[ blog » 2022 » 09_rust-kernel-module ] [PART 3/3] The Colors of Rust (by Philipp Gesang)
2022-09-04
  1. 183 » /
    1. 182 » 2024 Think Big
      1. 181 » Overnighter around Lake Constance and through Tyrol
      2. 180 » FOSDEM 2024
    2. 179 » 2023 till infinity
      1. 178 » The Keeb.io Iris keyboard
      2. 177 » EuroRust 2023
      3. 176 » Spain
        1. 175 » Epilogue
        2. 174 » d28: Sevilla
        3. 173 » d27: Tarifa
        4. 172 » d26: Africa
        5. 171 » d25: Sierra de las Nieves
        6. 170 » d24: The Mediterranean Coast
        7. 169 » d23: Pico del Veleta
        8. 168 » d22: Cordillera Penibetica
        9. 167 » d21: Andalucia
        10. 166 » d20: The Void
        11. 165 » d19: La Mancha
        12. 164 » d18: Madrid
        13. 163 » d17: Segovia
        14. 162 » d16: Valladolid
        15. 161 » d15: Leon
        16. 160 » d14: Alto de l'Angliru
        17. 159 » d13: Lagos de Covadonga
        18. 158 » d12: Picón Blanco
        19. 157 » d11: Bilbao
        20. 156 » d10: Euskadi
        21. 155 » d09: Nafarroa
        22. 154 » d08: Aquitaine
        23. 153 » d07: Col du Tourmalet
        24. 152 » d06: Occitanie
        25. 151 » d05: Mont Aigoual
        26. 150 » d04: Gard
        27. 149 » d03: Mont Ventoux
        28. 148 » d02: Col d'Izoard
        29. 147 » d01: Colle delle Finestre
      4. 146 » Italy and back
      5. 145 » Joining the 300 Club
      6. 144 » Micro-tour South Tyrol
        1. 143 » d3: Toblach to Lienz
        2. 142 » d2: Sterzing to Toblach
        3. 141 » d1: Munich to Sterzing
      7. 140 » First Look at the Librem 5
      8. 139 » Scouting the Alps
    3. 138 » It’s 2022 and we can’t get a break.
      1. 137 » Book: Burn. The Misunderstood Science of Metabolism
      2. 136 » [PART 0/3] Writing a Kernel Module in Rust
        1. 135 » [PART 3/3] The Colors of Rust
        2. 134 » [PART 2/3] A Rusty Module
        3. 133 » [PART 1/3] Corroding the Kernel: CONFIG_RUST=y
      3. 132 » Book: The Voyage of the Beagle
      4. 131 » Norway
        1. 130 » Epilogue
        2. 129 » Norway: A Brief Review
        3. 128 » d27: Wrapping it up
        4. 127 » d26: Eidstod to Langesund
        5. 126 » d25: Hovden to Eidstod
        6. 125 » d24: Odda to Hovden
        7. 124 » d23: Fusa to Odda
        8. 123 » d22: Rutledal to Fusa
        9. 122 » d21: Dragsvik to Rutledal
        10. 121 » d20: Skjolden to Dragsvik
        11. 120 » d19: Heggebottvatnet to Skjolden
        12. 119 » d18: Andalsnes to Heggebottvatnet
        13. 118 » d17: Skei to Åndalsnes
        14. 117 » d16: Trondheim to Skei
        15. 116 » d15: Osen to Trondheim
        16. 115 » d14: Kolvereid to Osen
        17. 114 » d13: Brønnøysund to Kolvereid
        18. 113 » d12: Nesna to Brønnøysund
        19. 112 » d11: Amnes to Nesna
        20. 111 » d10: Bodø to Åmnes
        21. 110 » d09: Hov to Bodø
        22. 109 » d08: Sortland to Hov
        23. 108 » d07: Finnsness to Sortland
        24. 107 » d06: Aboard the MS Vesterålen
        25. 106 » d05: Honningsvåg
        26. 105 » d04: Skaidi to Honningsvåg: North Cape
        27. 104 » d03: Langfjordbotn to Skaidi
        28. 103 » d02: Lyngen to Langfjordbotn
        29. 102 » d01: Tromsø to Lyngen
        30. 101 » d00: Swiss Prelude
      5. 100 » Book: The Science of Self-Control
      6. 99 » Ride: Strasbourg
      7. 98 » Ride: Hessen
      8. 97 » Ride: Ulm
      9. 96 » Ride: Bodensee
      10. 95 » Florence
        1. 94 » Florence pt. II
        2. 93 » Arezzo – Pratomagno – Firenze
        3. 92 » Perugia
        4. 91 » Siena – San Gimignano – Firenze
        5. 90 » Florence pt. I
    4. 89 » Life goes on in 2021
      1. 88 » Italy
        1. 87 » Epilogue
        2. 86 » d28: The Rhine
        3. 85 » d27: The Stelvio
        4. 84 » d26: Isarco and Adige
        5. 83 » d25: The Tre Cime and South Tyrol
        6. 82 » d24: Into the Dolomiti
        7. 81 » d23: The Lagoon
        8. 80 » d22: San Marino and the Adriatic
        9. 79 » d21: Umbria
        10. 78 » d20: Tuscany
        11. 77 » d19: Lazio
        12. 76 » d18: Rome
        13. 75 » d17: The Central Appennino
        14. 74 » d16: Blockhaus
        15. 73 » d15: The Adriatic Coast
        16. 72 » d14: Gargano
        17. 71 » d13: Apulian Countryside
        18. 70 » d12: Campania
        19. 69 » d11: Pompeii
        20. 68 » d10: The Salerno Province
        21. 67 » d09: La Costa di Maratea
        22. 66 » d08: The Coast of Calabria
        23. 65 » d07: Aspromonte
        24. 64 » d06: The Strait of Messina
        25. 63 » d05: Etna
        26. 62 » d04: Southern Sicily
        27. 61 » d03: Akragas
        28. 60 » d02: Segesta
        29. 59 » d01: Palermo
        30. 58 » d00: Odyssee
        31. 57 » d00: Heading South
      2. 56 » Ride: Hohloh
    5. 55 » Entries for 2020
      1. 54 » Cycling the Alps, August 2020
        1. 53 » Epilogue
        2. 52 » d14: Feldkirch to Tübingen
        3. 51 » d13: Brunnen to Feldkirch
        4. 50 » d12: Bern to Brunnen
        5. 49 » d11: Oberwald to Bern – Grimselpass
        6. 48 » d10: Furkapass
        7. 47 » d09: Saillon to Oberwald – The upper Rhone
        8. 46 » d08: Arvier to Saillon – Col du Grand-Saint-Bernard
        9. 45 » d07: Bessans to Arvier – Col de l’Iseran and Col du Petit-Saint-Bernard
        10. 44 » d06: Chianocco to Bessans – Col du Mont Cénis
        11. 43 » d05: Les Alberts to Chianocco – Col de Montgenèvre
        12. 42 » d04: Saint-Michel to Les Alberts – Col du Galibier
        13. 41 » d03: Culoz to Saint-Michel-de-Maurienne
        14. 40 » d02: Le Grand Colombier
        15. 39 » d01: Geneva to Culoz
      2. 38 » Ride: Konstanz and the Swiss Border
      3. 37 » Ride: Hornisgrinde
      4. 36 » Book: The Vital Question
      5. 35 » Mini-Tour Tübingen → Heidelberg, Heidelberg → Tübingen
    6. 34 » Entries for 2019
      1. 33 » A look at the keyboardio split keyboard
      2. 32 » Bicycle touring Great Britain
        1. 31 » UK tour route maps
        2. 30 » d28, France pt. 3: Baerenthal to Karlsruhe
        3. 29 » d27, France pt. 2: Sierck-les-Bains to Baerenthal
        4. 28 » d26, Luxembourg: Bastogne to Sierck-les-Bains
        5. 27 » d25, Belgium pt 3: Dinant to Bastogne
        6. 26 » d24, Belgium pt 2: Geraardsbergen to Dinant
        7. 25 » d23, Belgium pt 1: Krombeke to Geraardsbergen
        8. 24 » d22, France pt. 1: Dover to Krombeke
        9. 23 » d21, England pt. 8: Crowborough to Dover
        10. 22 » d20, England pt. 7: Arundel to Crowborough
        11. 21 » d19, England pt. 6: Salisbury to Arundel
        12. 20 » d18, England pt. 5: Wells to Salisbury
        13. 19 » d17, England pt. 4: Hay-on-Wye to Wells
        14. 18 » d16, Wales pt. 3: Dolgellau to Hay-on-Wye
        15. 17 » d15, Wales pt. 2: Conwy to Dolgellau
        16. 16 » d14, Wales pt. 1: Ormskirk to Conwy
        17. 15 » d13, England pt. 3: Hawes to Ormskirk
        18. 14 » d12, England pt. 2: Alston to Hawes
        19. 13 » d11, England pt. 1: Moffat to Alston
        20. 12 » d10, Scotland pt. 8: Kinross to Moffat
        21. 11 » d09, Scotland pt. 7: Newtonmore to Kinross
        22. 10 » d08, Scotland pt. 6: Inverness to Newtonmore
        23. 9 » d07, Scotland pt. 5: Applecross to Inverness
        24. 8 » d06, Scotland pt. 4: Gairloch to Applecross
        25. 7 » d05, Scotland pt. 3: Ullapool to Gairloch
        26. 6 » d04, Scotland pt. 2: Durness to Ullapool
        27. 5 » d03, Scotland pt. 1: John O'Groats to Durness
        28. 4 » d02, Orkney, day 2
        29. 3 » d01, Orkney
        30. 2 » reaching Orkney
        31. 1 » Experimental first entry

The final objective for this series is to extend the module code from part two to have an actual effect on the system: change the console palette from the default VGA colors to something fancier. The sysctl interface will remain the mode of interacting with userspace but will gain some functionality in the process.

Here’s the plan for part three: The module, now renamed kvtcol, provides a number of predefined color schemes whose palette is hard-coded. It also installs a sysctl at the path dev/tty/kvtcol/scheme, but instead of a single bit it will hold a string with the name of the currently active scheme. Writing a known scheme name to that sysctl causes the corresponding palette to be applied to the kernel console.

Palettes

First we need to define the palettes we want to expose through our sysctl. For simplicity we just take the schemes already defined by vtcol and add them to the module as schemes.rs. The exported items in that file are qualified with pub(crate) so in our module crate we can access them as crate::schemes::*.

The selection of “color schemes” comprises the light and dark variants of the widely used solarized colors, an all green one emulating classic cathode-ray tubes, and a set of dummy colors that is mainly useful for debugging. The function schemes::get_scheme() picks a scheme by its name, returning a shared reference to the static data.

Mutex Idio-sync-rasies

The goal is for schemes to be selectable by their names so we want to store the name of the current scheme in the sysctl. It was already touched on in part two that in the Rust-for-Linux tree the SysctlStorage trait is implemented only for AtomicBool so we will have to provide an implementation for a string type ourselves. For sake of simplicity we will be using a fixed size buffer as the inner type. That array cannot however be used directly as its contents may be mutated from different threads. Furthermore, the functions in SysctlStorage receive shared references to self, forcing us to wrap the backing array in a type that provides interior mutability.

Looking around the toolkit for a replacement for std::sync, the Rust programmer will be happy to find the kernel::sync namespace where Rust wrappers for various kernel synchronization primitives reside, including of course mutexes. However, to those familiar with std::sync::Mutex the Kernel mutexes seem rather unwieldy:

let mtx = Pin::from(Box::try_new(unsafe {
    kernel::sync::Mutex::new(0)
})?);
mutex_init!(mtx.as_ref(), "some::mutex::name");
*mtx.lock() = 1337;

Constructing it is unsafe, requires pinning and a separate initialization step‽ There’s three good reasons already to stay away from these unless one is forced to by the context, e. g. when interacting with C code that has no choice but to use this clunky API.

As an example for the lack of ergonomics, this is what happens if you violate the API contract of kernel::mutex and forget the initialization step:

# dmesg -W
[  255.269231] kvtcol: loading out-of-tree module taints kernel.
[  255.271270] kvtcol: init
[  255.271487] BUG: unable to handle page fault for address: 000000011674ee20
[  255.271619] #PF: supervisor read access in kernel mode
[  255.271756] #PF: error_code(0x0000) - not-present page
[  255.271905] PGD 0 P4D 0
[  255.271973] Oops: 0000 [#1] PREEMPT SMP
[  255.272089] CPU: 0 PID: 811 Comm: insmod Tainted: G           O      5.19.0+ #12

Oops indeed!

Luckily we don’t need to expose the mutex across the FFI so we have the luxury to use the alternative kernel::smutex::Mutex, the “simple mutex”, whose ergonomics are superior to both the kernel mutex and the one from std::sync. Compared to the latter it does away with poisoning which is generally considered a design flaw of the standard library implementation. The smutex version of above example boils down to

let mtx = kernel::sync::Mutex::new(0);
*mtx.lock() = 1337;

No pinning shenanigans, no calling unwrap() on the guard – this is ideal for our use case. It is worth mentioning that smutex does not incur mandatory boxing which is another advantage over std::mutex.

The Storage

To keep the name of the color scheme in the Sysctl struct a type is required that implements SysctlStorage. To recap, in part two we had to switch the signature of the read_value function to take a kernel pointer argument instead of a UserSlicePtrWriter. After this change the trait looks as follows:

pub trait SysctlStorage: Sync {
    fn store_value(&self, data: &[u8]) -> (usize, Result);
    fn read_value(&self, data: &mut [u8]) -> (usize, Result);
}

Where the usize member of the return value refers to the number of bytes in data that have been processed. For store_value() if that value is less than the number of elements in data, the function will be called again until all of the input is handled. For read_value() it indicates to the caller the number of bytes written to the output buffer. (The buffer is allocated with kvzalloc() so it would be safe to read even in read_value().)

The storage type is defined as follows:

struct Storage { data: Mutex<[u8; 0xff]> }

where 255 is just an arbitrary value large enough to not get in the way of scheme names and small enough we don’t have to worry about things like page size.

When the sysctl is written to, the kernel at some point down the call stack invokes store_value() with data pointing to a kernel buffer that contains a copy of the bytes received from user space:

fn store_value(&self, data: &[u8]) -> (usize, Result)
{
    let progress = data.len();
    let data = trim_whitespace(data);

    let name = match core::str::from_utf8(data) {
        Err(e) => {
            pr_err!("invalid utf8 in scheme name: {}\n", e);
            return (progress, Err(EINVAL));
        },
        Ok(name) => name,
    };

    match set_scheme(name) {
        Err(e) => (progress, Err(e)),
        Ok(()) => {
            match self.data.lock().get_mut(..data.len()) {
                None => return (progress, Err(EINVAL)),
                Some(dst) => dst.copy_from_slice(data),
            }
            (progress, Ok(()))
        },
    }
}

Some preprocessing is necessary in order to ensure the input upholds the invariants imposed on Rust strings. The name is then fed into set_scheme() which is left unimplemented for the time being, and if that worked out, we take the mutex and store the name in the inner buffer.

The read_value() operation is a bit less involved as we keep the original bytes around and thus can return them back as-is:

fn read_value(&self, data: &mut [u8]) -> (usize, Result)
{
    let guard = self.data.lock();
    let stop = guard.iter().position(|&b| b == 0u8).unwrap_or(STORAGE_SIZE);
    let value = &guard[..stop];

    match data.get_mut(..value.len()) {
        None => return (value.len(), Err(EINVAL)),
        Some(dst) => {
            dst.copy_from_slice(&value);
        },
    };

    match data.get_mut(value.len()) {
        None => return (value.len(), Err(EINVAL)),
        Some(terminate) => *terminate = b'\n',
    };

    (value.len() + 1, Ok(()))
}

Again much of the complexity arises from the use of non-panicking methods that would be unnecessary if this were a user space application.

Tying all this together we register the storage with the sysctl in kernel::Module::init():

let sysctl = Sysctl::register(
    c_str!("dev/tty/kvtcol"),
    c_str!("scheme"),
    Storage::new(),
    Mode::from_int(0o644),
)?;

and can now store known scheme names in the sysctl but not unknown ones:

# insmod kvtcol.ko
# printf solarized >/proc/sys/dev/tty/kvtcol/scheme
# cat /proc/sys/dev/tty/kvtcol/scheme
solarized
# printf xyzzy >/proc/sys/dev/tty/kvtcol/scheme
-bash: printf: write error: Invalid argument
# cat /proc/sys/dev/tty/kvtcol/scheme
solarized

The next step will discuss the implementation of the set_scheme() which was left open so far.

Reaching the Color Map

The kernel console implementation lives in drivers/tty/vt/vt.c with some type declarations and prototypes in include/ for use in other parts of the kernel and by user space. The user space routines that vtcol calls into through ioctl(2) live in the accessory file vt_ioctl.c. Taking inventory on what APIs the ioctl utilizes directly or indirectly to manipulate the palette, it boils down to two steps: 1. setting the default palette and 2. applying that palette to all active consoles.

1. The Default Palette

The defaults are kept in three static byte arrays, default_red[], default_grn[] and default_blu[], giving the three components for a color index. These symbols are exported too so we can reach them easily from our module:

extern "C" {
    static mut default_red: [u8; 16];
    static mut default_grn: [u8; 16];
    static mut default_blu: [u8; 16];
}

However since they contain globally shared, static data we can’t just access those without precautions. That is, we need to acquire the console lock in order to manipulate them. To ensure we don’t forget to release the lock after we’re done we mediate all access to the console APIs with a safe wrapper function:

extern "C" {
    pub fn console_lock();
    pub fn console_unlock();
}

fn with_console_lock<T>(cb: &dyn Fn() -> Result<T>) -> Result<T>
{
    unsafe { console_lock() };
    let res = cb();
    unsafe { console_unlock() };
    res
}

Access to the arrays still requires an unsafe block and we’re in the kernel, so we refrain from using core::ops::Index to assign values in favor of the get_mut() method:

match unsafe { (default_red.get_mut(i), default_grn.get_mut(i), default_blu.get_mut(i)) } {
    (Some(pr), Some(pg), Some(pb)) => {
        *pr = r;
        *pg = g;
        *pb = b;
    },
    wtf => return Err(EINVAL),
}

The result may look a little awkward but this roundabout way ensures that the module stays clear of panics due to failed bounds checks. Assigning values from the palette chosen by the user concludes the first step. At this point, the colors will be applied to each new console that gets allocated by the kernel. Already active consoles however are not affected yet, this we will look into in the next step.

2. The Live Consoles

In order to get the new palette applied, let’s look one more time at what the ioctl_console(2) commands do under the hood. When PIO_CMAP is passed to the ioctl syscall, the kernel calls con_set_cmap() which, upon setting the defaults, copyies the RGB components one color at a time into the .vc_palette member of each active console’s vc_data struct. Since con_set_cmap() is not exported, it cannot be used in kvtcol.

The active consoles, however, can be accessed, we just have to define the equivalents in Rust:

const MAX_NR_CONSOLES: usize = 63;

#[repr(C)]
#[allow(non_camel_case_types)]
#[allow(non_snake_case)]
pub struct vc
{
    d:        *mut vc_data,
    SAK_work: bindings::work_struct,
}

extern "C" {
    static mut vc_cons: [vc; MAX_NR_CONSOLES];
}

So obviously what we need to do is reimplement the necessary steps in Rust as we did with the default palette.

However there’s a catch: vc_data is bloody enormous. Under ordinary circumstances that would be a job for bindgen but going down that path got hairy pretty quick. vc_data itself recursively references arch dependent types like synchronization primitives – spinlock_t, struct mutex – whose definition reaches the abyssal zone of the kernel in arch/*/include/asm/ and thus are out of limits for generated bindings. Also we can’t reasonably get away with dirty tricks like skipping irrelevant members before vc_palette with padding, as the offset of that member varies depending on the platform.

It would be way out of scope for this article to implement vc_data properly on the Rust side, so we should take a step back and rethink our approach.

Cheating Our Way to Success

There are a few functions that set the active console palettes: con_set_cmap() which was mentioned above; do_con_trol() which handles control characters; and reset_palette() which really only copies the default palette to a console and then updates the VGA driver. From its signature, reset_palette() seems the ideal API for kvtcol:

void reset_palette (struct vc_data *vc);

A pointer to struct vc_data poses no problem as we don’t need to the internals of the pointee. So we wrap it in a zero-sized newtype:

#[repr(transparent)]
#[allow(non_camel_case_types)]
pub struct vc_data(ffi::c_void);

for use as an opaque pointer *mut vc_data. Unfortunately, like the other two symbols reset_palette() is inaccessible from our module. Again it seems that we have reached an impasse.

Reflecting on our goals, we are targeting a rather experimental kernel and in practice we don’t have to worry about our module failing to compile and load on every mainline-ish kernel out there. So with some hesitation we do what every self-respecting kernel vendor would do in our situation and patch the kernel to export reset_palette().

After recompiling the kernel with that line added, we can now iterate the active consoles and offload the job of applying the default scheme to reset_palette():

extern "C" {
    pub fn reset_palette(vc: *mut vc_data);
}

unsafe fn vc_cons_allocated(i: usize) -> bool
{
    unsafe { vc_cons.get(i).map(|con| !con.d.is_null()).unwrap_or(false) }
}

fn set_scheme(name: &str, parm_redraw: bool) -> Result<()>
{
    /* … */
    with_console_lock(&|| {
        unsafe {
            vc_cons
                .iter()
                .enumerate()
                .filter(|(i, _)| vc_cons_allocated(*i))
                .for_each(|(_, vc)| {
                    reset_palette(vc.d);
                });
        }

        /* … */
    })
}

Lots of unsafe in there but that is expected due to the invariants we must uphold: the console lock must be held, we must not access vc_cons[] out of bounds, and reset_palette() requires its argument to point to an initialized console.

Parameters

To finalize this module, let’s briefly touch on the subject of module parameters. Parameters go in the params part of the module!() declaration:

params: {
    set: str {
        default: b"",
        permissions: 0o644,
        description: "Set a color scheme when loading the module",
    },
    redraw: bool {
        default: true,
        permissions: 0o644,
        description: "Redraw the screen after applying the scheme",
    },
},

(Note that the Rust for Linux authors provide an entire sample file showing the various ways of parametrizing a module.)

A C-ish aspect of how parameters are implemented on the Rust end is that they end up being declared as constants with the same name that they are bound to throughout the module. As a consequence of that const-ness, that identifier can interfere with pattern matching. For instance, declaring a module parameter foobar like this:

module! {
    /* … */
    foobar: str {
        default: b"",
        permissions: 0o644,
        description: "test",
    },
}

makes rustc trip over the following:

let foobar = 42;

with a rather cryptic error message:

22 | / module! {
23 | |     type: Vtcol,
24 | |     name: "kvtcol",
25 | |     author: "Philipp Gesang",
...  |
44 | |     },
45 | | }
   | |_- constant defined here
...
56 |               let foobar = 42;
   |                   ^^^^^^   -- this expression has type `{integer}`
   |                   |
   |                   expected integer, found struct `__kvtcol_foobar`
   |                   `foobar` is interpreted as a constant, not a new binding
   |                   help: introduce a new binding instead: `other_foobar`

The reason why this fails is of course that let bindings take a pattern on the left hand side, let <pattern> in <expr>;, and constants are substituted with their values by the compiler – thus in let foobar = 42; we are attempting to match some integer type with a constant struct, which rustc rightly rejects as nonsensical. That behavior can be bit irritating, it would be desirable to at least optionally be able to specify a different identifier for the constant to avoid such conflicts. AFAICs the proc macro that generates the parameter implementations does not allow for that possiblity yet.

As for the two parameters set and redraw we can now access them in the initializer function, which requires locking for values that can’t be atomically read:

let parm_redraw = {
    let lock = module.kernel_param_lock();
    let parm_set = set.read(&lock);
    let parm_set = core::str::from_utf8(parm_set)?;
    let parm_redraw = *redraw.read(&lock);

    if !parm_set.is_empty() {
        set_scheme(parm_set, parm_redraw)?;
    }
    parm_redraw
};

Note how we bind the inner value of set to parm_set to avoid the clash with the constant set. The semantics are simple: redraw=1 makes kvtcol call redraw_screen() after setting the palette to switch the entire visible area to the new palette and not just the regions that are updated afterwards. set=FOO applies the scheme FOO, if known to the module, immediately during initalization:

# insmod kvtcol.ko set=garbage redraw=0
insmod: ERROR: could not insert module kvtcol.ko: Invalid parameters
# insmod kvtcol.ko set=solarized redraw=0

Wrapping it Up

This third and final part of the series concludes with a functional module for changing the console palette to one of five predefined schemes. In the process it was shown how in kernel space some concepts can work differently from user space Rust – notably synchronization primitives and dynamic allocation – and how to access the functionality that is already implemented on the C side of things from Rust. Finally, parameters were added to allow the module to behave in different ways depending on the arguments it receives from the kernel command line, insmod, modprobe and the likes. Also, certain pitfalls were discussed like forgetting to initialize a kernel mutex, the lack of an exported symbol and interference from module parameter names.

The Rust for Linux project has already reached a solid level of maturity. Its scope, as this series of articles hopefully showed, extends beyond the mere integration of the Rust compiler into the Linux toolchain. The set of tools and convenience features it provides make for a very ergonomic and seamless programming experience, at least as far as writing modules is concerned.

Here’s hoping for a speedy merge with v6.1!

gallery

gallery image thumbnail gallery image thumbnail