Rust for Linux: New Untrusted Type Bolsters Kernel Security
2025-09-19
The Linux kernel faces security threats from numerous untrusted data sources, including user space, networks, and removable storage. To enhance security, Benno Lossin proposes a new Rust API introducing the `Untrusted` type to flag data originating from untrusted sources. Leveraging Rust's type system, this prevents accidental decisions based on unvalidated user-space data, mitigating potential attacks. The API, now in its fourth revision, includes utility functions and support for common data structures like slices and vectors. Future application in driver `ioctl()` functions promises heightened kernel security, with further discussion expected at the upcoming Kangrejos conference on the Rust for Linux project.
(lwn.net)
Development
User Space Data