Assistant Adjunct Professor of Computer Science Anton Burtsev recently received a $40,000 gift from VMware Research to support RedLeaf, a new operating system developed from scratch in Rust. This is a second gift from VMWare that supports development of RedLeaf, a project that is funded by NSF, VMWare and Intel. RedLeaf is a new operating system developed by Burtsev and his team at UCI. RedLeaf has been developed from scratch in Rust with the goal of exploring the impact of language safety on operating system organization.
Since early computer systems were developed five decades ago, overheads of language safety remain prohibitive for development of operating system kernels. Today, we run kernels developed in C. Unfortunately, the choice of C, an unsafe low-level programming language, as the de facto standard for kernel development contributes to several hundred vulnerabilities a year.
Recently, however, the performance landscape of safe languages has started to change with the development of programming languages like Rust that achieve safety without garbage collection. Rust is the first practical language that combines an old idea of linear types with pragmatic language design. It enforces type and memory safety through a restricted ownership model, where there exists a unique reference to each live object in memory. This allows static tracking of the lifetime of the object and deallocation of the object without a garbage collector. Rust represents a unique point in the language design space, bringing the benefits of type and memory safety to systems that cannot afford the cost of garbage collection. The runtime overhead of the language is limited to bounds checking, which is often hidden by modern superscalar out-of-order CPUs.
In contrast to commodity systems, RedLeaf does not rely on hardware address spaces for isolation and instead uses only type and memory safety of the Rust language. “Departure from costly hardware isolation mechanisms allows us to explore the design space of systems that embrace lightweight fine-grained isolation,” says Burtsev. RedLeaf is designed as a microkernel system in which a collection of language domains implements functionality of the system: kernel subsystems, device drivers and user applications. “Rust provides systems developers with mechanisms we were all wanting for decades: zero-cost language safety and a type system that enforces ownership. We argue that Rust’s language safety allows us to enable many classical ideas of operating system research for the first time in a practical way.”
For more information, see the RedLeaf project page.