Re: Rust kernel policy
From: Steven Rostedt
Date: Wed Feb 19 2025 - 14:08:11 EST
On Wed, 19 Feb 2025 10:52:37 -0800
Kees Cook <kees@xxxxxxxxxx> wrote:
> In other words, I don't see any reason to focus on replacing existing
> code -- doing so would actually carry a lot of risk. But writing *new*
> stuff in Rust is very effective. Old code is more stable and has fewer
> bugs already, and yet, we're still going to continue the work of hardening
> C, because we still need to shake those bugs out. But *new* code can be
> written in Rust, and not have any of these classes of bugs at all from
> day one.
I would say *new drivers* than say *new code*. A lot of new code is written
in existing infrastructure that doesn't mean it needs to be converted over
to rust.
But that does show why enhancements to C like the guard() code is still
very important.
-- Steve