Rust in Linux's Kernel 'is No Longer Experimental'

Steven J. Vaughan-Nichols files this report from Tokyo:At the invitation-only LinuxKernel Maintainers Summit here, the top Linux maintainers decided, as Jonathan Corbet, Linux kernel developer, put it, "The consensus among the assembled developers is that Rustin the kernel is no longer experimental - it is now a core partof the kernel and is here to stay. So the 'experimental' tagwill be coming off." As Linux kernel maintainer Steven Rosted toldme, "There was zero pushback." This has been a long time coming. This shift caps five years ofsometimes-fierce debate over whether the memory-safe language belonged alongside C at the heart of the world's most widely deployed open source operating system... It all began when AlexGaynor and GeoffreyThomas at the 2019 Linux Security Summit said that abouttwo-thirds of Linux kernel vulnerabilities come from memory safetyissues. Rust, in theory, could avoid these by using Rust'sinherently safer application programming interfaces (API)... In those early days, the plan was not to rewrite Linux in Rust; it still isn't, but to adopt it selectively where it can provide themost security benefit without destabilizing mature C code. In short,new drivers, subsystems, and helper libraries would be the firsttargets... Despite the fuss, more and more programs were ported to Rust. ByApril 2025, the Linux kernel contained about 34 million lines of Ccode, with only 25 thousand lines written in Rust. At the same time,more and more drivers and higher-level utilities were being writtenin Rust. For instance, the Debian Linux distro developers announcedthat going forward, Rustwould be a required dependency in its foundationalAdvanced Package Tool (APT). This change doesn't mean everyone will need to use Rust. C isnot going anywhere. Still, as several maintainers told me, theyexpect to see many more drivers being written in Rust. In particular,Rust looks especially attractive for "leaf" drivers (network,storage, NVMe, etc.), where the Rust-for-Linuxbindings expose safe wrappers over kernel C APIs. Nevertheless, for would-be kernel and systems programmers, Rust'snew status in Linux hints at a career path that blends deepunderstanding of C with fluency in Rust's safety guarantees. Thiscombination may define the next generation of low-level developmentwork.

Read more of this story at Slashdot.