The Case For Writing A Kernel In Rust

Decades of research has attempted to add safety mechanisms to operating system kernels, but this effort has failed in most practical systems. In particular, solutions that sacrifice performance have been generally avoided. However, isolation techniques in modern languages can provide safety while avoiding performance issues. Moreover, utilizing a type-safe language with no garbage collector or other runtime services avoids what would otherwise be some of the largest sections of trusted code base. We report on our experiences in writing a resource efficient embedded kernel in Rust, finding that only a small set of unsafe abstractions are necessary in order to form common kernel building blocks. Further, we argue that Rusts choice to avoid runtime memory management by using a linear type system will enable the next generation of safe operating systems.