lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87pljc6d7s.fsf@kloenk.dev>
Date: Thu, 20 Feb 2025 12:57:11 +0100
From: Fiona Behrens <me@...enk.dev>
To: Jarkko Sakkinen <jarkko@...nel.org>
Cc: Bart Van Assche <bvanassche@....org>,  Steven Rostedt
 <rostedt@...dmis.org>,  Jason Gunthorpe <jgg@...dia.com>,  Kees Cook
 <kees@...nel.org>,  Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
  Christoph Hellwig <hch@...radead.org>,  rust-for-linux
 <rust-for-linux@...r.kernel.org>,  Linus Torvalds
 <torvalds@...ux-foundation.org>,  Greg KH <gregkh@...uxfoundation.org>,
  David Airlie <airlied@...il.com>,  linux-kernel@...r.kernel.org,
  ksummit@...ts.linux.dev
Subject: Re: Rust kernel policy

Jarkko Sakkinen <jarkko@...nel.org> writes:

> On Wed, 2025-02-19 at 12:52 -0800, Bart Van Assche wrote:
>> On 2/19/25 12:46 PM, Steven Rostedt wrote:
>> > I do feel that new drivers written in Rust would help with the
>> > vulnerabilities that new drivers usually add to the kernel.
>> 
>> For driver developers it is easier to learn C than to learn Rust. I'm
>> not sure that all driver developers, especially the "drive by"
>> developers, have the skills to learn Rust.
>
> IMHO, Rust is not that difficult to learn but it is difficult to
> run.
>
> One point of difficulty for me still is the QA part, not really the
> code. QuickStart discusses on how to install all the shenanigans
> with distribution package managers.
>
> The reality of actual kernel development is that you almost never
> compile/run host-to-host, rendering that part of the documentation
> in the battlefield next to useless.
>
> Instead it should have instructions for BuildRoot, Yocto and
> perhaps NixOS (via podman). It should really explain this instead
> of dnf/apt-get etc.

What do you mean with via podman for NixOS?

I do still have on my ToDo list to build and publish a better nix
development shell for kernel with rust enabled, and could also add a
section on how to build a NixOS iso in the same nix code.
But sadly time is a finite resource and so did not yet got to it.

Fiona

>
>> 
>> Bart.
>> 
>
> BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ