Kernel Memory Safety: Mission Accomplished
a day ago
- #Operating Systems
- #Rust
- #Memory Safety
- The CrowdStrike outage in 2024 highlighted vulnerabilities in mature OSes due to memory-safety bugs.
- Asterinas is a Rust-based framekernel OS designed to achieve complete kernel memory safety with a minimal Trusted Computing Base (TCB).
- The framekernel architecture combines the performance of monolithic kernels with the security of microkernels, confining unsafe code to a small, auditable core.
- OSTD, the OS framework for Asterinas, provides safe abstractions for kernel development, enabling features like system call handling in safe Rust.
- Asterinas supports over 210 Linux system calls, multiple CPU architectures, file systems, sockets, and devices, all while maintaining competitive performance.
- The TCB in Asterinas is approximately 15,000 lines of code, significantly smaller than other Rust-based OSes, and is amenable to formal verification.
- Future plans for Asterinas include support for Linux namespaces, cgroups, a graphics subsystem, and ARM architecture, aiming for production readiness.
- Asterinas is open-source and welcomes contributors to help advance memory-safe OS development.