Linux kernel modules in safe Rust
For most purposes, if you're interested in writing Linux kernel modules in Rust, you should look at https://github.com/Rust-for-Linux/linux, which is an effort to contribute that process to the upstream kernel.
This is a framework for writing loadable Linux kernel modules in Rust, using safe abstractions around kernel interfaces and primitives.
For more information on the motivation and goals for this project, check out our presentation at Linux Security Summit North America 2019 and the video on YouTube. We're immediately focusing on making this project viable for out-of-tree modules, but we also see this project as a testing ground for whether in-tree components could be written in Rust.
There is a simple demo module in the hello-world directory, as well as various other examples in the tests/ directory.
We run bindgen on the
kernel headers to generate automatic Rust FFI bindings. bindgen is
powered by Clang, so we use the kernel's
own build system to determine the appropriate CFLAGS. Then we write safe
bindings to these types (see the various files inside
Each kernel module in Rust lives in a
staticlib crate, which generates
.a file. We pass this object to the Linux kernel's own module build
system for linking into a
The kernel is inherently multi-threaded: kernel resources can be
accessed from multiple userspace processes at once, which causes
multiple threads of execution inside the kernel to handle system calls
(or interrupts). Therefore, the
KernelModule type is
so all data shared by a kernel module must be safe to access
concurrently (such as by implementing locking).
We're currently only running CI on Linux 4.15 (Ubuntu Xenial) on amd64, although we intend to support kernels from 4.4 through the latest release. Please report a bug (or better yet, send in a patch!) if your kernel doesn't work.
Other architectures aren't implemented yet, but should work as long as
there's Rust and LLVM support - see #112
for expected status. They'll need
src/c_types.rs ported, too.
You'll need to have Rust - in particular
Rust nightly, as we use some unstable
and Clang installed. You need LLVM/Clang 9
(released September 2019) or higher for multiple reasons, primarily
asm goto. If you're on Debian, Ubuntu, or a derivative,
https://apt.llvm.org is great.
If the binary named
clang is too old, make sure to set the
CLANG environment variable appropriately, e.g.,
Very recent kernels may require newer versions of Clang - try Clang 11 if older versions don't work for you.
- Install clang, kernel headers, and the
apt-get install llvm clang linux-headers-"$(uname -r)" # or the equivalent for your OS rustup component add --toolchain=nightly rust-src rustfmt
- cd to one of the examples
- Build the kernel module using the Linux kernel build system (kbuild), this
cargoto build the Rust code
- Load and unload the module!
sudo insmod helloworld.ko sudo rmmod helloworld dmesg | tail