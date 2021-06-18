



The recently announced proposal to make the Rust programming language one of the two main languages ​​of the Linux kernel is greatly boosted by the Internet Security Research Group (ISRG), the group behind Google and the Let’s Encrypt Certificate Authority. It has been.

Push’s main goal for deploying Rust on Linux is to wipe out a whole class of memory-related security bugs in the kernel, a key part of the Internet’s infrastructure, from servers to edge devices and smartphones. is.

Historically, the major Linux drivers that make up the kernel were written in C, which isn’t memory-safe, but Rust does. As Microsoft emphasizes, 70% of all bugs we fix are memory related.

Linux kernel developers are looking to write new parts of the kernel in Rust instead of rewriting the entire Linux kernel, which contains over 30 million lines of code.

Google broadcast a plan to support a project to bring Rust to Linux in April. This initiative was led by developer Miguel Ojeda, who posted a request for comment (RFC) on the proposal.

So far, Ogeda has been working on a contract with ISRG’s Prossimo project for memory safety, the initial effort of which was funded by Google, but now the group has hired him to work full-time on the project. It is working.

Dan Lorenc, a Google software engineer who helps coordinate Rust-Linux projects and works on the infrastructure behind Google, said: Cloud platform.

“The Linux kernel is as widely used and understands the important tasks as it takes time, but ISRG can support the work of Miguel Ojeda, who is dedicated to improving the memory safety of everyone in the kernel. I’m glad. “

As Lorenc suggests, introducing a second language into the Linux kernel is not an easy decision. Linux author Linus Torvalds has made some objections to the introduction of Rust after Ojeda’s RFC. However, with the help of Google, there may be room to move.

“Adding a second language to the Linux kernel is a decision that needs careful consideration,” Ojeda said in a statement. “Rust brings enough improvement to C to deserve such consideration.

The Linux kernel is at the heart of the modern Internet, from servers to client devices, said Josh Aas, executive director of ISRG, pointing out that it is at the forefront of handling network data and other forms of input. did. As a result, vulnerabilities in the Linux kernel can have a variety of implications, endangering the security and privacy of people, organizations, and devices.

“Because it is written primarily in C, which is not memory safe, there are always concerns about memory safety vulnerabilities such as buffer overflows and post-free use. This allows parts of the Linux kernel to be written in Rust. Because it is memory safe, it completely eliminates memory safety vulnerabilities from certain components such as drivers. “

Google is also backing the ISRG project to create Rust-based modules for the Apache HTTP Web server. This is another important part of the Internet infrastructure as it serves to cryptographically secure HTTPS connections to the widely used Apache web servers.

