research-article

System Programming in Rust: Beyond Safety

Authors:

Abhiram Balasubramanian,

Marek S. Baranowski,

Zvonimir Rakamari,

Leonid RyzhykAuthors Info & Claims

ACM SIGOPS Operating Systems Review, Volume 51, Issue 1

Pages 94 - 99

https://doi.org/10.1145/3139645.3139660

Published: 11 September 2017 Publication History

Abstract

Rust is a new system programming language that offers a practical and safe alternative to C. Rust is unique in that it enforces safety without runtime overhead, most importantly, without the overhead of garbage collection. While zero-cost safety is remarkable on its own, we argue that the superpowers of Rust go beyond safety. In particular, Rust's linear type system enables capabilities that cannot be implemented efficiently in traditional languages, both safe and unsafe, and that dramatically improve security and reliability of system software. We show three examples of such capabilities: zero-copy software fault isolation, efficient static information flow analysis, and automatic checkpointing. While these capabilities have been in the spotlight of systems research for a long time, their practical use is hindered by high cost and complexity. We argue that with the adoption of Rust these mechanisms will become commoditized.

References

[1]

Daniel Atkins, Alex Potanin, and Lindsay Groves. 2013. The Design and Implementation of Clocked Variables in X10. In Proceedings of the Thirty-Sixth Australasian Computer Science Conference - Volume 135 (ACSC '13). Adelaide, Australia, 87--95.

Digital Library

[2]

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. 2003. Xen and the art of virtualization. In ACM SIGOPS Operating Systems Review, Vol. 37. ACM, 164--177.

Digital Library

[3]

Andrew Baumann, Paul Barham, Pierre-Evariste Dagand, Tim Harris, Rebecca Isaacs, Simon Peter, Timothy Roscoe, Adrian Schüpbach, and Akhilesh Singhania. 2009. The Multikernel: A New OS Architecture for Scalable Multicore Systems. In Proceedings of the ACM SIGOPS 22Nd Symposium on Operating Systems Principles (SOSP '09). Big Sky, Montana, USA, 29--44.

Digital Library

[4]

Sebastian Burckhardt, Alexandro Baldassin, and Daan Leijen. 2010. Concurrent programming with revisions and isolation types. In ACM Sigplan Notices, Vol. 45. ACM, 691--707.

Digital Library

[5]

Haogang Chen, Yandong Mao, Xi Wang, Dong Zhou, Nickolai Zeldovich, and M. Frans Kaashoek. 2011. Linux kernel vulnerabilities: state-of-the-art defenses and open problems. In Proceedings of the Second Asia-PacificWorkshop on Systems (APSys '11). Shanghai, China, Article 5, 5 pages.

Digital Library

[6]

Intel Corporation. DPDK: Data Plane Development Kit. http://dpdk.org/. (????).

[7]

Alex Crichton. 2017. scoped-tls. https://github.com/alexcrichton/scoped-tls. (2017).

[8]

CVE. Vulnerabilities on Linux Kernel Machines. https://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33. (????).

[9]

Robert DeLine and Manuel Fähndrich. 2001. Enforcing High-level Protocols in Low-level Software. In ACM Conference on Programming Language Design and Implementation (PLDI '01). Snowbird, Utah, USA, 59--69.

Digital Library

[10]

Redox Project Developers. Redox - Your Next(Gen) OS. (????). http://www.redox-os.org/.

[11]

The Rust Project Developers. 2017. Implementation of Rust stack unwinding. https://doc.rust-lang.org/1.3.0/std/rt/unwind/. (2017).

[12]

The Rust Project Developers. 2017. Struct std::rc::Weak. https://doc.rust-lang.org/std/rc/struct.Weak.html. (2017).

[13]

Daniel E. Eisenbud, Cheng Yi, Carlo Contavalli, Cody Smith, Roman Kononov, Eric Mann-Hielscher, Ardas Cilingiroglu, Bin Cheyney, Wentao Shang, and Jinnah Dylan Hosein. 2016. Maglev: A Fast and Reliable Software Network Load Balancer. In Proceedings of the 13th Usenix Conference on Networked Systems Design and Implementation (NSDI'16). Santa Clara, CA, 523--535.

Digital Library

[14]

Elmootazbellah Nabil Elnozahy, Lorenzo Alvisi, Yi-Min Wang, and David B. Johnson. 2002. A survey of rollback-recovery protocols in message-passing systems. ACM Computing Surveys (CSUR) 34, 3 (2002), 375--408.

Digital Library

[15]

Úlfar Erlingsson, Martín Abadi, Michael Vrable, Mihai Budiu, and George C. Necula. 2006. XFI: Software Guards for System Address Spaces. In Proceedings of the 7th Symposium on Operating Systems Design and Implementation (OSDI '06). Seattle, Washington, 75--88.

Digital Library

[16]

Manuel Fähndrich et al. 2006. Language Support for Fast and Reliable Messagebased Communication in Singularity OS. In Eurosys.

[17]

Manuel Fahndrich and Robert DeLine. 2002. Adoption and Focus: Practical Linear Types for Imperative Programming. In Proceedings of the ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI '02). Berlin, Germany, 13--24.

Digital Library

[18]

Mozilla Foundation. The Rust programming language. https://doc.rust-lang.org/book/. (????).

[19]

Michael Golm, Meik Felser, Christian Wawersich, and Jörgen Kleinöder. 2002. The JX Operating System. In USENIX Annual Technical Conference. Monterey, CA, USA, 45--58.

Digital Library

[20]

Tim Harris, Simon Marlow, Simon Peyton-Jones, and Maurice Herlihy. 2005. Composable Memory Transactions. In Proceedings of the Tenth ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP '05). Chicago, IL, USA, 48--60.

Digital Library

[21]

Maurice Herlihy, Victor Luchangco, Mark Moir, and William N. Scherer, III. 2003. Software Transactional Memory for Dynamic-sized Data Structures. In Proceedings of the Twenty-second Annual Symposium on Principles of Distributed Computing (PODC '03). Boston, Massachusetts, 92--101.

Digital Library

[22]

Thomas Bracht Laumann Jespersen, Philip Munksgaard, and Ken Friis Larsen. 2015. Session Types for Rust. In Workshop on Generic Programming.

Digital Library

[23]

Trevor Jim, J. Greg Morrisett, Dan Grossman, Michael W. Hicks, James Cheney, and Yanling Wang. 2002. Cyclone: A Safe Dialect of C. In USENIX Annual Technical Conference (ATEC '02). Monterey, CA, USA, 275--288.

Digital Library

[24]

Eddie Kohler, Robert Morris, Benjie Chen, John Jannotti, and M. Frans Kaashoek. 2000. The Click Modular Router. ACM Trans. Comput. Syst. 18, 3 (Aug. 2000), 263--297.

Digital Library

[25]

Amit Levy, Michael P. Andersen, Bradford Campbell, David Culler, Prabal Dutta, Branden Ghena, Philip Levis, and Pat Pannuto. 2015. Ownership is theft: experiences building an embedded OS in rust. In Proceedings of the 8th Workshop on Programming Languages and Operating Systems. ACM, 21--26.

Digital Library

[26]

Hyeontaek Lim, Dongsu Han, David G. Andersen, and Michael Kaminsky. 2014. MICA: A Holistic Approach to Fast In-memory Key-value Storage. In Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation (NSDI'14). Seattle, WA, 429--444.

Digital Library

[27]

Yandong Mao, Haogang Chen, Dong Zhou, Xi Wang, Nickolai Zeldovich, and M. Frans Kaashoek. 2011. Software fault isolation with API integrity and multiprincipal modules. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles. ACM, 115--128.

Digital Library

[28]

Daniel Molka, Daniel Hackenberg, Robert Schöne, and Wolfgang E Nagel. 2015. Cache Coherence Protocol and Memory Performance of the Intel Haswell-EP Architecture. In Parallel Processing (ICPP), 2015 44th International Conference on. IEEE, 739--748.

Digital Library

[29]

Andrew C. Myers and Barbara Liskov. 1997. A Decentralized Model for Information Flow Control. In ACM Symposium on Operating Systems Principles. Saint Malo, France, 129--142.

Digital Library

[30]

Nginx. Nginx: High Performance Load Balancer, Web Server, and Reverse Proxy. https://www.nginx.com/. (????).

[31]

Aurojit Panda, Sangjin Han, Keon Jang, MelvinWalls, Sylvia Ratnasamy, and Scott Shenker. 2016. NetBricks: Taking the V out of NFV. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16), USENIX OSDI, Vol. 16.

Digital Library

[32]

Zvonimir Rakamarić and Michael Emmi. 2014. SMACK: Decoupling source language details from verifier implementations. In International Conference on Computer Aided Verification. Springer, 106--113.

Digital Library

[33]

Bratin Saha, Ali-Reza Adl-Tabatabai, Richard L. Hudson, Chi Cao Minh, and Benjamin Hertzberg. 2006. McRT-STM: A High Performance Software Transactional Memory System for a Multi-core Runtime. In Proceedings of the Eleventh ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP '06). New York, New York, USA, 187--197.

Digital Library

[34]

David A. Schmidt. 1998. Data Flow Analysis is Model Checking of Abstract Interpretations. In ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. San Diego, CA, USA, 38--48.

Digital Library

[35]

"servo". Servo web browser engine. http://www.servo.org. (????).

[36]

Marc Shapiro, Nuno Preguiça, Carlos Baquero, and Marek Zawirski. 2011. Conflict-free replicated data types. In Symposium on Self-Stabilizing Systems. 386--400.

Digital Library

[37]

Justine Sherry, Peter Xiang Gao, Soumya Basu, Aurojit Panda, Arvind Krishnamurthy, Christian Maciocco, Maziar Manesh, Joäo Martins, Sylvia Ratnasamy, Luigi Rizzo, et al. 2015. Rollback-recovery for middleboxes. In ACM SIGCOMM Computer Communication Review, Vol. 45. ACM, 227--240.

Digital Library

[38]

Intel Open Source.org. 2016. Storage Performance Development Kit (SPDK). https://01.org/spdk. (2016).

[39]

Kaku Takeuchi, Kohei Honda, and Makoto Kubo. 1994. An Interaction-based Language and Its Typing System. In International PARLE Conference on Parallel Architectures and Languages Europe. 398--413.

Digital Library

[40]

Mads Tofte and Jean-Pierre Talpin. 1997. Region-Based Memory Management. Information and Compuation 132, 2 (Feb. 1997), 109--176.

Digital Library

[41]

Philip Wadler. 1990. Linear types can change the world!. In IFIP TC 2 Working Conference on Programming Concepts and Methods. Sea of Galilee, Israel, 347--359.

[42]

Robert Wahbe, Steven Lucco, Thomas E. Anderson, and Susan L. Graham. 1993. Efficient Software-based Fault Isolation. In Proceedings of the Fourteenth ACM Symposium on Operating Systems Principles (SOSP '93). Asheville, North Carolina, USA, 203--216.

Digital Library

[43]

David Walker and Greg Morrisett. 2000. Alias Types for Recursive Data Structures (Extended Version). Technical Report. Ithaca, NY, USA.

Digital Library

[44]

Bennet Yee, David Sehr, Gregory Dardyk, J Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar. 2009. Native client: A sandbox for portable, untrusted x86 native code. In Security and Privacy, 2009 30th IEEE Symposium on. IEEE, 79--93.

Digital Library

[45]

Matteo Zanioli, Pietro Ferrara, and Agostino Cortesi. 2012. SAILS: Static Analysis of Information Leakage with Sample. In ACM Symposium on Applied Computing. Trento, Italy, 1308--1313.

Digital Library

Cited By

Lamba ATaylor MBeardsley VBambeck JBond MLin Z(2024)Cocoon: Static Information Flow Control in RustProceedings of the ACM on Programming Languages10.1145/36498178:OOPSLA1(166-193)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649817
Zakopal PKucera JBaum FBauer J(2024)Open-Source Internal Signal Analysis Unit for FPGA Paired With Rust Real-Time Monitor GUI2024 IEEE 21st International Power Electronics and Motion Control Conference (PEMC)10.1109/PEMC61721.2024.10726411(1-5)Online publication date: 30-Sep-2024
https://doi.org/10.1109/PEMC61721.2024.10726411
Lehmann NGeller AVazou NJhala R(2023)Flux: Liquid Types for RustProceedings of the ACM on Programming Languages10.1145/35912837:PLDI(1533-1557)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591283
Show More Cited By

Recommendations

Translating C to safer Rust

Rust is a relatively new programming language that targets efficient and safe systems-level applications. It includes a sophisticated type system that allows for provable memory- and thread-safety, and is explicitly designed to take the place of unsafe ...
How do programmers use unsafe rust?

Rust’s ownership type system enforces a strict discipline on how memory locations are accessed and shared. This discipline allows the compiler to statically prevent memory errors, data races, inadvertent side effects through aliasing, and other errors ...
System Programming in Rust: Beyond Safety
HotOS '17: Proceedings of the 16th Workshop on Hot Topics in Operating Systems

Rust is a new system programming language that offers a practical and safe alternative to C. Rust is unique in that it enforces safety without runtime overhead, most importantly, without the overhead of garbage collection. While zero-cost safety is ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGOPS Operating Systems Review

ACM SIGOPS Operating Systems Review Volume 51, Issue 1

Special Topics

August 2017

123 pages

ISSN:0163-5980

DOI:10.1145/3139645

Editors:
Mark Silberstein
Technion, Hafia, Israel
,
Christopher J. Rossbach
Stop D9500, Austin, TX

Issue’s Table of Contents

Copyright © 2017 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 September 2017

Published in SIGOPS Volume 51, Issue 1

Check for updates

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
792
Total Downloads

Downloads (Last 12 months)69
Downloads (Last 6 weeks)8

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lamba ATaylor MBeardsley VBambeck JBond MLin Z(2024)Cocoon: Static Information Flow Control in RustProceedings of the ACM on Programming Languages10.1145/36498178:OOPSLA1(166-193)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649817
Zakopal PKucera JBaum FBauer J(2024)Open-Source Internal Signal Analysis Unit for FPGA Paired With Rust Real-Time Monitor GUI2024 IEEE 21st International Power Electronics and Motion Control Conference (PEMC)10.1109/PEMC61721.2024.10726411(1-5)Online publication date: 30-Sep-2024
https://doi.org/10.1109/PEMC61721.2024.10726411
Lehmann NGeller AVazou NJhala R(2023)Flux: Liquid Types for RustProceedings of the ACM on Programming Languages10.1145/35912837:PLDI(1533-1557)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591283
Surbatovich MSpargo NJia LLucia B(2023)A Type System for Safe Intermittent ComputingProceedings of the ACM on Programming Languages10.1145/35912507:PLDI(736-760)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591250
Liu SWang Y(2023)Verified Transformation of Continuation-Passing Style into Static Single Assignment FormTheoretical Aspects of Software Engineering10.1007/978-3-031-35257-7_2(20-37)Online publication date: 27-Jun-2023
https://doi.org/10.1007/978-3-031-35257-7_2
Dorr TSchade FAhlbrecht AZaeske WMasing LDurak UBecker J(2022)A Behavior Specification and Simulation Methodology for Embedded Real-Time Software2022 IEEE/ACM 26th International Symposium on Distributed Simulation and Real Time Applications (DS-RT)10.1109/DS-RT55542.2022.9932069(151-159)Online publication date: 26-Sep-2022
https://doi.org/10.1109/DS-RT55542.2022.9932069
Liu JGuo QZhuang YZhang HZeng Y(2021)An automatic many-core code generation method and its implementation under Sunway environmentProceedings of the 2021 ACM International Conference on Intelligent Computing and its Emerging Applications10.1145/3491396.3506545(152-157)Online publication date: 28-Dec-2021
https://dl.acm.org/doi/10.1145/3491396.3506545
Surbatovich MJia LLucia BFreund SYahav E(2021)Automatically enforcing fresh and consistent inputs in intermittent systemsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454081(851-866)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454081
Pearce D(2021)A Lightweight Formalism for Reference Lifetimes and Borrowing in RustACM Transactions on Programming Languages and Systems10.1145/344342043:1(1-73)Online publication date: 17-Apr-2021
https://dl.acm.org/doi/10.1145/3443420
Papaevripides MAthanasopoulos E(2021)Exploiting Mixed BinariesACM Transactions on Privacy and Security10.1145/341889824:2(1-29)Online publication date: 2-Jan-2021
https://dl.acm.org/doi/10.1145/3418898
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents