The Internet Security Research Group, the parent organization of the better-known Let’s Encrypt project, provided prominent developer Miguel Ojeda a one-year contract to work on Rust under Linux and other full-time security efforts.
What is a Rust for Linux?
As we saw in March, Rust is a low-level programming language offering most of the flexibility and performance of C (the language used for kernels in Unix and Unix-like operating systems for years. 1970) in a more secure manner.
Efforts to make Rust a viable language for Linux kernel development began at the Linux Plumbers 2020 conference, with the idea coming from Linus Torvalds himself. Torvalds specifically requested the availability of the Rust compiler in the default kernel build environment, to support such efforts, not to replace all of the Linux kernel source code with equivalents developed by Rust, but to allow the new development to function properly.
Using Rust for new code in the kernel, which can mean new hardware drivers or even replacing GNU Coreutils, potentially reduces the number of bugs hidden in the kernel. Rust simply won’t allow a developer to leak memory or create the potential for buffer overflows, major sources of performance and security issues in complex C-language code.
Google, ISRG and Ojeda
The Internet Security Research Group (ISRG) new contract gives Ojeda a full-time salary to continue the memory security work he was already doing part-time. ISRG Executive Director Josh Aas notes that the group has worked closely with Google engineer Dan Lorenc and that financial support from Google itself is essential to sponsor Ojeda’s ongoing work.
“Large efforts to eliminate entire categories of security concerns are the best large-scale investments,” Lorenc said, adding that Google was “delighted to [help] ISRG supports Miguel Ojeda’s work dedicated to improving kernel memory security for everyone. “
Prossimo and the security of memory
Ojeda’s work is the first project to be sponsored under the ISRG’s Prossimo banner, but it’s not the first step the organization has taken towards greater memory security. Previous initiatives include a memory-secure TLS module for the Apache web server, a memory-secure version of the loop data transfer utility, and rust—A secure, in-memory alternative to the ubiquitous OpenSSL network encryption library.
Find the Prossimo initiatives on memorysafety.org, along with links to donations, the ISRG and its Prossimo projects are 100% supported by charitable donations, both from individuals and community-minded businesses. If you want to get involved, the ISRG accepts direct currencies donations via PayPal or Donorbox, various cryptocurrencies, and even mutual fund securities or stocks.