[$] Standards for use of unsafe Rust in the kernel

Rust is intended to let programmers write safer code.But compilers arenot omniscient, and writing Rust code that interfaces with hardware (or thatworks with memory outside of Rust's lifetime paradigm) requires, atsome point, the programmer's assurance that some operations are permissible. Benno Lossinsuggested addingsome more documentation tothe Rust-for-Linux project clarifying thestandards for commenting uses of unsafe in kernel code. There's generalagreement that such standards are necessary, but less agreement on exactly whenit is appropriate to use unsafe.