The Case for Writing a Kernel in Rust
Published in Proceedings of the Eighth ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2017), September 2017.
Abstract
Decades of research has attempted to add safety mechanisms to operating system kernels, but this effort has failed in most practical systems. In particular, solutions that sacrifice performance have been generally avoided. However, isolation techniques in modern languages can provide safety while avoiding performance issues. Moreover, utilizing a type-safe language with no garbage collector or other runtime services avoids what would otherwise be some of the largest sections of trusted code base. We report on our experiences in writing a resource efficient embedded kernel in Rust, finding that only a small set of unsafe abstractions are necessary in order to form common kernel building blocks. Further, we argue that Rust's choice to avoid runtime memory management by using a linear type system will enable the next generation of safe operating systems.
Paper (446KB)
BibTeX entry
@inproceedings{levy17-rust,
author = "Amit Levy and Bradford Campbell and Branden Ghena and Pat Pannuto and Prabal Dutta and Philip Levis",
title = "{The Case for Writing a Kernel in Rust}",
booktitle = "{Proceedings of the Eighth ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2017)}",
year = {2017},
month = {September}
}