Google recently rewrote the firmware for protected virtual machines in its Android Virtualization Framework using the Rust programming language and wants you to do the same, assuming you deal with firmware.
In a write-up on Thursday, Android engineers Ivan Lozano and Dominik Maier dig into the technical details of replacing legacy C and C++ code with Rust.
“You’ll see how easy it is to boost security with drop-in Rust replacements, and we’ll even demonstrate how the Rust toolchain can handle specialized bare-metal targets,” said Lozano and Maier.
Easy is not a term commonly heard with regard to a programming language known for its steep learning curve.
Nor is it easy to get C and C++ developers to see the world with Rust-tinted lenses. Just last week, one of the maintainers of the Rust for Linux project - created to work Rust code into the C-based Linux kernel - stepped down, citing resistance from Linux kernel developers.
“Here’s the thing, you’re not going to force all of us to learn Rust,” said a Linux kernel contributor during a lively discussion earlier this year at a conference.
A valid point tho. Generally it is difficult to ask everybody to learn a new language.
Fortunately, they aren’t being asked to do that. All the rust team was requesting was metadata about the call signatures so that they could have a grasp on expected behavior.
I mean, I work as a software engineering and if I’m not doing continuing ed, be it about architecture, storage, or new languages, I’m going to be of less value in the marketplace. I’ve learnt languages I didn’t particularly want to in the past for work (though I generally came to tolerate or even like some of them. Not lua, though; lua can go to hell).
If Rust truly is the better, safer option, then these people are holding everything back.
“learn Rust” in this case is learn it to a level where all of the little behaviour around cross language integrations are understood and security flaws won’t be introduced. Expert level.
It’s not “I did a pet project over the weekend”.
You are correct and I am aware of that. However, it also seems that they both refuse to learn it and refuse to work with people at that expert level based on the recent drama, which seems very much like holding things back to me.
C/C++ is the bedrock of our modern civilization in some ways more fundamental than actual bedrock, the first step in getting any OS running is making it run C and after that you are basically done, it’s not surprising that developers resist, if nothing else it’s a common language, and standards are hard to change on the best of days. This isn’t just learning a language, it’s a complete paradigm shift.
The bedrock of modern civilizations is expensive to develop, buggy and unergonomic though.
If you make C run, you probably (I’m not sure, would have to verify) can make rust run. And if there isn’t yet, there will probably soon be a C compiler written in rust, so you can choose to bootstrap from wherever you prefer.
C’s ABI will probably last longer than C, since there is not a stable rust ABI though.