The recently announced proposal to make the Rust programming language one of two main languages for the Linux kernel is getting a major boost thanks to Google and the Internet Security Research Group (ISRG), the group behind the Let’s Encrypt certificate authority.
The main goal of the push to bring Rust to Linux is to wipe out an entire class of memory-related security bugs in the kernel, which is a key part of the internet’s infrastructure, running on everything from servers to edge devices and smartphones.
Historically, key Linux drivers that make up the kernel have been written in C, which is not memory-safe whereas Rust is; as Microsoft has highlighted, 70% of all bugs it fixes are memory-related.
SEE: Hiring Kit: Python developer (TechRepublic Premium)
Linux kernel developers are exploring whether to write new parts of the kernel in Rust rather than rewriting the entire Linux kernel, which contains over 30 million lines of code.
Google aired its plans to back the project to bring Rust to Linux in April – an initiative that’s been led by developer, Miguel Ojeda, who has posted a request for comment (RFC) about the proposal.
Until now, Ojeda had been working on contract with ISRG’s Prossimo project for memory safety and that early effort was funded by Google, but now the group has hired him to work full-time on the project.
“Google has found time after time that large efforts to eliminate entire classes of security issues are the best investments at scale,” said Dan Lorenc, a software engineer at Google, who’s helped coordinate the Rust-Linux project and works on the infrastructure behind Google Cloud Platform.
“We understand work in something as widely used and critical as the Linux kernel takes time, but we’re thrilled to be able to help the ISRG support Miguel Ojeda’s work dedicated to improving the memory safety of the kernel for everyone.”
As suggested by Lorenc, introducing a second language into the Linux kernel isn’t a light decision. Linux creator Linus Torvalds had a few objections to bringing in Rust after Ojeda’s RFC. But with Google’s backing, there might be room to move.
“Adding a second language to the Linux kernel is a decision that needs to be carefully weighed,” said Ojeda in a statement. “Rust brings enough improvements over C to merit such consideration.
The Linux kernel is at the heart of the modern internet, from servers to client devices, said ISRG’s executive director, Josh Aas, pointing out it’s on the front line for processing network data and other forms of input. As such, vulnerabilities in the Linux kernel can have a wide-ranging impact, putting security and privacy for people, organizations, and devices at risk.
“Since it’s written largely in the C language, which is not memory-safe, memory safety vulnerabilities such as buffer overflows and use-after-frees are a constant concern. By making it possible to write parts of the Linux kernel in Rust, which is memory-safe, we can entirely eliminate memory safety vulnerabilities from certain components, such as drivers.”
Google is also backing the ISRG project to create a Rust-based module for the Apache HTTP web server. It’s another important piece of internet infrastructure since it’s responsible for cryptographically securing HTTPS connections to widely used Apache web servers.