|More Rust - Chrome And Servo|
|Written by Mike James|
|Wednesday, 18 January 2023|
Rust is the language we are all expecting to save us and it has just scored two more goals. The Chromium project has decided to support it and Mozilla, the original home of Rust, has a revitalized Servo project.
Rust making inroads into Linux is amazing in itself as Linus Torvalds has been a C fanatic for a very long time. As a result the only language to use for the Linux kernel was C, but now Rust is making its way in. Such modest, but important, gains are the sort of thing that sees a language thrust from the hands of the enthusiastic early adopters to the mainstream.
Now we have news that Rust has joined another "big" project - Chromium - the open source part of Chrome and Edge. The Google security blog says:
"We are pleased to announce that moving forward, the Chromium project is going to support the use of third-party Rust libraries from C++ in Chromium. To do so, we are now actively pursuing adding a production Rust toolchain to our build system. This will enable us to include Rust code in the Chrome binary within the next year. We’re starting slow and setting clear expectations on what libraries we will consider once we’re ready."
As I said at the start, Rust is what we hope will save us - but from what exactly:
Our goal in bringing Rust into Chromium is to provide a simpler (no IPC) and safer (less complex C++ overall, no memory safety bugs in a sandbox either) way to satisfy the rule of two, in order to speed up development (less code to write, less design docs, less security review) and improve the security (increasing the number of lines of code without memory safety bugs, decreasing the bug density of code) of Chrome. And we believe that we can use third-party Rust libraries to work toward this goal.
Wow... and you thought Rust was just another language. The main problem in using C or C++ is memory safety. To quote a recent blog post by the Google Android team:
"For more than a decade, memory safety vulnerabilities have consistently represented more than 65% of vulnerabilities across products, and across the industry."
The same post also reports a steady fall in such problems as memory-safe languages like Rust, Kotlin and Java take over from C/C++. Android 12 supports Rust for core development of new components. Currently there are zero memory safety vulnerabilities in Android's Rust code.
However the miracle cure is not all plain sailing. The blog post outlines some of the difficulties of having to interwork C++ and Rust code. If you allow interop in both directions you risk introducing problems. For now interop will be from C++ code calling into safe Rust code. Listing ways things could go wrong, the post suggests that tools are needed to keep things under control and so Google is investing in Cubit an experiment in how to make C++ to Rust safer.
The second piece of good news is that Servo is once again under development. In case you don't remember, Servo was intended to be a new renderer for Firefox written in Rust. The project was disbanded when Mozilla decided that paying large amounts of money to a largely unnecessary management layer was more important than creating code. It was around the same time that they handed over Rust to the general community and lost the opportunity to do even more good. A new renderer written in Rust could have been just what Firefox needed to raise its user base from the tiny percentage it now commands to something more respectable. I'd like to be able to report that the resurrection of Servo is an indication that Mozilla has regained its course, but no. The blog post says:
"We would like to share some exciting news about the Servo project. This year, thanks to new external funding, a team of developers will be actively working on Servo. The first task is to reactivate the project and the community around it, so we can attract new collaborators and sponsors for the project."
It seems that other people believe in Servo more than Mozilla. The bulk of the imitative is due to Igalia paying for four people to work on the project. Why? It seems because they believe in open source code - if only Mozilla did.
The future looks increasingly Rusty...
or email your comment to: firstname.lastname@example.org
|Last Updated ( Wednesday, 18 January 2023 )|