Arm Cortex M3 and up cores usually have 'Memory Protection Units'. The MPU allows you to set permissions on memory regions and gives basic kernel/application isolation.
MMU simply provides (~8) variably sized windows with RWX-type permissions.
....and indeed, this is the real protection here. Malicious code or badly-behaved code does not care that you've written the kernel in Rust, its simply a bunch-of-opcodes.
The Rust stuff is nice... but meh for security/robustness.
