Linux Kernel Uses Rust to Check Unsafe Data Starting August 2025

Linux kernel is adding a new way to handle unsafe data using Rust. This is a change to make systems safer by checking data from outside sources more carefully.
By Newsroom | Technology, Operating Systems |

A New Approach to Data Integrity Emerges

The Linux kernel is investigating the use of Rust to manage "untrusted data," a move signaling a deeper integration of the memory-safe language within the core of the operating system. This development focuses on creating an API that explicitly differentiates between data originating from potentially hostile sources and data the system can inherently trust. This approach aims to bolster security by enforcing stricter validation at the boundaries where external input meets internal processing.

The core idea, as detailed in ongoing discussions and patch sets, involves defining distinct types to represent data. For instance, Untrusted<HTMLText> could signify HTML content received from an external source, which then requires explicit validation before being transformed into a trusted HTMLText type. Similarly, Untrusted<SQLText> would represent untrusted SQL input, needing similar rigorous checks.

  • This mechanism proposes that functions would then operate on these validated, trusted types, rather than raw, unscrutinized data.

  • This shifts the burden of proof for data safety to the point of entry, rather than relying on scattered checks throughout the codebase.

The Rust Integration: A Gradual Infiltration

The inclusion of Rust within the kernel has been a subject of considerable debate and development over time. This untrusted data API represents a specific, practical application of Rust's capabilities within this complex environment.

Read More: Zhou Qunfei sits with Musk and Cook at State Dinner

  • August 14, 2025, saw the circulation of a patch set titled "[PATCH v4 0/4] Untrusted Data API," with key contributors including Benno Lossin, Greg KH, and Miguel Ojeda.

  • This patch series is understood to lay the groundwork for the basic untrusted data API.

  • Subsequent patches, such as '[PATCH v4 2/4] rust: create basic untrusted data API,' appear to be incremental steps in building out this functionality.

The low priority status on some of these patches doesn't necessarily indicate a lack of importance but may reflect the phased approach to integrating new features into the kernel.

Background: Security and the Kernel

The Linux kernel, a foundational piece of many computing systems, is a constant target for security vulnerabilities. A significant class of these exploits arises from the improper handling of data received from external sources. Traditional C programming, while powerful, can be prone to memory-related errors that attackers exploit.

Rust, with its emphasis on memory safety guaranteed at compile time, offers a compelling alternative for certain aspects of kernel development. The untrusted data API initiative appears to be a pragmatic way to leverage Rust's strengths to address a well-known class of security risks within the kernel's existing architecture. The explicit typing and validation framework proposed would essentially force developers to confront the origin and trustworthiness of data, potentially reducing the attack surface.

Read More: Ubuntu Adds AI Features Slowly in 2026, Not an AI Product

Frequently Asked Questions

Q: Why is the Linux kernel looking at using Rust for data handling?
The Linux kernel is exploring Rust to better handle 'untrusted data,' which is data coming from outside sources that might be unsafe. This is to improve security.
Q: How will Rust help check unsafe data in the Linux kernel?
A new system called an API will use Rust to clearly mark data from outside sources. This data will need to be checked carefully before the system uses it, making it safer.
Q: When did this Rust data checking idea start for the Linux kernel?
Discussions and initial code changes for this new system were seen in patch sets around August 14, 2025. Key people like Benno Lossin and Greg KH were involved.
Q: What is 'untrusted data' in the Linux kernel?
Untrusted data is information that comes into the system from places you cannot fully trust, like user inputs or network connections. The new Rust system aims to make sure this data is safe before it's used.
Q: What is the main goal of using Rust for this new data checking system?
The main goal is to make the Linux kernel more secure by preventing attacks that happen when unsafe data is not handled correctly. Rust's safety features help with this.