lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87r0get0no.fsf@metaspace.dk>
Date: Wed, 13 Mar 2024 20:03:07 +0100
From: Andreas Hindborg <nmi@...aspace.dk>
To: Boqun Feng <boqun.feng@...il.com>
Cc: Bart Van Assche <bvanassche@....org>,  Jens Axboe <axboe@...nel.dk>,
  Christoph Hellwig <hch@....de>,  Keith Busch <kbusch@...nel.org>,  Damien
 Le Moal <Damien.LeMoal@....com>, 	Hannes Reinecke <hare@...e.de>,
  "linux-block@...r.kernel.org" <linux-block@...r.kernel.org>,  Andreas
 Hindborg <a.hindborg@...sung.com>,  Niklas Cassel <Niklas.Cassel@....com>,
  Greg KH <gregkh@...uxfoundation.org>,  Matthew Wilcox
 <willy@...radead.org>, 	Miguel Ojeda <ojeda@...nel.org>,  Alex Gaynor
 <alex.gaynor@...il.com>,  Wedson Almeida Filho <wedsonaf@...il.com>, 	Gary
 Guo <gary@...yguo.net>,  Björn Roy Baron
 <bjorn3_gh@...tonmail.com>,
  Benno Lossin <benno.lossin@...ton.me>, 	Alice Ryhl
 <aliceryhl@...gle.com>,  Chaitanya Kulkarni <chaitanyak@...dia.com>,  Luis
 Chamberlain <mcgrof@...nel.org>,  Yexuan Yang <1182282462@...t.edu.cn>,
  Sergio González Collado <sergio.collado@...il.com>,  Joel
 Granados
 <j.granados@...sung.com>,  "Pankaj Raghav (Samsung)"
 <kernel@...kajraghav.com>,  Daniel Gomez <da.gomez@...sung.com>,  open
 list <linux-kernel@...r.kernel.org>,  "rust-for-linux@...r.kernel.org"
 <rust-for-linux@...r.kernel.org>,  "lsf-pc@...ts.linux-foundation.org"
 <lsf-pc@...ts.linux-foundation.org>,  "gost.dev@...sung.com"
 <gost.dev@...sung.com>
Subject: Re: [RFC PATCH 0/5] Rust block device driver API and null block driver

Boqun Feng <boqun.feng@...il.com> writes:

> On Wed, Mar 13, 2024 at 11:02:23AM -0700, Bart Van Assche wrote:
>> On 3/13/24 04:05, Andreas Hindborg wrote:
>> > This is the second version of the Rust block device driver API and the Rust null
>> > block driver. The context and motivation can be seen in cover letter of the RFC
>> > v1 [1]. If more context is required, a talk about this effort was recorded at
>> > LPC [2]. I hope to be able to discuss this series at LSF this year [3].
>> 
>> Memory safety may land in C++ in the near future (see also
>> https://herbsutter.com/2024/03/). If memory-safe C++ or memory-safe C
>> would be adopted in the kernel, it would allow writing memory-safe
>> drivers without having to add complicated bindings between existing C
>
> I honestly doubt it, memory-safe is not free, basically you will still
> want unsafe part for the performance reason (or interacting with
> hardware), and provide a safe API for driver development. I don't think
> that part will be gone with a memory-safe C++. So the complication still
> exists. But I'm happy to be proved wrong ;-)

I think it is great that people are starting to realize that bringing
memory safety to other systems languages is a good idea. But from one
person blogging about it to things being ready for production is a long
journey. Language designers have to design ways to express the new
semantics, standards committees has to agree, compiler engineers have to
build and test their compilers. Probably we need a few cycles of this to
get things right. At any rate, it is going to take a while.

Second, as Boqun is saying, interfacing the unsafe C part of the kernel
with memory safe C++ is going to require the same complicated
abstraction logic as the safe Rust APIs are bringing. The complexity in
bringing Rust to the kernel is not coming from interfacing a foreign
language. It stems from the inherent difficulty in designing memory safe
wrappers around unsafe C APIs.

Best regards,
Andreas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ