Post Syndicated from daroc original https://lwn.net/Articles/982868/

Rust is intended to let programmers write safer code.
But compilers are
not omniscient, and writing Rust code that interfaces with hardware (or that
works with memory outside of Rust’s lifetime paradigm) requires, at
some point, the programmer’s assurance that some operations are permissible. Benno Lossin

suggested adding
some more documentation to

the Rust-for-Linux project clarifying the
standards for commenting uses of unsafe in kernel code. There’s general
agreement that such standards are necessary, but less agreement on exactly when
it is appropriate to use unsafe.