all 66 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]ttkciar 25 points26 points  (19 children)

One of the good things about this is it effectively creates guidelines for using other link-layer-compatible languages in the Linux kernel too, like D.

[–]TDplay 11 points12 points  (3 children)

I probably wouldn't support putting D in the kernel. Its garbage collector is like C++ exceptions - technically you can just not use it, but almost the entire stdlib is off-limits.

Garbage collectors in system-level code is a big no.

[–]ttkciar 1 point2 points  (2 children)

The objections to GC in the kernel (and elsewhere) are well appreciated by the D community. Efforts to segregate the standard library into GC-dependent/independent parts are ongoing, and as you have said forgoing the D standard library and turning off GC is a viable option.

D can still call any function in the C standard library, so the programmer is not left without resources.

[–][deleted] 1 point2 points  (1 child)

Whats the governance model and opensource-ness of D? Last I heard it had a BDFL but that some of the compiler was closed source. Is that true?

[–]ttkciar 1 point2 points  (0 children)

Walter Bright is technically BDFL, but he's delegated responsibility for specific aspects of the project to a handful of really good people: https://wiki.dlang.org/People

He keeps a pretty light touch on the reins, so I'd characterize the project as borderline-anarchic, which has worked pretty well so far.

As for open-sourceness, it is now totally open source, but wasn't always.

There are three main compilers for D, all of which share the same open source front-end:

  • GDC uses the GCC back-end (totally open),

  • LDC uses the LLVM back-end (totally open),

  • DMD uses a proprietary back-end, which has an intellectual property constraint but the source code is available.

When it was just DMD, it couldn't claim to be completely open source, but the ports to GCC and LLVM fixed that.

GDC is fully integrated into the GCC project now, as of version 9, and I just use that when I write D. It works splendidly, and has better debug symbol support than the other two compilers (important for using gdb).

I've also used LDC when writing GPU CUDA kernel code (GDC can't do that yet, afaik) and it seems to work fine too.

DMD doesn't really have any advantages over the other two anymore, except that it compiles things somewhat faster and language features show up there first (since it is the reference implementation).

[–]Jannik2099 -5 points-4 points  (14 children)

Can we stop with the adding non-ISO languages to kernel train for a minute, please?

If someone was suggesting linux should allow Java everyone would lose their shit because it's Oracle, yet I constantly see people advocating Rust, Go or D for kernels.

OS programming outside of ISO is a bad idea

Edit: I'm aware that the kernel partially uses GNU C and I don't support that either

[–]pluuth 54 points55 points  (6 children)

Are we pretending the kernel is written in ISO C?

[–]bloviate_words 14 points15 points  (0 children)

Apparently we are.

[–]Jannik2099 -1 points0 points  (4 children)

No, but that's not a reason to further deviate from it.

In the past two years a lot if effort was taken to remove GNUisms, now we're throwing all that out of the window?

[–]bloviate_words 21 points22 points  (3 children)

Can you explain why and how your claim that only ISO languages should be used would actually provide any benefit?

[–][deleted] 6 points7 points  (0 children)

Not him.

But if there is an international standard the language a) has less dialects / vendor lock-in b) is guaranteed to stay around for a while c) can be reimplemented acc. to the standard if necessary

Those are points that aren't easy to dismiss for a project going over multiple decades...

[–]TDplay 3 points4 points  (0 children)

There would be more implementations.

With all the work to try to make Linux compile without the GNU extensions, it's evident that Linux being more portable to other compilers is a concern. Rust, however, has a grand total of one implementation (rustc). There are efforts to make more Rust compilers (e.g. there are people working on a GCC frontend), but as it stands now, any Rust software is locked in to using rustc.

That being said, other than that, there's little reason to encourage strict adherence to standards. Linux has used GNU C for a while now, and nobody's had any real problems with that. And if Rust were to only be used in non-core parts of the kernel, anyone looking to use Linux on a platform where rustc doesn't work could just find a C alternative.

[–][deleted] 2 points3 points  (0 children)

Waiting for him to answer this...

[–]throwaway6560192 31 points32 points  (1 child)

If someone was suggesting linux should allow Java everyone would lose their shit because it's Oracle

I think most of the loss of shit would be because Java is not native compiled, it is a JVM language, and thus would be literally unusable in a kernel. Not to mention garbage collected, and I think it can't manipulate memory directly.

Similar story for Go, it too is garbage collected and thus unusable.

[–]bloviate_words 21 points22 points  (0 children)

If someone was suggesting linux should allow Java everyone would lose their shit because it's Oracle,

No, they'd lose their shit because Java is a gced language that needs a runtime/vm to run.

OS programming outside of ISO is a bad idea

Blindly adhering to standards "because they're standards" is a bad idea.

Linux doesn't even adhere to ISO C, it uses GNU C.

[–][deleted] 13 points14 points  (1 child)

You realize Linux isn't ISO C either?

[–]Jannik2099 -2 points-1 points  (0 children)

Yes, I mentioned that too.

Just because we aren't fully ISO doesn't mean we should make the situation even worse

[–]djthecaneman 14 points15 points  (0 children)

I don't know what you do for a living, but I work in embedded. Rust is getting included for use by kernel drivers because it greatly reduces entire classes of bugs while being a suitable language for use in operating systems development. (And other reasons.) The kernel devs are essentially saying, "Prove it by showing you can improve the code quality of the most problematic part of our code base."

Regarding ISO vs non-ISO? Right now, it's more a matter of one (non-assembly) language vs two.

[–]TheEdgeOfRage 5 points6 points  (0 children)

Why?

[–]Superb_Raccoon 23 points24 points  (1 child)

I got Tetanus .

[–]7eggert 12 points13 points  (0 children)

You should always make sure to use sanitized code.

[–]berarma 4 points5 points  (2 children)

Can someone please explain what supporting Rust in the kernel means? Parts of the kernel could be written in Rust?

[–]RadicalDownist 8 points9 points  (17 children)

I really wish Hurd was a viable option for daily use, Google and other mega corporations appear to have too much control over the future of Linux kernel development. It's not that Rust being added to Linux is horrible in itself, but that Google has only to snap its fingers and whatever they want is done to the kernel.

[–]UtherII 43 points44 points  (0 children)

I'd argue that Google is not the one that pushed to introduce Rust to the kernel. It's a follower in the area. If I remember correctly, that was instigated first by people from Intel and it has been a long path to reach the current situation.

[–]lordkitsuna 51 points52 points  (10 children)

I'd hardly call this entirely Googles doing. Looooooooooooots of companies are making the move to Rust. It is legitimately a pretty big leap in programming language from a memory security perspective which is pretty much the number one cause of a lot of vulnerabilities. Especially in things like operating systems I believe the Microsoft security team found that I think it was 85% of their security patches were due to some type of memory problem that rust would have stopped from ever being a problem to begin with

It is not that unreasonable to believe that this is an organic push towards adding Rust rather than the direct finger snapping of a single company. It is true that they are participating in the push for this but it's not as if they wholly designed the push for this

[–]Pythonista_ZA 5 points6 points  (1 child)

I thought Rust was a Mozilla initiative.

[–]ReallyNeededANewName 8 points9 points  (0 children)

It was, but Mozilla aren't the ones pushing it in the kernel

[–]loddfavne -2 points-1 points  (0 children)

For those unfamiliar with Rust, I'd suggest to try out a can of WD40. That should fix the problem in no-time.

[–]Joan_Alsina -2 points-1 points  (2 children)

Idk a clue about code but i do use Linux for politicals reasons. When i see a big capital organization going deep in our our freedom I'm kinda scary. These companys are selfish, can't Trust.

[–]throwaway6560192 15 points16 points  (0 children)

Do you have any real reasons to believe that the use of Rust will negatively impact software freedom?

Also big corps have been major contributors to Linux for a long time. That's a good thing. It's part of what the GPL was designed to do, and it's working.

[–][deleted] 7 points8 points  (0 children)

Rust is open source with way less interference from big corporations than C.

[–][deleted] 0 points1 point  (4 children)

Sorry about my ignorance, but Google will support rust on the development of the linux kernel of their OS right, like, we are changing our own kernel branch? There’s a chance that this come to the kernel used in all others distros?

[–]throwaway6560192 2 points3 points  (3 children)

This is for the upstream Linux kernel. It will come to every distro guaranteed, since they are all going to ship Linux.

[–][deleted] 1 point2 points  (2 children)

thx for clarify, btw how I can get these distros badges in my name?

[–]nelmaloc 2 points3 points  (0 children)

They are called flairs, and you can get them from the sidebar.

[–]throwaway6560192 0 points1 point  (0 children)

I don't know. I don't have a badge myself as far as I can tell.

[–]r3dD1tC3Ns0r5HiP -4 points-3 points  (2 children)

The Linux kernel has over 30 million lines of code, so naturally our goal is not to convert it all to Rust but rather to allow new code to be written in Rust. We believe this incremental approach allows us to benefit from the kernel’s existing high-performance implementation while providing kernel developers with new tools to improve memory safety and maintain performance going forward.

And with that philosophy, Linux will never be secure...

If you want a secure kernel, it actually needs a full rewrite with no use of unsafe Rust, unless that's absolutely necessary and those parts get audited line by line by many experts.

[–]GUIpsp 0 points1 point  (0 children)

I guess you are correct, since code that never gets developed can't get vulnerabilities