Rust Developers Move Ahead With Preparing To Upstream More Code Into The Linux Kernel

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • bachchain
    replied
    Originally posted by cj.wijtmans View Post
    the issue is not with c++ its with the implementations and tooling.
    So...the issue is with C++? Sure it's nice to fantasize about theoreticals, but, here in reality, what matters are the things that can actually exist. The fact of the matter is that the C family has spent billions of dollars and millions of man-hours over the past fifty years trying to "fix it with tooling", yet we're nowhere near close. I hate to be the one to break it to you, but it's never going to happen.

    Leave a comment:


  • NobodyXu
    replied
    Originally posted by cj.wijtmans View Post
    Modern C++ compilers has ASAN. I dont know if that would make it "memory safe" but its pretty much similar to rust that it can be turned off and on. Again the issue is not with c++ its with the implementations and tooling. Rust syntax cringes me out but also its centralized tooling and lack of standards are scary as well. You can see why big corp are pushing out.
    Rust's memory safety checking cannot be turned off.
    It's just that you can add unsafe blocks to call unsafe function and dereference pointers.
    Unsafe can be easily spotted in interviews and then reviewed carefully, while everything else is guaranteed to be memory safe.

    The development of Rust happens entirely on github in a transparent manner, unlike C/C++ which happens in the committee and requires you to pay some money just to download some RFCs or join in the committee.

    If eanything, you should be more scary of C/C++, because their language spec are completely in control of the big corp and the committee itself is not transparent.


    And C/C++ also get pushed by the big corp initially, so I don't see any problem with that.

    Leave a comment:


  • cj.wijtmans
    replied
    Originally posted by Volta View Post

    How about protecting users from Platform Security Processor and Management Engine?
    They provide security from you not for you 🤔. what about NSA encryption backdoors? Router backdoors? Firmware backdoors? Cpu backdoors? What about Xkeyscore? NSA dont make me laugh.
    Last edited by cj.wijtmans; 11 November 2022, 08:44 PM.

    Leave a comment:


  • cj.wijtmans
    replied
    Modern C++ compilers has ASAN. I dont know if that would make it "memory safe" but its pretty much similar to rust that it can be turned off and on. Again the issue is not with c++ its with the implementations and tooling. Rust syntax cringes me out but also its centralized tooling and lack of standards are scary as well. You can see why big corp are pushing out.
    Last edited by cj.wijtmans; 11 November 2022, 08:40 PM.

    Leave a comment:


  • luno
    replied
    Originally posted by uid313 View Post
    NSA suggesting Ruby is quite scary!
    I never liked Ruby, eww.

    I like Rust but would much prefer that the syntax used a single dot instead of this noisy double colon syntax.
    Also I find the module system confusing, I have to create a file with the same name as the directory to export files inside the directory.
    I feel like there is good syntax programming language inside Rust which is waiting to coming out, something which is simple to read and memory safe

    Leave a comment:


  • mdedetrich
    replied
    Originally posted by uid313 View Post

    Ruby is a terrible language for security despite being memory safe, not because of the terrible syntax, but because it is dynamically interpreted so it has poor handling of data types and null values.
    I think you are confusing dynamic vs static typing with strong vs weak typing. Ruby, similar to Python, is strongly typed which means that if you do something like trying add 2 objects it will fail immediately. Now because its dynamically typed it happens at runtime but unlike Javascript, its not going to silently coerce the object to something else and actually try to add 2 nonsensical things.

    wrt to nil (not null, Ruby doesn't have null) although there are problems with it, they still at least have syntax helpers to help deal with the problem, i.e. https://stackoverflow.com/questions/...uby-on-rails-2

    Leave a comment:


  • dlq84
    replied
    Originally posted by uid313 View Post
    NSA suggesting Ruby is quite scary!
    I never liked Ruby, eww.
    They look at memory safety in isolation, and ignoring everything else about the languages.

    Leave a comment:


  • Volta
    replied
    Separately, yesterday the US National Security Agency published guidance on protecting against memory safety issues.
    How about protecting users from Platform Security Processor and Management Engine?

    Leave a comment:


  • uid313
    replied
    Originally posted by RahulSundaram View Post

    NSA rightfully so is not looking at your personal syntax preferences which are of no importance to anyone else. Ruby is merely an example (C and C++ are counter examples) in the report if you read it. The broader reason for the recommendations is far more critical ie) Language that manage memory safely (either via garbage collection or language features) have a provably better track record of avoiding certain class of security issues and that is being recognized strongly by both the industry and various government bodies.
    Ruby is a terrible language for security despite being memory safe, not because of the terrible syntax, but because it is dynamically interpreted so it has poor handling of data types and null values.

    Leave a comment:


  • bug77
    replied
    enabling the use of the Rust programming language for future kernel drivers and other kernel code
    Are you being intentionally inaccurate? Because afaik there is no "other kernel code". Rust will not be in the kernel at all, there are no plans for that currently.

    Leave a comment:

Working...
X