Re: Rust kernel policy

From: Kees Cook
Date: Wed Feb 19 2025 - 14:18:13 EST

Next message: Maciej W. Rozycki: "Re: [PATCH v6 3/6] syscall.h: introduce syscall_set_nr()"
Previous message: Catalin Marinas: "Re: [PATCH 6.6 000/389] 6.6.76-rc2 review"
In reply to: Steven Rostedt: "Re: Rust kernel policy"
Next in thread: Jason Gunthorpe: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 19, 2025 at 02:08:21PM -0500, Steven Rostedt wrote:
> On Wed, 19 Feb 2025 10:52:37 -0800
> Kees Cook <kees@xxxxxxxxxx> wrote:
>
> > In other words, I don't see any reason to focus on replacing existing
> > code -- doing so would actually carry a lot of risk. But writing *new*
> > stuff in Rust is very effective. Old code is more stable and has fewer
> > bugs already, and yet, we're still going to continue the work of hardening
> > C, because we still need to shake those bugs out. But *new* code can be
> > written in Rust, and not have any of these classes of bugs at all from
> > day one.
>
> I would say *new drivers* than say *new code*. A lot of new code is written
> in existing infrastructure that doesn't mean it needs to be converted over
> to rust.

Sorry, yes, I was more accurate in the first paragraph. :)

> But that does show why enhancements to C like the guard() code is still
> very important.

Absolutely!

--
Kees Cook

Next message: Maciej W. Rozycki: "Re: [PATCH v6 3/6] syscall.h: introduce syscall_set_nr()"
Previous message: Catalin Marinas: "Re: [PATCH 6.6 000/389] 6.6.76-rc2 review"
In reply to: Steven Rostedt: "Re: Rust kernel policy"
Next in thread: Jason Gunthorpe: "Re: Rust kernel policy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]