As Microsoft continues to move forward with its embrace of Rust, it has posted Rust crates to GitHub, enabling developers to write Windows drivers in the memory-safe language.
There are many reasons to appreciate Rust. Aside from its popularity with developers, it has strong safeguards against memory safety bugs, which have comprised around 70% of fixed, CVE-listed Windows vulnerabilities since 2006. Earlier this year, Microsoft Director of OS Security for Windows David “Dwizzzle” Weston announced at BlueHat IL that the company would begin converting some “core Windows libraries” from C++ to Rust, and had already done so with 36,000 lines of the Windows kernel.
Mark Russinovich, chief technical officer of Microsoft Azure, tweeted a link to the GitHub repository on Sept. 23 with the caption “working towards enabling Windows driver development in Rust.” DevClass reported that the initial release focuses on support for the Windows Driver Kit (WDK), and is intended to work with Windows Driver Model (WDM) and Windows Driver Framework (WFK) drivers.
“This project is still in early stages of development and is not yet recommended for commercial use,” a note on the GitHub repository caution.
One hot topic of discussion among developers who have looked at the release, DevClass reported, is structured exception handling—Rust lacks exceptions. Instead, it reports recoverable errors and quits via panic failure when encountering irrecoverable ones. The latter behavior is undesirable for kernel code, because it causes a full system crash.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Microsoft’s Security Research & Defense team has hailed Rust for null pointer and data race safety, claiming it statically enforces against “unsynchronized access of a piece of memory from two or more threads.” The Azure team that works on dev tools for quantum computing apps also recently announced it had rewritten most of its development kit in Rust. Dark Reading reported that Google, which uses Rust in Android, and credential manager 1Password, which uses it for core data security components, have become big supporters of the language.
“We generally recommend the use of Rust anywhere that you are considering authoring new C [or] C++ code,” Lars Bergstrom, Google’s director of engineering for Android programming languages and Rust Foundation board chair, told Dark Reading. “So Rust is often a good choice where you need tight control of the underlying system and its resources, such as memory.”
Microsoft has no plans to rewrite the entire OS in Rust, however. Weston told attendees at the BlueHat presentation that “while we love Rust, we need a strategy that also includes securing more of our native code.”