SlideShare a Scribd company logo

Is it time to rewrite the operating system in Rust?

B
bcantrill

Talk given at QConSF in 2018. Video to come.

Software
1 of 23
Download to read offline
Is it time to rewrite the operating system in Rust? CTO bryan@joyent.com Bryan Cantrill @bcantrill
Spoiler alert
What even is the operating system? • The operating system is harder to define than it might seem… • For every definition, it can be easy to come up with exceptions • At minimum: the operating system is the program that abstracts hardware to allow execution of other programs • The operating system defines the liveness of the machine: without it, no program can run • The operating system software that runs with the highest level of architectural privilege is the operating system kernel • …but the kernel is not the entire operating system!
Operating system implementation history • Historically, operating systems — née “executives” — were written entirely in assembly • Starting with the Burroughs B5000 MCP in 1961, operating systems started to be written in higher level languages… • In 1964, when Project MAC at MIT sought to build a successor to their Compatible Timesharing System (CTSS), they selected the language (PL/I) before writing any code (!) • But PL/I had no functioning compiler — and wouldn’t until 1966
PL/I in Multics • The decision to use PL/I in Multics was seen by its creators as a great strength, even when reflecting back in 1971:
 
 
 
 
 
 
 • …but that the compiler was unavailable for so long (and when was available, performed poorly) was a nearly-fatal weakness Source: “Multics: The first seven years,” Corbato et al.
The birth of Unix • Bell Labs pulled out of the Multics project in 1969 • A researcher formerly on the Multics effort, Ken Thompson, implemented a new operating system for the PDP-7 • The system was later ported to the PDP-11/20, where it was named Unix — a play on “eunuchs” and a contrast to the top- down complexity of Multics • Unix was implemented entirely in assembly!
Unix and high-level languages • The interpreted language B (a BCPL derivative), was present in Unix, but only used for auxiliary functionality, e.g. the assembler and an early version of dc(1) • Some of the B that was in use in Unix was replaced with assembly for reasons of performance! • Dennis Ritchie and Thompson developed a B-inspired language focused on better abstracting the machine, naming it “C” • Perhaps contrary to myth, C and Unix were not born at the same instant — they are siblings, not twins!
The C revolution • C is rightfully called “portable assembly”: it is designed to closely match the abstraction of the machine itself • C features memory addressability at its core • Unlike PL/I, C grew as concrete needs arose • e.g., C organically adopted important facilities like macro processing through the C preprocessor • Standardization efforts came late and were contentious: C remains infamous for its undefined behaviors
Operating systems in the 1980s • As the minimal abstraction above the machine, C — despite its blemishes — proved to be an excellent fit for operating systems implementation • With few exceptions, operating systems — Unix or otherwise — were implemented in C throughout the 1980s • Other systems existed as research systems, but struggled to offer comparable performance to C-based systems
Operating systems in the 1990s • In the 1990s, object oriented programming came into vogue, with languages like C++ and Java • By the mid-1990s, C-based systems were thought to be relics • …but the systems putatively replacing them were rewrites — and suffered from rampant Second System Syndrome • They were infamously late (e.g. Apple’s Copland), infamously slow (e.g. Sun’s Spring), or both (Taligent’s Pink) • Java-based operating systems like Sun’s JavaOS fared no better; hard to interact with hardware without unsigned types!
Operating systems in the 2000s • With the arrival of Linux, Unix enjoyed a resurgence — and
 C-based operating systems became deeply entrenched • With only a few exceptions (e.g., Haiku), serious attempts at
 C++-based kernels withered • At the same time, non-Java/non-C++ languages blossomed: first Ruby, and then Python and JavaScript • These languages were focused on ease of development rather than performance — and there appears to be no serious effort to implement an operating system in any of these
Systems software in the 2010s • Systems programmers began pining for something different: the performance of C, but with more powerful constructs as enjoyed in other languages • High-performance JavaScript runtimes allowed for a surprising use in node.js — but otherwise left much to be desired • Bell Labs refugees at Google developed Go, which solves some problems, but with many idiosyncrasies • Go, JavaScript and others are garbage collected, making interacting with C either impossible or excruciatingly slow
Rust? • Rust is a systems software programming language designed around safety, parallelism, and speed • Rust has a novel system of ownership, whereby it can statically determine when a memory object is no longer in use • This allows for the power of a garbage-collected language, but with the performance of manual memory management • This is important because — unlike C — Rust is highly composable, allowing for more sophisticated (and higher performing!) primitives
Rust performance (my experience) Source: http://dtrace.org/blogs/bmc/2018/09/28/the-relative-performance-of-c-and-rust/
Rust: Beyond ownership • Rust has a number of other features that make it highly compelling for systems software implementation: • Algebraic types allow robust, concise error handling • Hygienic macros allow for safe syntax extensions • Foreign function interface allows for full-duplex integration with C without sacrificing performance • “unsafe” keyword allows for some safety guarantees to be surgically overruled (though with obvious peril) • Also: terrific community, thriving ecosystem, etc.
Operating systems in Rust? • If the history of operating systems implementation teaches us anything, it’s that runtime characteristics trump development challenges! • Structured languages (broadly) replaced assembly because they performed as well • Viz., every operating system retains some assembly for reasons of performance! • With its focus on performance and zero-cost abstractions, Rust does represent a real, new candidate programming language for operating systems implementation
Operating systems in Rust: A first attempt • First attempt at an operating system kernel in Rust seems to be Alex Light’s Reenix, ca. 2015: a re-implementation of a teaching operating system in Rust as an undergrad thesis • Biggest challenge in Reenix was that Rust forbids an application from handling allocation failure • The addition of a global allocator API has improved this in that now a C-based system can at least handle pressure… • …but dealing with memory allocation failure is still very much an unsettled area for Rust (see Rust RFC 2116)
Operating systems in Rust since 2015 • Since Reenix’s first efforts, there have been quite a few small systems in Rust, e.g.: Redox, Tifflin, Tock, intermezzOS, RustOS/QuiltOS, Rux, and Philipp Oppermann’s Blog OS • Some of these are teaching systems (intermezzOS, Blog OS), some are unikernels (QuiltOS) and/or targeted at IoT (Tock) • These systems are all de novo, which represents its own challenges, e.g. forsaking binary compatibility with Linux and fighting Second System Syndrome
Operating systems in Rust: The challenges • While Rust’s advantages are themselves clear, it’s less clear what the advantage is when replacing otherwise working code • For in-kernel code in particular, the safety argument for Rust carries less weight: in-kernel C tends to be de facto safe • Rust does, however, presents new challenges for kernel development, esp. with respect to multiply-owned structures • An OS kernel — despite its historic appeal and superficial fit for Rust — may represent more challenge than its worth • But what of hybrid approaches?
Hybrid approach I: Rust in-kernel components • One appeal of Rust is its ability to interoperate with C • One hybrid approach to explore would be to retain a
 C-/assembly-based kernel while allowing for Rust-based
 in-kernel components like device drivers and filesystems • This would allow for an incremental approach — and instead of rewriting, Rust can be used for new development • There is a prototype example of this in FreeBSD; others are presumably possible
Hybrid approach II: Rust OS components • An operating system is not just a kernel! • Operating systems have significant functionality at user-level: utilities, daemons, service-/device-/fault- management facilities, debuggers, etc. • If anything, the definition of the OS is expanding to distributed system that represents a multi-computer control plane — that itself includes many components • These components are much more prone to run-time failure! • Many of these are an excellent candidate for Rust!
Hybrid approach III: Rust-based firmware • Below the operating system lurks hardware-facing special- purpose software: firmware • Firmware is a sewer of unobservable software with a long history of infamous quality problems • Firmware has some of the same challenges as kernel development (e.g., dealing with allocation failures), but may otherwise be more amenable to Rust • This is especially true when/where firmware is in user-space and is network-facing! (e.g., OpenBMC)
Looking forward: Systems software in Rust • Rust represents something that we haven’t seen in a long time: a modern language that represents an alternative throughout the stack of software abstraction • Despite the interest in operating system kernel implementation, that might not be a good first fit for Rust • Rust allows hybrid approaches, allowing for productive kernel incrementalism rather than whole-system rewrites • Firmware and user-level operating system software are two very promising candidates for implementation in Rust!

Recommended

Cross Data Center Replication with Redis using Redis Enterprise
Cross Data Center Replication with Redis using Redis EnterpriseCross Data Center Replication with Redis using Redis Enterprise
Cross Data Center Replication with Redis using Redis EnterpriseCihan Biyikoglu
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...Tori Wieldt
 
SRE 101
SRE 101SRE 101
SRE 101Diego Pacheco
 
Microservices Workshop - Craft Conference
Microservices Workshop - Craft ConferenceMicroservices Workshop - Craft Conference
Microservices Workshop - Craft ConferenceAdrian Cockcroft
 
Continuous Testing Landscape.pptx
Continuous Testing Landscape.pptxContinuous Testing Landscape.pptx
Continuous Testing Landscape.pptxMarc Hornbeek
 
Value stream management is essential for dev ops v4
Value stream management is essential for dev ops v4Value stream management is essential for dev ops v4
Value stream management is essential for dev ops v4DevOps.com
 
Managed service provider
Managed service providerManaged service provider
Managed service providerElena Benson
 
Mashing Up DevOps with Cloud Computing
Mashing Up DevOps with Cloud ComputingMashing Up DevOps with Cloud Computing
Mashing Up DevOps with Cloud ComputingDavid Linthicum
 

Recommended

Cross Data Center Replication with Redis using Redis Enterprise
Cross Data Center Replication with Redis using Redis EnterpriseCross Data Center Replication with Redis using Redis Enterprise
Cross Data Center Replication with Redis using Redis EnterpriseCihan Biyikoglu
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...Tori Wieldt
 
SRE 101
SRE 101SRE 101
SRE 101Diego Pacheco
 
Microservices Workshop - Craft Conference
Microservices Workshop - Craft ConferenceMicroservices Workshop - Craft Conference
Microservices Workshop - Craft ConferenceAdrian Cockcroft
 
Continuous Testing Landscape.pptx
Continuous Testing Landscape.pptxContinuous Testing Landscape.pptx
Continuous Testing Landscape.pptxMarc Hornbeek
 
Value stream management is essential for dev ops v4
Value stream management is essential for dev ops v4Value stream management is essential for dev ops v4
Value stream management is essential for dev ops v4DevOps.com
 
Managed service provider
Managed service providerManaged service provider
Managed service providerElena Benson
 
Mashing Up DevOps with Cloud Computing
Mashing Up DevOps with Cloud ComputingMashing Up DevOps with Cloud Computing
Mashing Up DevOps with Cloud ComputingDavid Linthicum
 
Modern Data Flow
Modern Data FlowModern Data Flow
Modern Data Flowconfluent
 
A microservice approach for legacy modernisation
A microservice approach for legacy modernisationA microservice approach for legacy modernisation
A microservice approach for legacy modernisationluisw19
 
What is Application Performance Management?
What is Application Performance Management?What is Application Performance Management?
What is Application Performance Management?CA Technologies
 
Pros and Cons of a MicroServices Architecture talk at AWS ReInvent
Pros and Cons of a MicroServices Architecture talk at AWS ReInventPros and Cons of a MicroServices Architecture talk at AWS ReInvent
Pros and Cons of a MicroServices Architecture talk at AWS ReInventSudhir Tonse
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesAraf Karsh Hamid
 
ELK Stack
ELK StackELK Stack
ELK StackPhuc Nguyen
 
The Case for Chaos
The Case for ChaosThe Case for Chaos
The Case for ChaosBruce Wong
 
A Rails performance guidebook: from 0 to 1B requests/day
A Rails performance guidebook: from 0 to 1B requests/dayA Rails performance guidebook: from 0 to 1B requests/day
A Rails performance guidebook: from 0 to 1B requests/dayCristian González
 
Service now grc_strategy for growth
Service now grc_strategy for growthService now grc_strategy for growth
Service now grc_strategy for growthSubrat Kumar Dash
 
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaSite Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaKeet Sugathadasa
 
Alfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en españolAlfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en españolToni de la Fuente
 
The Paved Road at Netflix
The Paved Road at NetflixThe Paved Road at Netflix
The Paved Road at NetflixDianne Marsh
 
Loom Virtual Threads in the JDK 19
Loom Virtual Threads in the JDK 19Loom Virtual Threads in the JDK 19
Loom Virtual Threads in the JDK 19José Paumard
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudEberhard Wolff
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to MicroservicesRoger van de Kimmenade
 
Hybrid integration reference architecture
Hybrid integration reference architectureHybrid integration reference architecture
Hybrid integration reference architectureKim Clark
 
Continuous Delivery
Continuous DeliveryContinuous Delivery
Continuous DeliveryJez Humble
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SREAraf Karsh Hamid
 
Business analyst interview questions and answers
Business analyst interview questions and answersBusiness analyst interview questions and answers
Business analyst interview questions and answersRobin G
 
The Art of Scalability - Managing growth
The Art of Scalability - Managing growthThe Art of Scalability - Managing growth
The Art of Scalability - Managing growthLorenzo Alberton
 
Operating Systems As a Product
Operating Systems As a ProductOperating Systems As a Product
Operating Systems As a ProductHarshit Srivastava
 
Linux forensics
Linux forensicsLinux forensics
Linux forensicsSantosh Khadsare
 

More Related Content

What's hot

Modern Data Flow
Modern Data FlowModern Data Flow
Modern Data Flowconfluent
 
A microservice approach for legacy modernisation
A microservice approach for legacy modernisationA microservice approach for legacy modernisation
A microservice approach for legacy modernisationluisw19
 
What is Application Performance Management?
What is Application Performance Management?What is Application Performance Management?
What is Application Performance Management?CA Technologies
 
Pros and Cons of a MicroServices Architecture talk at AWS ReInvent
Pros and Cons of a MicroServices Architecture talk at AWS ReInventPros and Cons of a MicroServices Architecture talk at AWS ReInvent
Pros and Cons of a MicroServices Architecture talk at AWS ReInventSudhir Tonse
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesAraf Karsh Hamid
 
The Case for Chaos
The Case for ChaosThe Case for Chaos
The Case for ChaosBruce Wong
 
A Rails performance guidebook: from 0 to 1B requests/day
A Rails performance guidebook: from 0 to 1B requests/dayA Rails performance guidebook: from 0 to 1B requests/day
A Rails performance guidebook: from 0 to 1B requests/dayCristian González
 
Service now grc_strategy for growth
Service now grc_strategy for growthService now grc_strategy for growth
Service now grc_strategy for growthSubrat Kumar Dash
 
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaSite Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaKeet Sugathadasa
 
Alfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en españolAlfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en españolToni de la Fuente
 
The Paved Road at Netflix
The Paved Road at NetflixThe Paved Road at Netflix
The Paved Road at NetflixDianne Marsh
 
Loom Virtual Threads in the JDK 19
Loom Virtual Threads in the JDK 19Loom Virtual Threads in the JDK 19
Loom Virtual Threads in the JDK 19José Paumard
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudEberhard Wolff
 
Hybrid integration reference architecture
Hybrid integration reference architectureHybrid integration reference architecture
Hybrid integration reference architectureKim Clark
 
Continuous Delivery
Continuous DeliveryContinuous Delivery
Continuous DeliveryJez Humble
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SREAraf Karsh Hamid
 
Business analyst interview questions and answers
Business analyst interview questions and answersBusiness analyst interview questions and answers
Business analyst interview questions and answersRobin G
 
The Art of Scalability - Managing growth
The Art of Scalability - Managing growthThe Art of Scalability - Managing growth
The Art of Scalability - Managing growthLorenzo Alberton
 

What's hot (20)

Modern Data Flow
Modern Data FlowModern Data Flow
Modern Data Flow
 
A microservice approach for legacy modernisation
A microservice approach for legacy modernisationA microservice approach for legacy modernisation
A microservice approach for legacy modernisation
 
What is Application Performance Management?
What is Application Performance Management?What is Application Performance Management?
What is Application Performance Management?
 
Pros and Cons of a MicroServices Architecture talk at AWS ReInvent
Pros and Cons of a MicroServices Architecture talk at AWS ReInventPros and Cons of a MicroServices Architecture talk at AWS ReInvent
Pros and Cons of a MicroServices Architecture talk at AWS ReInvent
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing Strategies
 
ELK Stack
ELK StackELK Stack
ELK Stack
 
The Case for Chaos
The Case for ChaosThe Case for Chaos
The Case for Chaos
 
A Rails performance guidebook: from 0 to 1B requests/day
A Rails performance guidebook: from 0 to 1B requests/dayA Rails performance guidebook: from 0 to 1B requests/day
A Rails performance guidebook: from 0 to 1B requests/day
 
Service now grc_strategy for growth
Service now grc_strategy for growthService now grc_strategy for growth
Service now grc_strategy for growth
 
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaSite Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
 
Alfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en españolAlfresco y SOLR, presentación en español
Alfresco y SOLR, presentación en español
 
The Paved Road at Netflix
The Paved Road at NetflixThe Paved Road at Netflix
The Paved Road at Netflix
 
Loom Virtual Threads in the JDK 19
Loom Virtual Threads in the JDK 19Loom Virtual Threads in the JDK 19
Loom Virtual Threads in the JDK 19
 
Microservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring CloudMicroservices with Java, Spring Boot and Spring Cloud
Microservices with Java, Spring Boot and Spring Cloud
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
 
Hybrid integration reference architecture
Hybrid integration reference architectureHybrid integration reference architecture
Hybrid integration reference architecture
 
Continuous Delivery
Continuous DeliveryContinuous Delivery
Continuous Delivery
 
Microservices, DevOps & SRE
Microservices, DevOps & SREMicroservices, DevOps & SRE
Microservices, DevOps & SRE
 
Business analyst interview questions and answers
Business analyst interview questions and answersBusiness analyst interview questions and answers
Business analyst interview questions and answers
 
The Art of Scalability - Managing growth
The Art of Scalability - Managing growthThe Art of Scalability - Managing growth
The Art of Scalability - Managing growth
 

Similar to Is it time to rewrite the operating system in Rust?

Operating Systems As a Product
Operating Systems As a ProductOperating Systems As a Product
Operating Systems As a ProductHarshit Srivastava
 
Introducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsIntroducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsAnant Narayanan
 
Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...Hakka Labs
 
Introduction about linux
Introduction about linuxIntroduction about linux
Introduction about linuxABHISHEK KUMAR
 
Presentation on o s for bca iv
Presentation on o s for bca ivPresentation on o s for bca iv
Presentation on o s for bca ivAjit Singh
 
Unix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell LabsUnix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell LabsAnant Narayanan
 
Unix lecture1
Unix lecture1Unix lecture1
Unix lecture1dolleyj
 
introduction.pdf
introduction.pdfintroduction.pdf
introduction.pdfxiso
 
2015 bioinformatics python_introduction_wim_vancriekinge_vfinal
2015 bioinformatics python_introduction_wim_vancriekinge_vfinal2015 bioinformatics python_introduction_wim_vancriekinge_vfinal
2015 bioinformatics python_introduction_wim_vancriekinge_vfinalProf. Wim Van Criekinge
 
Topic_2_Introduction_to_Unix.pptx
Topic_2_Introduction_to_Unix.pptxTopic_2_Introduction_to_Unix.pptx
Topic_2_Introduction_to_Unix.pptxdulala3
 
Linux [2005]
Linux [2005]Linux [2005]
Linux [2005]Raul Soto
 
Introduction to Linux
Introduction to LinuxIntroduction to Linux
Introduction to Linuxsureskal
 

Similar to Is it time to rewrite the operating system in Rust? (20)

Operating Systems As a Product
Operating Systems As a ProductOperating Systems As a Product
Operating Systems As a Product
 
Linux forensics
Linux forensicsLinux forensics
Linux forensics
 
Introducing Plan9 from Bell Labs
Introducing Plan9 from Bell LabsIntroducing Plan9 from Bell Labs
Introducing Plan9 from Bell Labs
 
Linux basics
Linux basicsLinux basics
Linux basics
 
Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...
 
Plan 9: Not (Only) A Better UNIX
Plan 9: Not (Only) A Better UNIXPlan 9: Not (Only) A Better UNIX
Plan 9: Not (Only) A Better UNIX
 
Introduction about linux
Introduction about linuxIntroduction about linux
Introduction about linux
 
Presentation on o s for bca iv
Presentation on o s for bca ivPresentation on o s for bca iv
Presentation on o s for bca iv
 
Os concepts
Os conceptsOs concepts
Os concepts
 
Unix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell LabsUnix++: Plan 9 from Bell Labs
Unix++: Plan 9 from Bell Labs
 
Unix lecture1
Unix lecture1Unix lecture1
Unix lecture1
 
Ch1-Unix.pptx
Ch1-Unix.pptxCh1-Unix.pptx
Ch1-Unix.pptx
 
introduction.pdf
introduction.pdfintroduction.pdf
introduction.pdf
 
Linux
LinuxLinux
Linux
 
2015 bioinformatics python_introduction_wim_vancriekinge_vfinal
2015 bioinformatics python_introduction_wim_vancriekinge_vfinal2015 bioinformatics python_introduction_wim_vancriekinge_vfinal
2015 bioinformatics python_introduction_wim_vancriekinge_vfinal
 
RTOS [Autosaved].pptx
RTOS [Autosaved].pptxRTOS [Autosaved].pptx
RTOS [Autosaved].pptx
 
os_1.pdf
os_1.pdfos_1.pdf
os_1.pdf
 
Topic_2_Introduction_to_Unix.pptx
Topic_2_Introduction_to_Unix.pptxTopic_2_Introduction_to_Unix.pptx
Topic_2_Introduction_to_Unix.pptx
 
Linux [2005]
Linux [2005]Linux [2005]
Linux [2005]
 
Introduction to Linux
Introduction to LinuxIntroduction to Linux
Introduction to Linux
 

More from bcantrill

Predicting the Present
Predicting the PresentPredicting the Present
Predicting the Presentbcantrill
 
Sharpening the Axe: The Primacy of Toolmaking
Sharpening the Axe: The Primacy of ToolmakingSharpening the Axe: The Primacy of Toolmaking
Sharpening the Axe: The Primacy of Toolmakingbcantrill
 
Coming of Age: Developing young technologists without robbing them of their y...
Coming of Age: Developing young technologists without robbing them of their y...Coming of Age: Developing young technologists without robbing them of their y...
Coming of Age: Developing young technologists without robbing them of their y...bcantrill
 
I have come to bury the BIOS, not to open it: The need for holistic systems
I have come to bury the BIOS, not to open it: The need for holistic systemsI have come to bury the BIOS, not to open it: The need for holistic systems
I have come to bury the BIOS, not to open it: The need for holistic systemsbcantrill
 
Towards Holistic Systems
Towards Holistic SystemsTowards Holistic Systems
Towards Holistic Systemsbcantrill
 
The Coming Firmware Revolution
The Coming Firmware RevolutionThe Coming Firmware Revolution
The Coming Firmware Revolutionbcantrill
 
Hardware/software Co-design: The Coming Golden Age
Hardware/software Co-design: The Coming Golden AgeHardware/software Co-design: The Coming Golden Age
Hardware/software Co-design: The Coming Golden Agebcantrill
 
Tockilator: Deducing Tock execution flows from Ibex Verilator traces
Tockilator: Deducing Tock execution flows from Ibex Verilator tracesTockilator: Deducing Tock execution flows from Ibex Verilator traces
Tockilator: Deducing Tock execution flows from Ibex Verilator tracesbcantrill
 
No Moore Left to Give: Enterprise Computing After Moore's Law
No Moore Left to Give: Enterprise Computing After Moore's LawNo Moore Left to Give: Enterprise Computing After Moore's Law
No Moore Left to Give: Enterprise Computing After Moore's Lawbcantrill
 
Andreessen's Corollary: Ethical Dilemmas in Software Engineering
Andreessen's Corollary: Ethical Dilemmas in Software EngineeringAndreessen's Corollary: Ethical Dilemmas in Software Engineering
Andreessen's Corollary: Ethical Dilemmas in Software Engineeringbcantrill
 
Visualizing Systems with Statemaps
Visualizing Systems with StatemapsVisualizing Systems with Statemaps
Visualizing Systems with Statemapsbcantrill
 
Platform values, Rust, and the implications for system software
Platform values, Rust, and the implications for system softwarePlatform values, Rust, and the implications for system software
Platform values, Rust, and the implications for system softwarebcantrill
 
dtrace.conf(16): DTrace state of the union
dtrace.conf(16): DTrace state of the uniondtrace.conf(16): DTrace state of the union
dtrace.conf(16): DTrace state of the unionbcantrill
 
The Hurricane's Butterfly: Debugging pathologically performing systems
The Hurricane's Butterfly: Debugging pathologically performing systemsThe Hurricane's Butterfly: Debugging pathologically performing systems
The Hurricane's Butterfly: Debugging pathologically performing systemsbcantrill
 
Papers We Love: ARC after dark
Papers We Love: ARC after darkPapers We Love: ARC after dark
Papers We Love: ARC after darkbcantrill
 
Principles of Technology Leadership
Principles of Technology LeadershipPrinciples of Technology Leadership
Principles of Technology Leadershipbcantrill
 
Zebras all the way down: The engineering challenges of the data path
Zebras all the way down: The engineering challenges of the data pathZebras all the way down: The engineering challenges of the data path
Zebras all the way down: The engineering challenges of the data pathbcantrill
 
Platform as reflection of values: Joyent, node.js, and beyond
Platform as reflection of values: Joyent, node.js, and beyondPlatform as reflection of values: Joyent, node.js, and beyond
Platform as reflection of values: Joyent, node.js, and beyondbcantrill
 
Debugging under fire: Keeping your head when systems have lost their mind
Debugging under fire: Keeping your head when systems have lost their mindDebugging under fire: Keeping your head when systems have lost their mind
Debugging under fire: Keeping your head when systems have lost their mindbcantrill
 
Down Memory Lane: Two Decades with the Slab Allocator
Down Memory Lane: Two Decades with the Slab AllocatorDown Memory Lane: Two Decades with the Slab Allocator
Down Memory Lane: Two Decades with the Slab Allocatorbcantrill
 

More from bcantrill (20)

Predicting the Present
Predicting the PresentPredicting the Present
Predicting the Present
 
Sharpening the Axe: The Primacy of Toolmaking
Sharpening the Axe: The Primacy of ToolmakingSharpening the Axe: The Primacy of Toolmaking
Sharpening the Axe: The Primacy of Toolmaking
 
Coming of Age: Developing young technologists without robbing them of their y...
Coming of Age: Developing young technologists without robbing them of their y...Coming of Age: Developing young technologists without robbing them of their y...
Coming of Age: Developing young technologists without robbing them of their y...
 
I have come to bury the BIOS, not to open it: The need for holistic systems
I have come to bury the BIOS, not to open it: The need for holistic systemsI have come to bury the BIOS, not to open it: The need for holistic systems
I have come to bury the BIOS, not to open it: The need for holistic systems
 
Towards Holistic Systems
Towards Holistic SystemsTowards Holistic Systems
Towards Holistic Systems
 
The Coming Firmware Revolution
The Coming Firmware RevolutionThe Coming Firmware Revolution
The Coming Firmware Revolution
 
Hardware/software Co-design: The Coming Golden Age
Hardware/software Co-design: The Coming Golden AgeHardware/software Co-design: The Coming Golden Age
Hardware/software Co-design: The Coming Golden Age
 
Tockilator: Deducing Tock execution flows from Ibex Verilator traces
Tockilator: Deducing Tock execution flows from Ibex Verilator tracesTockilator: Deducing Tock execution flows from Ibex Verilator traces
Tockilator: Deducing Tock execution flows from Ibex Verilator traces
 
No Moore Left to Give: Enterprise Computing After Moore's Law
No Moore Left to Give: Enterprise Computing After Moore's LawNo Moore Left to Give: Enterprise Computing After Moore's Law
No Moore Left to Give: Enterprise Computing After Moore's Law
 
Andreessen's Corollary: Ethical Dilemmas in Software Engineering
Andreessen's Corollary: Ethical Dilemmas in Software EngineeringAndreessen's Corollary: Ethical Dilemmas in Software Engineering
Andreessen's Corollary: Ethical Dilemmas in Software Engineering
 
Visualizing Systems with Statemaps
Visualizing Systems with StatemapsVisualizing Systems with Statemaps
Visualizing Systems with Statemaps
 
Platform values, Rust, and the implications for system software
Platform values, Rust, and the implications for system softwarePlatform values, Rust, and the implications for system software
Platform values, Rust, and the implications for system software
 
dtrace.conf(16): DTrace state of the union
dtrace.conf(16): DTrace state of the uniondtrace.conf(16): DTrace state of the union
dtrace.conf(16): DTrace state of the union
 
The Hurricane's Butterfly: Debugging pathologically performing systems
The Hurricane's Butterfly: Debugging pathologically performing systemsThe Hurricane's Butterfly: Debugging pathologically performing systems
The Hurricane's Butterfly: Debugging pathologically performing systems
 
Papers We Love: ARC after dark
Papers We Love: ARC after darkPapers We Love: ARC after dark
Papers We Love: ARC after dark
 
Principles of Technology Leadership
Principles of Technology LeadershipPrinciples of Technology Leadership
Principles of Technology Leadership
 
Zebras all the way down: The engineering challenges of the data path
Zebras all the way down: The engineering challenges of the data pathZebras all the way down: The engineering challenges of the data path
Zebras all the way down: The engineering challenges of the data path
 
Platform as reflection of values: Joyent, node.js, and beyond
Platform as reflection of values: Joyent, node.js, and beyondPlatform as reflection of values: Joyent, node.js, and beyond
Platform as reflection of values: Joyent, node.js, and beyond
 
Debugging under fire: Keeping your head when systems have lost their mind
Debugging under fire: Keeping your head when systems have lost their mindDebugging under fire: Keeping your head when systems have lost their mind
Debugging under fire: Keeping your head when systems have lost their mind
 
Down Memory Lane: Two Decades with the Slab Allocator
Down Memory Lane: Two Decades with the Slab AllocatorDown Memory Lane: Two Decades with the Slab Allocator
Down Memory Lane: Two Decades with the Slab Allocator
 

Recently uploaded

Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Hr365.us smith
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....kzayra69
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 

Recently uploaded (20)

Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Advantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your BusinessAdvantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your Business
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)Recruitment Management Software Benefits (Infographic)
Recruitment Management Software Benefits (Infographic)
 
What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....What are the key points to focus on before starting to learn ETL Development....
What are the key points to focus on before starting to learn ETL Development....
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 

Is it time to rewrite the operating system in Rust?

  • 1. Is it time to rewrite the operating system in Rust? CTO bryan@joyent.com Bryan Cantrill @bcantrill
  • 3. What even is the operating system? • The operating system is harder to define than it might seem… • For every definition, it can be easy to come up with exceptions • At minimum: the operating system is the program that abstracts hardware to allow execution of other programs • The operating system defines the liveness of the machine: without it, no program can run • The operating system software that runs with the highest level of architectural privilege is the operating system kernel • …but the kernel is not the entire operating system!
  • 4. Operating system implementation history • Historically, operating systems — née “executives” — were written entirely in assembly • Starting with the Burroughs B5000 MCP in 1961, operating systems started to be written in higher level languages… • In 1964, when Project MAC at MIT sought to build a successor to their Compatible Timesharing System (CTSS), they selected the language (PL/I) before writing any code (!) • But PL/I had no functioning compiler — and wouldn’t until 1966
  • 5. PL/I in Multics • The decision to use PL/I in Multics was seen by its creators as a great strength, even when reflecting back in 1971:
 
 
 
 
 
 
 • …but that the compiler was unavailable for so long (and when was available, performed poorly) was a nearly-fatal weakness Source: “Multics: The first seven years,” Corbato et al.
  • 6. The birth of Unix • Bell Labs pulled out of the Multics project in 1969 • A researcher formerly on the Multics effort, Ken Thompson, implemented a new operating system for the PDP-7 • The system was later ported to the PDP-11/20, where it was named Unix — a play on “eunuchs” and a contrast to the top- down complexity of Multics • Unix was implemented entirely in assembly!
  • 7. Unix and high-level languages • The interpreted language B (a BCPL derivative), was present in Unix, but only used for auxiliary functionality, e.g. the assembler and an early version of dc(1) • Some of the B that was in use in Unix was replaced with assembly for reasons of performance! • Dennis Ritchie and Thompson developed a B-inspired language focused on better abstracting the machine, naming it “C” • Perhaps contrary to myth, C and Unix were not born at the same instant — they are siblings, not twins!
  • 8. The C revolution • C is rightfully called “portable assembly”: it is designed to closely match the abstraction of the machine itself • C features memory addressability at its core • Unlike PL/I, C grew as concrete needs arose • e.g., C organically adopted important facilities like macro processing through the C preprocessor • Standardization efforts came late and were contentious: C remains infamous for its undefined behaviors
  • 9. Operating systems in the 1980s • As the minimal abstraction above the machine, C — despite its blemishes — proved to be an excellent fit for operating systems implementation • With few exceptions, operating systems — Unix or otherwise — were implemented in C throughout the 1980s • Other systems existed as research systems, but struggled to offer comparable performance to C-based systems
  • 10. Operating systems in the 1990s • In the 1990s, object oriented programming came into vogue, with languages like C++ and Java • By the mid-1990s, C-based systems were thought to be relics • …but the systems putatively replacing them were rewrites — and suffered from rampant Second System Syndrome • They were infamously late (e.g. Apple’s Copland), infamously slow (e.g. Sun’s Spring), or both (Taligent’s Pink) • Java-based operating systems like Sun’s JavaOS fared no better; hard to interact with hardware without unsigned types!
  • 11. Operating systems in the 2000s • With the arrival of Linux, Unix enjoyed a resurgence — and
 C-based operating systems became deeply entrenched • With only a few exceptions (e.g., Haiku), serious attempts at
 C++-based kernels withered • At the same time, non-Java/non-C++ languages blossomed: first Ruby, and then Python and JavaScript • These languages were focused on ease of development rather than performance — and there appears to be no serious effort to implement an operating system in any of these
  • 12. Systems software in the 2010s • Systems programmers began pining for something different: the performance of C, but with more powerful constructs as enjoyed in other languages • High-performance JavaScript runtimes allowed for a surprising use in node.js — but otherwise left much to be desired • Bell Labs refugees at Google developed Go, which solves some problems, but with many idiosyncrasies • Go, JavaScript and others are garbage collected, making interacting with C either impossible or excruciatingly slow
  • 13. Rust? • Rust is a systems software programming language designed around safety, parallelism, and speed • Rust has a novel system of ownership, whereby it can statically determine when a memory object is no longer in use • This allows for the power of a garbage-collected language, but with the performance of manual memory management • This is important because — unlike C — Rust is highly composable, allowing for more sophisticated (and higher performing!) primitives
  • 14. Rust performance (my experience) Source: http://dtrace.org/blogs/bmc/2018/09/28/the-relative-performance-of-c-and-rust/
  • 15. Rust: Beyond ownership • Rust has a number of other features that make it highly compelling for systems software implementation: • Algebraic types allow robust, concise error handling • Hygienic macros allow for safe syntax extensions • Foreign function interface allows for full-duplex integration with C without sacrificing performance • “unsafe” keyword allows for some safety guarantees to be surgically overruled (though with obvious peril) • Also: terrific community, thriving ecosystem, etc.
  • 16. Operating systems in Rust? • If the history of operating systems implementation teaches us anything, it’s that runtime characteristics trump development challenges! • Structured languages (broadly) replaced assembly because they performed as well • Viz., every operating system retains some assembly for reasons of performance! • With its focus on performance and zero-cost abstractions, Rust does represent a real, new candidate programming language for operating systems implementation
  • 17. Operating systems in Rust: A first attempt • First attempt at an operating system kernel in Rust seems to be Alex Light’s Reenix, ca. 2015: a re-implementation of a teaching operating system in Rust as an undergrad thesis • Biggest challenge in Reenix was that Rust forbids an application from handling allocation failure • The addition of a global allocator API has improved this in that now a C-based system can at least handle pressure… • …but dealing with memory allocation failure is still very much an unsettled area for Rust (see Rust RFC 2116)
  • 18. Operating systems in Rust since 2015 • Since Reenix’s first efforts, there have been quite a few small systems in Rust, e.g.: Redox, Tifflin, Tock, intermezzOS, RustOS/QuiltOS, Rux, and Philipp Oppermann’s Blog OS • Some of these are teaching systems (intermezzOS, Blog OS), some are unikernels (QuiltOS) and/or targeted at IoT (Tock) • These systems are all de novo, which represents its own challenges, e.g. forsaking binary compatibility with Linux and fighting Second System Syndrome
  • 19. Operating systems in Rust: The challenges • While Rust’s advantages are themselves clear, it’s less clear what the advantage is when replacing otherwise working code • For in-kernel code in particular, the safety argument for Rust carries less weight: in-kernel C tends to be de facto safe • Rust does, however, presents new challenges for kernel development, esp. with respect to multiply-owned structures • An OS kernel — despite its historic appeal and superficial fit for Rust — may represent more challenge than its worth • But what of hybrid approaches?
  • 20. Hybrid approach I: Rust in-kernel components • One appeal of Rust is its ability to interoperate with C • One hybrid approach to explore would be to retain a
 C-/assembly-based kernel while allowing for Rust-based
 in-kernel components like device drivers and filesystems • This would allow for an incremental approach — and instead of rewriting, Rust can be used for new development • There is a prototype example of this in FreeBSD; others are presumably possible
  • 21. Hybrid approach II: Rust OS components • An operating system is not just a kernel! • Operating systems have significant functionality at user-level: utilities, daemons, service-/device-/fault- management facilities, debuggers, etc. • If anything, the definition of the OS is expanding to distributed system that represents a multi-computer control plane — that itself includes many components • These components are much more prone to run-time failure! • Many of these are an excellent candidate for Rust!
  • 22. Hybrid approach III: Rust-based firmware • Below the operating system lurks hardware-facing special- purpose software: firmware • Firmware is a sewer of unobservable software with a long history of infamous quality problems • Firmware has some of the same challenges as kernel development (e.g., dealing with allocation failures), but may otherwise be more amenable to Rust • This is especially true when/where firmware is in user-space and is network-facing! (e.g., OpenBMC)
  • 23. Looking forward: Systems software in Rust • Rust represents something that we haven’t seen in a long time: a modern language that represents an alternative throughout the stack of software abstraction • Despite the interest in operating system kernel implementation, that might not be a good first fit for Rust • Rust allows hybrid approaches, allowing for productive kernel incrementalism rather than whole-system rewrites • Firmware and user-level operating system software are two very promising candidates for implementation in Rust!