linux/rust/kernel/task.rs
Imported from
_research/manual-study-linux/file-notes/linux__rust__kernel__task.rs.md.
File Notes: rust/kernel/task.rs
Status: reviewed.
Purpose
rust/kernel/task.rs wraps Linux struct task_struct for Rust. It provides
typed access to the current task, task identity, signal state, pid namespaces,
credentials, wakeups, and sleep annotations while preserving C-side lifetime
rules.
Key Types And Functions
current!(): safe macro for borrowing the current task.Task: transparent wrapper aroundbindings::task_struct.CurrentTask: current-context-only task wrapper withNotThreadSafe.PidandKuid: process/user identifier wrappers.Task::current_raw, unsafeTask::current,pid,uid,euid,signal_pending,get_pid_ns,tgid_nr_ns, andwake_up.CurrentTask::mm,active_pid_ns, andgroup_leader.AlwaysRefCounted for Task: bridgesget_task_struct/put_task_struct.might_sleep: Rust-side annotation for sleepable contexts.
Data Flow
current!() creates a scoped temporary reference to CurrentTask from the
raw current task pointer. Task can also be held beyond the current scope
through ARef<Task>, which increments the task refcount through the
AlwaysRefCounted implementation.
Current-task-only APIs borrow data such as the current mm, active pid
namespace, and group leader without taking references when the file can prove
that the borrow cannot outlive the current task context.
Invariants And Safety Contracts
- Every
Taskinstance must be a valid task created by the C kernel. - Task allocations are refcounted with
get_task_struct/put_task_struct. CurrentTaskmust only be accessed from the task context in which it was created.- Returning to userspace,
release_task, andbegin_new_execpermanently leave a current task context. kthread_use_mmcreates a temporary sub-context;NotThreadSafeprevents leakingCurrentTaskacross it.- Shared
Taskaccess is allowed because immutable fields do not change and mutable C-owned fields are synchronized by C code.
Rust Translation Guidance
This is a direct model for Rust wrappers around scheduler/process objects: separate “the current task in this dynamic context” from “a refcounted task handle”. A Rust-first kernel should encode context-sensitive access in types instead of letting every API accept a generic task pointer.
Use NotThreadSafe-style markers for values that must not cross task,
thread, or temporary context boundaries. Pair refcounted long-lived handles
with short borrowed handles to avoid unnecessary increments in hot paths.
AI-Native Systems Guidance
Agent systems should distinguish ambient context from durable handles. An agent action running “as current task/session/workspace” should not be allowed to leak that authority into detached work unless it explicitly converts to an audited refcounted handle. This maps cleanly onto scoped permissions, capability leases, and cancellation.
Evidence
rust/kernel/task.rs:33-49:current!()macro and context-safety comments.rust/kernel/task.rs:51-59:Taskwrapper invariants.rust/kernel/task.rs:95-107:Taskrepresentation andSend/Syncsafety.rust/kernel/task.rs:109-136:CurrentTaskpurpose and context invariants.rust/kernel/task.rs:156-198: raw current task access and unsafe current reference contract.rust/kernel/task.rs:206-270: task property, pid namespace, and wakeup APIs.rust/kernel/task.rs:273-345: current-task-onlymm, pid namespace, and group leader access.rust/kernel/task.rs:349-361:AlwaysRefCountedimplementation.rust/kernel/task.rs:413-435: sleepable-context annotation.