Re: Rust kernel policy

From: Steven Rostedt
Date: Wed Feb 19 2025 - 14:08:11 EST

Next message: Steven Rostedt: "Re: [PATCH 1/2] sched: Refine scheduler naming for clarity and specificity"
Previous message: Catalin Marinas: "Re: [PATCH v2 4/4] mm: Don't skip arch_sync_kernel_mappings() in error paths"
In reply to: Kees Cook: "Re: Rust kernel policy"
Next in thread: Kees Cook: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 19 Feb 2025 10:52:37 -0800
Kees Cook <kees@xxxxxxxxxx> wrote:

> In other words, I don't see any reason to focus on replacing existing
> code -- doing so would actually carry a lot of risk. But writing *new*
> stuff in Rust is very effective. Old code is more stable and has fewer
> bugs already, and yet, we're still going to continue the work of hardening
> C, because we still need to shake those bugs out. But *new* code can be
> written in Rust, and not have any of these classes of bugs at all from
> day one.

I would say *new drivers* than say *new code*. A lot of new code is written
in existing infrastructure that doesn't mean it needs to be converted over
to rust.

But that does show why enhancements to C like the guard() code is still
very important.

-- Steve

Next message: Steven Rostedt: "Re: [PATCH 1/2] sched: Refine scheduler naming for clarity and specificity"
Previous message: Catalin Marinas: "Re: [PATCH v2 4/4] mm: Don't skip arch_sync_kernel_mappings() in error paths"
In reply to: Kees Cook: "Re: Rust kernel policy"
Next in thread: Kees Cook: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]