Richard Bucker

Rust in the Linux Kernel

Posted at — Jun 18, 2021

Google has been telegraphing that it’s going to accept or start working with rust in the Android kernel and now there are echos that this may extend to mainstream Linux.

WTF?

Philosophically I think it does not matter what the syntax in the kernel is. Given my personal experience at every level of the stack from programming PAL to tcl scripting and all points in between … the idea that a true full stack developer needs to know about 20 to 30 languages, patterns, APIs, and hardware means that there is a huge amount of tech debt that “we” acquire over time.

it’s seriously complex to add another language to the kernel without shims

Back in the day when most operating systems were converting from 16 to 32 bit and later 64 bit “we” implemented shim layers. This was code that hooked into the processor as the processor switched modes. It also modified the call-stack and relocated pointers and stack variables from one page to another; among other things. The same was true when using different languages like Pascal which has a different function call signature.

The thing about debugging a kernel written in C is that runtime debuggers or a view of the assembler code made finding the C code that generated it easier because it was predictable. In the late 1980’s I could look at a block of OS/2 presentation manager assembly code and locate the C code that generated it reasonably quickly without symbol tables as was the case at the time.

The problem with the decision to incorporate rust in the kernel may be one of resources and not the kernel bugs that google claims. Google has outed it’s own development staff, code quality and bugs as the reason for endorsing rust in the kernel. The reality is that kernel development is hard and in the olden days one would not be assigned to the kernel team unless you had trained for it.

you would not want your brain or heart surgeon to be a recent grad.

So why do companies like Google assign noobs to key projects? For the same reason why do companies like Ulimate Software seem to hire young people over experienced/seasoned professionals? In my opinion it’s because these freshman are maliable. The hiring managers just like generals want to throw bodies are certain problems leaving the special teams to mop up when things go wrong.

Just like the stock market the greedy public needs to see 30% growth year over year the same dolts need to see the same progress like Moore’s Law applied to software. In the end rust is just syntax when the protections are disabled and they will be. There is no reason why the same protections cannot be applied to standard C or even to the pre-compiler. It’s what we did to get from 16 to 32 bit. The C compiler is in the public domain and is governed by a staunch body.

So I do not care if Rust is in the kernel. Just don’t lie to me. I can see the lies and then I won’t trust you.

PS if you cannot read the assembly and identify the source that it came from then you cannot truly audit the source.