System Programming in Rust: Beyond Safety

Rust is a new system programming language that offers a practical and safe alternative to C. Rust is unique in that it enforces safety without runtime overhead, most importantly, without the overhead of garbage collection. While zero-cost safety is remarkable on its own, we argue that the superpowers of Rust go beyond safety. In particular, Rust's linear type system enables capabilities that cannot be implemented efficiently in traditional languages, both safe and unsafe, and that dramatically improve security and reliability of system software. We show three examples of such capabilities: zero-copy software fault isolation, efficient static information flow analysis, and automatic checkpointing. While these capabilities have been in the spotlight of systems research for a long time, their practical use is hindered by high cost and complexity. We argue that with the adoption of Rust these mechanisms will become commoditized.

[1]  Lindsay Groves,et al.  The design and implementation of clocked variables in X10 , 2013 .

[2]  Scott Shenker,et al.  NetBricks: Taking the V out of NFV , 2016, OSDI.

[3]  L. Alvisi,et al.  A Survey of Rollback-Recovery Protocols , 2002 .

[4]  Xi Wang,et al.  Software fault isolation with API integrity and multi-principal modules , 2011, SOSP.

[5]  David E. Culler,et al.  Ownership is theft: experiences building an embedded OS in rust , 2015, PLOS@SOSP.

[6]  Bennet S. Yee,et al.  Native Client: A Sandbox for Portable, Untrusted x86 Native Code , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[7]  Simon L. Peyton Jones,et al.  Composable memory transactions , 2005, CACM.

[8]  Ken Friis Larsen,et al.  Session types for Rust , 2015, WGP@ICFP.

[9]  Mads Tofte,et al.  Region-based Memory Management , 1997, Inf. Comput..

[10]  Marc Shapiro,et al.  Conflict-Free Replicated Data Types , 2011, SSS.

[11]  Robert DeLine,et al.  Enforcing high-level protocols in low-level software , 2001, PLDI '01.

[12]  David Walker,et al.  Alias Types for Recursive Data Structures (Extended Version) , 2000 .

[13]  James R. Larus,et al.  Language support for fast and reliable message-based communication in singularity OS , 2006, EuroSys.

[14]  Adrian Schüpbach,et al.  The multikernel: a new OS architecture for scalable multicore systems , 2009, SOSP '09.

[15]  Sebastian Burckhardt,et al.  Concurrent programming with revisions and isolation types , 2010, OOPSLA.

[16]  Robert DeLine,et al.  Adoption and focus: practical linear types for imperative programming , 2002, PLDI '02.

[17]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[18]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[19]  Robert Wahbe,et al.  Efficient software-based fault isolation , 1994, SOSP '93.

[20]  Philip Wadler,et al.  Linear Types can Change the World! , 1990, Programming Concepts and Methods.

[21]  Wolfgang E. Nagel,et al.  Cache Coherence Protocol and Memory Performance of the Intel Haswell-EP Architecture , 2015, 2015 44th International Conference on Parallel Processing.

[22]  Maurice Herlihy,et al.  Software transactional memory for dynamic-sized data structures , 2003, PODC '03.

[23]  Hyeontaek Lim,et al.  MICA: A Holistic Approach to Fast In-Memory Key-Value Storage , 2014, NSDI.

[24]  James Cheney,et al.  Cyclone: A Safe Dialect of C , 2002, USENIX Annual Technical Conference, General Track.

[25]  Xi Wang,et al.  Linux kernel vulnerabilities: state-of-the-art defenses and open problems , 2011, APSys.

[26]  David Walker,et al.  Alias Types for Recursive Data Structures , 2000, Types in Compilation.

[27]  Martín Abadi,et al.  XFI: software guards for system address spaces , 2006, OSDI '06.

[28]  Scott Shenker,et al.  Rollback-Recovery for Middleboxes , 2015, Comput. Commun. Rev..

[29]  Michael Golm,et al.  The JX Operating System , 2002, USENIX Annual Technical Conference, General Track.

[30]  David A. Schmidt Data flow analysis is model checking of abstract interpretations , 1998, POPL '98.

[31]  Kohei Honda,et al.  An Interaction-based Language and its Typing System , 1994, PARLE.

[32]  Carlo Contavalli,et al.  Maglev: A Fast and Reliable Software Network Load Balancer , 2016, NSDI.

[33]  Agostino Cortesi,et al.  SAILS: static analysis of information leakage with sample , 2012, SAC '12.

[34]  Zvonimir Rakamaric,et al.  SMACK: Decoupling Source Language Details from Verifier Implementations , 2014, CAV.

[35]  Bratin Saha,et al.  McRT-STM: a high performance software transactional memory system for a multi-core runtime , 2006, PPoPP '06.