- cross-posted to:
- tech@programming.dev
- cross-posted to:
- tech@programming.dev
Google recently rewrote the firmware for protected virtual machines in its Android Virtualization Framework using the Rust programming language and wants you to do the same, assuming you deal with firmware.
In a write-up on Thursday, Android engineers Ivan Lozano and Dominik Maier dig into the technical details of replacing legacy C and C++ code with Rust.
“You’ll see how easy it is to boost security with drop-in Rust replacements, and we’ll even demonstrate how the Rust toolchain can handle specialized bare-metal targets,” said Lozano and Maier.
Easy is not a term commonly heard with regard to a programming language known for its steep learning curve.
Nor is it easy to get C and C++ developers to see the world with Rust-tinted lenses. Just last week, one of the maintainers of the Rust for Linux project - created to work Rust code into the C-based Linux kernel - stepped down, citing resistance from Linux kernel developers.
“Here’s the thing, you’re not going to force all of us to learn Rust,” said a Linux kernel contributor during a lively discussion earlier this year at a conference.
Memory safety for one. C is very memory unsafe and that has been the source of a great, great number of software vulnerabilities over the years. Basically, in many C programs it has been possible to force them to execute arbitrary code, and if a program is running with root privileges, an attacker can gain full control over a system by injecting the right input.
I have very limited knowledge of rust, but from what I remember writing memory unsafe programs is nigh impossible as the code won’t really even compile. Someone else with more knowledge can probably give more detail.