Cloud Hosting

Enlarge / No, not that kind of Rust.

The Internet Security Research Groupparent organization of the better-known Let's Encrypt projecthas provided prominent developer Miguel Ojeda with a one-year contract to work on Rust in Linux and other security efforts on a full-time basis.

Efforts to make Rust a viable language for Linux kernel development began at the 2020 Linux Plumbers conference, with acceptance for the idea coming from Linus Torvalds himself. Torvalds specifically requested Rust compiler availability in the default kernel build environment, to support such effortsnot to replace the entire source code of the Linux kernel with Rust-developed equivalents, but to make it possible for new development to work properly.

Using Rust for new code in the kernelwhich might mean new hardware drivers or even replacement of GNU Coreutilspotentially decreases the number of bugs lurking in the kernel. Rust simply won't allow a developer to leak memory or create the potential for buffer overflowssignificant sources of performance and security issues in complex C-language code.

The new contract from the Internet Security Research Group (ISRG) gives Ojeda a full-time paycheck to continue memory safety work he was already doing on a part-time basis. ISRG Executive Director Josh Aas notes that the group has worked closely with Google engineer Dan Lorenc and that financial support from Google itself is critical to sponsoring Ojeda's ongoing work.

"Large efforts to eliminate entire classes of security issues are the best investments at scale," Lorenc said, adding that Google is "thrilled to [help] the ISRG support Miguel Ojeda's work dedicated to improving the memory safety of the kernel for everyone."

Ojeda's work is the first project to be sponsored under the ISRG's Prossimo banner, but it's not the first step the organization has taken for greater memory safety. Previous initiatives include a memory-safe TLS module for the Apache web server, a memory-safe version of the curldata transfer utility, and rustlsa memory-safe alternative to the ubiquitous OpenSSL network encryption library.

The Prossimo initiatives can be found at memorysafety.org, along with donation linksthe ISRG and its Prossimo projects are 100 percent supported by charitable donations, from both individuals and community-minded companies. If you'd like to get involved, the ISRG accepts direct currencydonationsvia PayPal or Donorbox, various cryptocurrencies, and even securities or shares in mutual funds.

Here is the original post:
The ISRG wants to make the Linux kernel memory-safe with Rust - Ars Technica