[RFC][PULL][L/unstable] enable Rust support in the kernel

Andrea Righi andrea.righi at canonical.com
Fri Feb 17 09:57:18 UTC 2023 

BugLink: https://bugs.launchpad.net/bugs/2007654

[Impact]

Rust support has been merged starting with linux 6.1.

This support allows to write external kernel modules using the Rust
language. Modules written in this way are linked against the linux
kernel and can be loaded/unloaded like any other .ko module.

Main advantages of writing modules in Rust are:
 - memory safety:
   - no out of bounds accesses
   - no use after free
   - data race safety
 - strongly typed and statically typed
 - code extremely compact

Roughly 70% of the security issues that the MSRC assigns a CVE to are
memory safety issues:
 - Rust allows to write more secure and robust kernel code (reduce
   kernel CVEs)

We should provide a Rust-enabled kernel so that people have the
possibility to implement their own external kernel modules in Rust.

[Test case]

Build the following "hello world" test module:

== hello_rust.rs ==

// SPDX-License-Identifier: GPL-2.0

//! Rust hello world example.

use kernel::prelude::*;

module! {
    type: HelloRust,
    name: "hello_rust",
    author: "Andrea Righi <andrea.righi at canonical.com>",
    description: "Rust hello world example",
    license: "GPL",
}

struct HelloRust {
}

impl kernel::Module for HelloRust {
    fn init(_module: &'static ThisModule) -> Result<Self> {
        pr_info!("Hello from Rust\n");

        Ok(HelloRust { })
    }
}

impl Drop for HelloRust {
    fn drop(&mut self) {
        pr_info!("Goodbye from Rust\n");
    }
}

== Makefile ==

NAME=hello_rust

ifndef KERNELRELEASE
ifndef KDIR
KDIR:=/lib/modules/`uname -r`/build
endif
PWD := $(shell pwd)

all:
	$(MAKE) -C $(KDIR) M=$(PWD) modules
install:
	$(MAKE) -C $(KDIR) M=$(PWD) modules_install
clean:
	rm -f *.o *.ko *.mod* .*.cmd *.d Module.symvers modules.order
	rm -rf .tmp_versions
else
obj-m := $(NAME).o
endif

[Fix]

Building the Rust support in the kernel requires specific versions of
the Rust compiler and bindgen utility, same to build the external
modules in Rust):
   - rustc 1.62.0
   - bindgen 0.56.0
   - clang/llvm (already required by BPF)

Archive should provide these versions (ideally with a version suffix to
avoid conflicting with the stock versions, e.g., rustc-1.62 and
bindgen-0.56).

In addition to that the kernel needs some packaging adjustments to use
these special toolchain binaries and some special (not yet upstream)
patches that would allow to enable mandatory features required in our
generic kernel, such as:

 UBUNTU: SAUCE: allows to enable Rust with modversions
 UBUNTU: SAUCE: modpost: support arbitrary symbol length in modversion
 UBUNTU: SAUCE: scripts: Exclude Rust CUs with pahole
 UBUNTU: SAUCE: rust: allow to use INIT_STACK_ALL_ZERO

With all of the above we can enable CONFIG_RUST in the kernel and
provide support to build external modules (.ko) using Rust.

[Regression potential]

We may see build regressions due to the inavailability of the proper
toolchain versions. Moreover these toolchain dependencies need to be
maintained, making sure to be always aligned with upstream requirements,
when stable updates are applied to the kernel.

Moreover, hwe kernels require special attention, since this feature
won't be available in old releases (unless the proper toolchain
requirements are met).

---

The following changes since commit d9b7b8e8ff0d9d0e5f12286daba52f7f7b7fc6f9:

  UBUNTU: Ubuntu-unstable-6.2.0-9.9 (2023-02-13 09:32:18 +0100)

are available in the Git repository at:

  git+ssh://arighi@git.launchpad.net/~arighi/+git/linux 8e13a7e997f14aca6afaa2e18895dd6200b02411

for you to fetch changes up to 8e13a7e997f14aca6afaa2e18895dd6200b02411:

  UBUNTU: [Config] enable Rust support (2023-02-17 10:47:50 +0100)

----------------------------------------------------------------
Andrea Righi (11):
      UBUNTU: [Packaging] propagate makefile variables to kernelconfig
      UBUNTU: SAUCE: rust: fix regexp in scripts/is_rust_module.sh
      UBUNTU: SAUCE: scripts: rust: drop is_rust_module.sh
      UBUNTU: SAUCE: rust: allow to use INIT_STACK_ALL_ZERO
      UBUNTU: SAUCE: allows to enable Rust with modversions
      UBUNTU: SAUCE: rust: properly detect the version of libclang used by bindgen
      UBUNTU: [Packaging] rust: add the proper make flags to enable rust support
      UBUNTU: [Packaging] add rust dependencies
      UBUNTU: [Packaging] bpftool: always use vmlinux to generate headers
      UBUNTU: [Packaging] run rustavailable target as debugging before build
      UBUNTU: [Config] enable Rust support

Gary Guo (1):
      UBUNTU: SAUCE: modpost: support arbitrary symbol length in modversion

Martin Rodriguez Reboredo (1):
      UBUNTU: SAUCE: scripts: Exclude Rust CUs with pahole

 arch/powerpc/kernel/module_64.c  |  3 ++-
 debian.master/config/annotations | 20 +++++++++++++++++---
 debian.master/control.stub.in    |  7 +++++++
 debian/rules.d/0-common-vars.mk  |  1 +
 debian/rules.d/1-maintainer.mk   |  4 ++--
 debian/rules.d/2-binary-arch.mk  |  6 ++++++
 debian/scripts/misc/kernelconfig |  2 +-
 include/linux/module.h           |  6 ++++--
 init/Kconfig                     |  3 +--
 kernel/module/version.c          | 21 +++++++++------------
 lib/Kconfig.debug                |  9 +++++++++
 rust/Makefile                    | 13 +++++++++++++
 rust/macros/module.rs            |  2 +-
 scripts/Makefile.modfinal        |  2 --
 scripts/export_report.pl         |  9 +++++----
 scripts/is_rust_module.sh        | 16 ----------------
 scripts/mod/modpost.c            | 33 +++++++++++++++++++++++----------
 scripts/pahole-flags.sh          |  4 ++++
 scripts/rust_is_available.sh     |  4 +---
 19 files changed, 106 insertions(+), 59 deletions(-)
 delete mode 100755 scripts/is_rust_module.sh

More information about the kernel-team mailing list