-point types."
https://github.com/rust-lang/rfcs/blob/master/text/3514-floa...
-
Rust Solves the Issues with Exceptions
Rust doesn't support that, but there's an RFC trying to figure out how that could be done (hasn't gone anywhere after more than 10 years of discussions): https://github.com/rust-lang/rfcs/issues/294
But Rust supports macros, just like Lisp, so of course someone wrote a library that provides something similar:
https://docs.rs/some-error/latest/some_error/
Their post about how they came up with this crate is quite interesting:
https://jam1.re/blog/anonymous-sum-types-for-rust-errors
- Handling Cookies Is a Minefield
-
Zig's (.{}){} Syntax
> The same pattern in Rust would just use variadic templates/generics.
Are you sure Rust has variadic generics? https://github.com/rust-lang/rfcs/issues/376
-
Macros, Safety, and SOA
> I regret having to sacrifice API design to satisfy something of a corner case usage.
A possible future alternative would be to bound the macro in some way on Freeze, once that is stabilised. See the RFC for details: https://github.com/rust-lang/rfcs/pull/3633
This would of course be a tradeoff again, as it would disallow interior mutability then.
-
Perhaps Rust Needs "Defer"
There is talk of making it illegal to have a reference be unaligned, or even point to very low addresses: <https://github.com/rust-lang/rfcs/pull/3204>. At one point, there was even talk of certain kinds of references not even being stored as memory addresses at all: <https://github.com/rust-lang/rfcs/pull/2040>. And Box<_> is not #[repr(transparent)] either. Only *const _ and *mut _ have a guaranteed ABI.
Just because you write fewer, but still more than zero, “unsafe” keywords does not mean your code is more safe.
What are some alternatives?
rustig - A tool to detect code paths leading to Rust's panic handler
crates.io - The Rust package registry
jakt - The Jakt Programming Language
unsafe-code-guidelines - Forum for discussion about what unsafe code can and can't do
dafny - Dafny is a verification-aware programming language
polonius - Defines the Rust borrow checker.