lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <06a07d325f7555c3dc72e4aac90580541ca61697.camel@tugraz.at>
Date: Sun, 23 Feb 2025 09:10:41 +0100
From: Martin Uecker <uecker@...raz.at>
To: Piotr Masłowski <piotr@...lowski.xyz>
Cc: Greg KH <gregkh@...uxfoundation.org>, Boqun Feng <boqun.feng@...il.com>,
  "H. Peter Anvin" <hpa@...or.com>, Miguel Ojeda
 <miguel.ojeda.sandonis@...il.com>, Christoph Hellwig <hch@...radead.org>,
 rust-for-linux <rust-for-linux@...r.kernel.org>, Linus Torvalds
 <torvalds@...ux-foundation.org>, David Airlie <airlied@...il.com>, 
 linux-kernel@...r.kernel.org, ksummit@...ts.linux.dev
Subject: Re: Rust kernel policy

Am Sonntag, dem 23.02.2025 um 00:42 +0100 schrieb Piotr Masłowski:
> On Thu Feb 20, 2025 at 9:57 AM CET, Martin Uecker wrote:
...
> 
> Oh, and once again: I am sure you knew all of this. It's just that a lot
> of people reading these threads think adding a few annotations here and
> there will be enough to achieve a similar level of safety | robustness
> as what newly-designed languages can offer.

I have been looking at programming languages, safety, 
and type theory for a long time, even before Rust existed.
I heard all these arguments and I do not believe that we 
need (or should use) a newly-designed language.

(Of course, adding annotations would not usually be enough,
one often would have to refactor the code a bit, but if
it is already well designed, not too much)

But while I would love discussing this more, I do not 
think this is the right place for these discussion nor
would it be insightful in the current situation.

In any case, there is so much existing C code that
it should be clear that we also have to do something
about it.  So I do not think the question is even that
relevant. 


Martin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ