Rust 1.73 Programming Language Released: RustVMM Audit and Rewriting of Binder in Rust

Published general purpose programming language release Rust 1.74, founded by the Mozilla project, but now developed under the auspices of the independent non-profit organization Rust Foundation. The language focuses on memory safety and provides a means to achieve high task parallelism without using garbage collector And runtime (runtime boils down to basic initialization and maintenance of the standard library).

Rust’s memory management techniques free the developer from pointer manipulation errors and protect against problems that arise from low-level memory manipulation, such as after-free accesses, null pointer dereferences, buffer overruns, and the like. A package manager is being developed to distribute libraries, ensure assembly and manage dependencies by the project. Cargo. A repository is supported to host libraries crates.io.

Memory safety is enforced in Rust at compile time through reference checking, object ownership tracking, object lifetime (scoping) consideration, and memory access evaluation at runtime. Rust also provides protection against integer overflows, requires that variable values be initialized before use, has better error handling in the standard library, uses the concept of immutable references and variables by default, and offers strong static typing to minimize logical errors.

Basic innovations:

Added the ability to configure lint checks via the Cargo.toml file with the package manager manifest. To define lint settings such as response level (forbid, deny, warn, allow), proposed new sections “(lints)” and “(workspace.lints)”, changes in which are taken into account when deciding whether to rebuild. For example, instead of specifying the “-F”, “-D”, “-W” and “-A” flags when building or adding the “#!(forbid(unsafe_code))” and “#!(deny(clippy:)” attributes to the code :enum_glob_use))” can now be used in the Cargo manifest:
```
 (lints.rust) unsafe_code = "forbid" (lints.clippy) enum_glob_use = "deny"
```
In Crate package manager added the ability to authenticate when connecting to the repository. The basic distribution includes support for storing authentication parameters in Linux credential stores (based on libsecret), macOS (Keychain) and Windows (Windows Credential Manager), but the system was initially made modular and allows you to organize work with various providers for storing and generating tokens, for example, prepared plugin to use the 1Password password manager. Authentication may be required by the repository for any operation, not just to confirm that packages have been published.
```
 ~/.cargo/config.toml (registry) global-credential-providers = ("cargo:token", "cargo:libsecret")
```

Stabilized support for return type projections (impl_trait_projections), allowing Self and T::Assoc to be mentioned in return types such as “async fn” and “-› impl Trait”.

 struct Wrapper‹'a, T›(&'a T); // Opaque return types that mention `Self`: impl Wrapper‹'_, ()› { async fn async_fn() -› Self { /* ... */ } fn impl_trait() -› impl Iterator { /* ... */ } } trait Trait‹'a› { type Assoc; fn new() -> Self::Assoc; } impl Trait‹'_› for () { type Assoc = (); fn new() {} } // Opaque return types that mention an associated type: impl‹'a, T: Trait‹'a›› Wrapper‹'a, T› { async fn mk_assoc() -> T::Assoc { /* ... */ } fn a_few_assocs() -› impl Iterator‹Item = T::Assoc› { /* ... */ } }

A new portion of the API has been transferred to the stable category, including the methods and implementations of traits:
The “const” attribute, which determines the possibility of using it in any context instead of constants, is used in functions:
The compiler, toolkit, standard library, and generated application executables have increased requirements for Apple platforms, now requiring at least macOS 10.12 Sierra, iOS 10, and tvOS 10 released in 2016 to run.
The third level of support has been implemented for the i686-pc-windows-gnullvm platform. The third level involves basic support, but without automated testing, publishing official builds, or checking whether the code can be built.
The second level of support for the loongarch64-unknown-none target platform has been implemented. The second level of support involves an assembly guarantee.

Additionally, two events related to the Rust language can be noted:

The OSTIF (Open Thanks for reading Technology Improvement Fund), created to strengthen the security of open source projects, published results audit project RustVMM, which provides components for creating task-specific hypervisors and virtual machine monitors (VMMs). Companies such as Intel, Alibaba, Amazon, Google, Linaro and Red Hat are participating in the development of the project. Hypervisors Intel Cloud Hypervisor and Dragonball. The audit confirmed the high quality of the code base and the use of techniques in the architecture and implementation aimed at achieving maximum security. During the audit, 6 problems were identified that did not have a direct impact on safety.
Google Company presented on the Linux kernel developer mailing list, a new implementation of the Binder interprocess communication mechanism, nder/rust/”>rewritten in Rust language. The rework was carried out as part of a project to strengthen security, promote secure programming techniques and increase the efficiency of identifying problems when working with memory in Android (about 70% of all dangerous vulnerabilities identified in Android are caused by errors when working with memory). The implementation of Binder in Rust has achieved parity in functionality with the original version in the C language, passes all AOSP (Android Open-Thanks for reading Project) tests and can be used to create working editions of firmware. The performance of both implementations is approximately at the same level (deviations within -1.96% and +1.38%).

Thanks for reading: