Greg Kroah-Hartman, one of the primary Linux kernel developers, views the Rust programming language as a critical solution to the persistent security vulnerabilities inherent in C code. While Linux currently boasts 36 million lines of C, the 113,000 lines written in Rust represent a strategic shift. Rust addresses the most common failures in the kernel by automating resource management and error handling, which previously relied on manual human review.
The shift to Rust offers several transformative benefits for the operating system:
- Compile-time safety: Rust captures bugs during compilation rather than at runtime, preventing unstable code from ever reaching the user.
- Automated resource management: It eliminates a high percentage of memory-related vulnerabilities that are notoriously difficult to track in C.
- Error-handling reduction: By enforcing stricter logic, it simplifies how the kernel reacts to unexpected hardware or software states.
By moving to this language for new code, developers could potentially eliminate 60% of kernel failures. Despite this efficiency, there are no immediate plans for a full rewrite of the existing infrastructure. The strategy is pragmatic: leave the established 36 million lines of C as they are and prioritize Rust for new modules and features to ensure the future of Linux security is fundamentally more robust.
