cargo-msrv VS Rust-for-Linux

What this tool say? https://github.com/foresterre/cargo-msrv

I'm working on cargo-marv.

Before getting overcome by despair, have a look at cargo-msrv -- this little gem of a tool figures it all out for you!

I'll be adding a 'minimal' output format to cargo-msrv for use in scripts. I'll also be updating the book, and inch closer towards releasing v0.16.

First commit 2 months ago, started with edition 2021. https://hg.sr.ht/~cyplo/legdur/browse/Cargo.toml?rev=ca11815...

Have you tried compiling something less than bleeding edge, with a year old compiler, or are you picking projects specifically to "showcase" the supposed failings of the Rust compiler?

Many libraries in the ecosystem have a MSRV (minimum support rust version) guarantee, with compile-time shims to enable newer features if a more recent version is detected.

You can pin your dependencies to those versions (and if they don't have an explicit MSRV, just pin it to a version by date or by running https://github.com/foresterre/cargo-msrv on the project to find the effective MSRV).

You can cargo install specific versions of a binary crate, and if they move to the 2021 edition, or use a recently stabilized standard library function or w/e, you can simply choose to install a specific version, that would work with your distro's rustc/cargo.

I'm not even talking about the completely valid, but last resort strategy of many non-bleeding edge distro package maintainers, of simply creating a .patch file and applying it. In legdur's case, --- edition = "2021" +++ edition = "2018" on Cargo.toml would probably do the trick. For libraries/binaries you control, you can use https://doc.rust-lang.org/cargo/reference/overriding-depende... and https://github.com/itmettkeDE/cargo-patch.

Giving up after the first minor roadblock and crying bloody murder is intellectually lazy.

Looks helpful though it doesn't seem to address when you don't have a Cargo.lock. I've created an issue for this.

I'll be switching over the CLI of cargo-msrv, from Clap's builder methods to the attribute macro. I hope this will simplify the configuration, as my Config and ConfigBuilder structs (which were build from Clap's ArgMatches) was growing fast, and becoming slightly unorganized. With the attribute macro, the config will be constructed directly by code generated by the macro. The mostly saves one intermediate step, and a lot of boilerplate.

Some combination of cargo-outdated and cargo-msrv could probably do this in a slightly more manual fashion.

Rust is backwards compatible when you stick to stable features, but the kernel uses unstable features that can and do incur breaking changes.

https://github.com/Rust-for-Linux/linux/issues/2

> How would this work?

Don't know exactly what you're asking.

> And why would it be a better idea?

Poorly written device drivers are a significant attack vector. It's one of the reasons Linux is now exploring using Rust for its own device drivers.[0] You may be asking -- why Rust and not some other language? Rust has many of the performance and interoperability advantages of C and C++, but as noted, makes certain classes of memory safety issues impossible. Rust also has significant mindshare among systems programming communities.

[0]: https://rust-for-linux.com

Ctrl-F "rust"

https://rust-for-linux.com/ links to LWN articles at https://lwn.net/Kernel/Index/#Development_tools-Rust that suggest that only basic modules are yet possible with the rust support in Linux kernels 6.2 and 6.3.

Rust-for-linux links to the Android binder module though:

> Android Binder Driver: This project is an effort to rewrite Android's Binder kernel driver in Rust.

> Motivation: Binder is one of the most security and performance critical components of Android. Android isolates apps from each other and the system by assigning each app a unique user ID (UID). This is called "application sandboxing", and is a fundamental tenet of the Android Platform Security Model.

> The majority of inter-process communication (IPC) on Android goes through Binder. Thus, memory unsafety vulnerabilities are especially critical when they happen in the Binder driver

... "Rust in the Linux kernel" (2021) https://security.googleblog.com/2021/04/rust-in-linux-kernel... :

> [...] We also need designs that allow code in the two languages to interact with each other: we're particularly interested in safe, zero-cost abstractions that allow Rust code to use kernel functionality written in C, and how to implement functionality in idiomatic Rust that can be called seamlessly from the C portions of the kernel.

> Since Rust is a new language for the kernel, we also have the opportunity to enforce best practices in terms of documentation and uniformity. For example, we have specific machine-checked requirements around the usage of unsafe code: for every unsafe function, the developer must document the requirements that need to be satisfied by callers to ensure that its usage is safe; additionally, for every call to unsafe functions (or usage of unsafe constructs like dereferencing a raw pointer), the developer must document the justification for why it is safe to do so.

> We'll now show how such a driver would be implemented in Rust, contrasting it with a C implementation. [...]

This guide with unsafe rust that calls into the C, and then with next gen much safer rust right next to it would be a helpful resource too.

What of the post-docker container support (with userspaces also written in go) should be cloned to rust first?

Rust-for-Linux issue tracker

Yes, I definitely agree that it's a problem that pr_info implicitly wraps its arguments in unsafe {}. I wrote my own Pull Request with a trival fix.

Note that this template won't work with Linux 6.1, which has very minimal Rust support. You'll want the RustForLinux tree, or maybe Linux 6.2.

You can join Rust for Linux zulip chat by requesting invite using the link in https://github.com/Rust-for-Linux/linux 's README.