While Rust is viewed as a memory safe and robust programming language, there is the "unsafe" keyword within Rust that can be used for unsafe code that grants "unsafe superpowers" for the language. As dealing with Rust at low-levels as the Linux kernel can lead to needing to use "unsafe" Rust at times, a documentation standard has been proposed for dealing with such code inside the kernel.

Benno Lossin has proposed a set of patches for introducing a Rust Safety Standard for the kernel. Lossin explains of the Rust Safety Standard effort:

"`unsafe` Rust code in the kernel is required to have safety documentation. This is to ensure the correctness of `unsafe` code and is thus very important. However, at this point in time there does not exist a standard way of writing safety documentation. This leads to confusion, as authors struggle to find the right way to convey their desired intentions. Readers similarly struggle with correctly interpreting the documentation; it's the wild west.

To alleviate this issue and to raise the quality of safety documentation, this patch series introduces a standard way of writing safety documentation.

Because creating a standard for every possible requirement is a tall task, this series starts off very small. I hope to start more discussion, in order to find the best form of safety documentation for the kernel."

This Rust Safety Standard is initially comprised of an overview, various code examples, safety requirements, justifications, and other items to be expanded upon moving forward.

Those interested in learning more about the Rust Safety Standard for the kernel can see [1]these RFC patches with the tentative documentation in full.



[1] https://lore.kernel.org/lkml/20240717221133.459589-1-benno.lossin@proton.me/