Will there be performance and security improvements?
Performance? Not really no. I believe C is slightly faster with Rust and C++ competing for second place. The benefit is safer code as Rust is built with performance and safety in mind. It highlights what potential errors can be found where making human error way less common. Instead of potential null errors types are wrapped in an option enumerator which ensures you know there can be a lack of a value. Expections are also enumerators done similarly with a result object so you know which functions may fail. Instead of using memory and potentially forgetting to free it we have the ownership system.
How is C faster than C++? Unless you use virtual functions, it’s as performant as C. And you definitely wouldn’t use virtual functions in a kernel.
[This comment has been deleted by an automated system]
Yes, enhanced security is pretty much the entire pitch of Rust. There wouldn’t be any reason for it to result in performance enhancements, though.
[This comment has been deleted by an automated system]
Well, it largely removes an attack surface for memory bugs, which is a huge thing. If we’re writing a big driver (see the Rust driver for the Apple GPU) then suddenly waving hands incoherently 90% or more of the driver (depending) is likely to be much more memory safe and stable. As has been demonstrated with that particular driver already.
I was watching the streams and when it compiled Asahi Lina usually only had to deal with logical type errors, not memory issues, it was basically a great showcase for Rust and memory safely. Unsafe is perfectly fine Rust, but it’s a contract where the developer says to the compiler: “I know you can’t guarantee this block is safe, so I’ll keep a special eye on that, peer review more, test, etc. while you keep an eye on all the other code I can’t fit in my head”. In the case of Linux an Unsafe blocks means “we’ll trust the Linux kernel code we connect to, though review it carefully”.
So saying all safety goes out the window is wrong, see it as a vastly reduced potential for memory problems, better error handling and more stable drivers, as demonstrated by the Apple GPU driver.
[This comment has been deleted by an automated system]