| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202502191117.8E1BCD4615@keescook> Date: Wed, 19 Feb 2025 11:17:59 -0800 From: Kees Cook <kees@...nel.org> To: Steven Rostedt <rostedt@...dmis.org> Cc: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>, Christoph Hellwig <hch@...radead.org>, rust-for-linux <rust-for-linux@...r.kernel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Greg KH <gregkh@...uxfoundation.org>, David Airlie <airlied@...il.com>, linux-kernel@...r.kernel.org, ksummit@...ts.linux.dev Subject: Re: Rust kernel policy On Wed, Feb 19, 2025 at 02:08:21PM -0500, Steven Rostedt wrote: > On Wed, 19 Feb 2025 10:52:37 -0800 > Kees Cook <kees@...nel.org> wrote: > > > In other words, I don't see any reason to focus on replacing existing > > code -- doing so would actually carry a lot of risk. But writing *new* > > stuff in Rust is very effective. Old code is more stable and has fewer > > bugs already, and yet, we're still going to continue the work of hardening > > C, because we still need to shake those bugs out. But *new* code can be > > written in Rust, and not have any of these classes of bugs at all from > > day one. > > I would say *new drivers* than say *new code*. A lot of new code is written > in existing infrastructure that doesn't mean it needs to be converted over > to rust. Sorry, yes, I was more accurate in the first paragraph. :) > But that does show why enhancements to C like the guard() code is still > very important. Absolutely! -- Kees Cook
Powered by blists - more mailing lists