
The Linux kernel, the very heart of countless devices worldwide, is at a pivotal moment. According to Greg Kroah-Hartman, the highly respected stable kernel maintainer, Rust is no longer an experiment but a fundamental part of Linux’s future, signaling a significant shift away from C for new development.
Speaking at the Open Source Summit India 2026, Kroah-Hartman declared, “The [Linux] kernel is moving toward Rust. Git is moving toward Rust. Lots of projects are starting to move toward Rust.” This bold statement underscores a growing momentum for the modern programming language within critical open-source projects.
From Skeptic to Champion: Why Rust is Reshaping Linux
It wasn’t long ago that Kroah-Hartman himself was a Rust skeptic. He recounts a conversation with a friend who urged him to try Rust, promising it would “make programming fun again.” His initial reaction was staunch loyalty to C, a language he loved and found perfectly enjoyable.
However, that perspective dramatically changed. Kroah-Hartman now admits, “He was right. I should have done it then. Rust is actually fun. It makes programming fun.” He explains that Rust’s advanced features alleviate many common developer headaches, allowing for a focus on logic rather than wrestling with low-level compiler concerns, ultimately leading to better code.
Tackling Kernel Vulnerabilities Head-On
Kroah-Hartman’s advocacy for Rust isn’t just about developer enjoyment; it’s profoundly rooted in enhancing security and reducing the formidable workload of kernel maintainers. With his unique oversight of the Linux kernel CVE process, he highlights a critical challenge: Linux faces approximately 13 CVEs daily and processes nearly nine changes an hour, a relentless pace sustained for over a decade.
He reveals that the vast majority of these vulnerabilities aren’t exotic attacks but rather “simple C mistakes.” These include issues like unchecked pointers, forgotten memory unlocks, and sloppy cleanup paths, which collectively account for the “small, trivial, little bugs” that need fixing constantly. Kroah-Hartman estimates that Rust’s ownership and type system could eliminate 80% of these common CVEs, allowing maintainers to focus on the remaining 20%—the complex logic bugs that truly require human insight.
This efficiency gain is crucial, as Linux boasts over 5,000 developers but relies on a mere 150 core maintainers to review the bulk of the code. Kroah-Hartman emphasizes, “We optimize for reviewers. We don’t optimize for developers.” Rust’s ability to enforce strict locking and lifetime rules at compile time means that if the code builds, reviewers can be confident in its fundamental safety, freeing them to scrutinize the logic and design.
Rust’s Growing Footprint and C’s Evolution
The influence of Rust is already being felt, even within existing C codebases. To ensure safe Rust bindings, kernel maintainers have revisited and improved long-standing C APIs. This has led to the adoption of memory safety features, such as guard and scoped-allocation mechanisms, directly inspired by Rust’s automatic cleanup capabilities.
Kroah-Hartman points out, “We added a lot more memory safety stuff to the kernel and other APIs because we realized Rust showed us we could do that.” This positive feedback loop means that even if Rust were to vanish tomorrow, the kernel’s C code is already more reliable and better for the experience. Furthermore, Rust is fast becoming the default for new work in critical subsystems, particularly those known for their complexity.
For instance, new drivers for demanding areas like the graphics subsystem are increasingly being accepted only in Rust. The Binder IPC mechanism, a core component of billions of Android devices, now features parallel C and Rust implementations, with the C version expected to be phased out soon. This transition will establish the Rust version as the foundational layer for all future Android devices.
Looking Ahead: The Future is Clear
The formal endorsement of Rust as a first-class language within the kernel community marks the end of its experimental phase. Kroah-Hartman reiterated, “The kernel community maintainers came together last year… and we said the Rust experiment is over. It’s real. We’re going to accept this thing going forward.”
However, this doesn’t mean a complete rewrite of the existing Linux kernel in Rust. The focus remains on “new stuff,” with the directive to “leave existing C code alone” unless you are its maintainer. For anyone aspiring to contribute to the kernel today, Kroah-Hartman’s advice is clear: learn Rust, as it offers a safer by-design approach that is becoming increasingly integral to new development.
Embracing change is challenging, especially for a community deeply rooted in C for decades. Yet, Kroah-Hartman’s core message persists: “Rust makes coding fun again.” He believes it allows developers and maintainers to concentrate on creative problem-solving and logic, rather than tedious error prevention.
Ultimately, this shift promises more enjoyable work for maintainers and, crucially, a more secure Linux for users worldwide. And, as always with Linux, “world domination is proceeding as planned.”
Source: ZDNet – AI