Re: [RFC PATCH 00/11] Rust null block driver

From: Bart Van Assche
Date: Fri May 05 2023 - 15:39:02 EST

Next message: Liam R. Howlett: "[PATCH v2 29/36] maple_tree: Relocate mas_rewalk() and mas_rewalk_if_dead()"
Previous message: Jakub Kicinski: "Re: Introducing bugbot"
In reply to: Boqun Feng: "Re: [RFC PATCH 00/11] Rust null block driver"
Next in thread: Andreas Hindborg: "Re: [RFC PATCH 00/11] Rust null block driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/5/23 03:53, Miguel Ojeda wrote:

Definitely, in the end subsystems know best if there is enough time
available (from everybody) to pull it off. I only meant to say that
the security angle is not the only benefit.

For instance, like you said, the error handling, plus a bunch more
that people usually enjoy: stricter typing, more information on
signatures, sum types, pattern matching, privacy, closures, generics,
etc.

These are all great advantages of Rust.

One potential cause of memory corruption caused by block drivers is
misprogramming the DMA engine of the storage controller. This is something
no borrow checker can protect against. Only an IOMMU can protect against
the storage controller accessing memory that it shouldn't access. This is
not a criticism of Rust - I'm bringing this up because I think this is
something that is important to realize.

Bart.

Next message: Liam R. Howlett: "[PATCH v2 29/36] maple_tree: Relocate mas_rewalk() and mas_rewalk_if_dead()"
Previous message: Jakub Kicinski: "Re: Introducing bugbot"
In reply to: Boqun Feng: "Re: [RFC PATCH 00/11] Rust null block driver"
Next in thread: Andreas Hindborg: "Re: [RFC PATCH 00/11] Rust null block driver"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]