Josh Triplett, who works at Intel and is on the committee that oversees the development of Crates.io, in his speech at the Open Source Technology Summit working group aimed at bringing Rust to parity with C in the field of systems programming.
In a working group that is in the process of being created, the Rust developers, together with engineers from Intel, will prepare specifications that define the functionality that needs to be implemented in Rust for system programming. System programming often requires low-level manipulation, such as executing privileged processor instructions and obtaining detailed information about the processor's state. Of the similar features already being developed for Rust, support for unnamed structures, unions (union), assembler inserts (macro βasm!β) And the BFLOAT16 floating point number format are noted.
Josh believes that Rust is the future of systems programming, and the C language in modern realities claims to be the place that assembler occupied in past years. Rust
not only relieves developers from the problems inherent in the C language that arise due to low-level memory management, but also provides an opportunity to use modern programming paradigms in the development.
During the Performances
Josh came up with the idea of ββadding the ability to develop drivers in Rust to the Linux kernel, which would allow, with minimal effort, to create safer and better drivers, free from such problems as accessing a memory area after it is freed, dereferencing null pointers and buffer overruns.
Greg Kroah-Hartman, who maintains the stable branch of the Linux kernel, expressed his willingness to add a framework for developing drivers in Rust to the kernel if it has real advantages over C, for example, it will provide secure bindings over kernel API. In addition, Greg considers this framework only as an option, not active by default, so as not to include Rust as a build dependency for the kernel.
It turned out that several teams are already working in this direction. For example, developers from Fish in a Barrel a toolkit for writing loadable modules for the Linux kernel in Rust, using a set of abstract layers over interfaces and kernel structures to increase security. Layers are automatically generated based on the available kernel header files using the utility . Clang is used to build layers. The built modules use the staticlib package in addition to the layers.
Parallel another project focused on developing drivers for embedded systems and IoT devices, which also uses bindgen to generate layers based on kernel header files. The framework allows you to improve the security of drivers without making changes to the kernel - instead of creating additional isolation levels for drivers in the kernel, it is proposed to block problems at the compilation stage by using the more secure Rust language. It is assumed that such an approach may be in demand by equipment manufacturers who develop proprietary drivers in a hurry without a proper audit.
Not all the planned functionality has been implemented yet, but the framework is already quite suitable for work and has been used to write a working driver for the LAN9512 USB Ethernet controller supplied in the Raspberry Pi 3 board. As a reference implementation when writing the Rust driver, the existing smsc95xx driver written by in C language. It is noted that the size of the module and the overhead from runtime components when developing a driver in Rust are insignificant, which allows the framework to be used for devices with limited resources.
Source: opennet.ru