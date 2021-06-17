



Miguel Ojeda

Google said Thursday that it is funding a project to enhance the security of Linux by writing some of the core operating system in the Rust programming language. This is a modernization effort that has the potential to enhance the security of the Internet and smartphones.

If the project is successful, it will be possible to add a new element, called the kernel, written in Rust to the heart of Linux. These changes represent a major technological and cultural change in Google’s Android and Chrome operating systems and the open source software projects that underpin the vast Internet.



Miguel Ojeda, who created the software used in the Large Hadron Collider and worked on the security of the programming language, has a contract to create software with Rust for the Linux kernel. Google bears the cost of extended contracts through the Internet Security Research Group. The agreement is a non-profit organization that also facilitated the protection of website communications through Let’s Encrypt efforts.

Adding the Rust module to the Linux kernel improves security by shutting down some of the means that hackers can use to attack phones, computers, or servers. Since its launch in 1991, Linux has been written solely in the powerful yet old C programming language. The language was developed in 1972 and is more vulnerable to hacking than modern programming languages.

Improving Linux security is good news for everyone except hackers. In addition to Android and Chrome OS, all Google services such as YouTube and Gmail rely on servers running Linux. It also enhances Amazon and Facebook and is a cloud computing service fixture.

It is not clear if the Linux kernel reader supports Rust. Linux founder Linus Torvalds says he could embrace change if the Rust for Linux champion proves its worth. Ojeda has suggested 13 changes needed to allow the Linux Rust module to get things started.

Google has already taken early steps to make Rust for Linux Android available. Getting the highest level of approval for a Linux kernel project means that it can also benefit many other software projects.

Google recognizes the achievements of the Linux community programmers who started the Rust for Linux project. “The community has already done a great job of adding Rust support to the Linux kernel build system and will continue to do so,” Google said in a blog post.

Developed by Firefox maker Mozilla and now run by the independent Rust Foundation, Rust makes it safer for software to write to memory. Hackers can exploit memory issues to hide extra malicious code in out-of-range memory areas. Rust checks for these and other issues as the programmer builds the software. And it’s the most beloved programming language for five years running on Stack Overflow’s annual developer survey.

“Rust is the best alternative to C and C ++ currently available,” Microsoft’s security team concluded in 2019. The team said Rust was able to prevent memory issues in 70% of serious security issues. Also, because Rust checks are done during software construction, they are not secure at the expense of software running performance.

The goal of the Linux on Rust project is not to replace all of the Linux C code, but to improve selective and new parts.

“For the time being, we will focus on specific security-critical components and drivers,” said Josh Aas, who will run ISRG’s Prossimo project to migrate critical Internet software to memory-safe software. Drivers are operating system modules that control specific devices such as printers, network adapters, and graphics chips.

Google isn’t the only bet on Linux and Rust. It features Go, its own memory-safe language, and a new operating system called Fuchsia, which we started using on NestHub smart screens.

“Google is investing in a variety of other languages, tools and platforms,” ​​a spokeswoman for the company said. “Multiple solutions to related but necessarily overlapping problems allow us to reuse good idea cross-pollination.”

