rust: initial commit #18
Conversation
pawelzalewski-capablehub
force-pushed
the
pz/rust-map
branch
4 times, most recently
from
60c742e to
ad71c94
Compare
Signed-off-by: Pawel Zalewski <pawel.zalewski@thecapablehub.org>
pawelzalewski-capablehub
force-pushed
the
pz/rust-map
branch
from
ad71c94 to
35398d1
Compare
pawelzalewski-capablehub
requested review from
amurray-thegoodpenguin and
williambeasley-capablehub
| releases: | ||
| - version: "b3d65cc" | ||
| version_date: 2025-09-15 | ||
| version_url: "https://github.com/kent-weak-memory/rust/commit/b3d65ccdacb171f2339284eddf3bb721108e9050" |
There was a problem hiding this comment.
Perhaps https://github.com/kent-weak-memory/rust/tree/1.72.1-20250915-dev is more suitable (based on the release tag)
| link: "https://github.com/CHERIoT-Platform/cheri-rust/tree/main" | ||
|
|
||
| - arch: "aarch64, aarch64c" | ||
| releases: |
There was a problem hiding this comment.
Should you add these as older releases:
https://github.com/kent-weak-memory/rust/releases/tag/1.56.0-20240112-dev
https://github.com/kent-weak-memory/rust/releases/tag/1.56.0-20230804-dev
Especially given that they are already listed as releases?
| - arch: "CHERIoT" | ||
| releases: | ||
| - version: "HEAD" | ||
| version_date: 2026-01-19 |
There was a problem hiding this comment.
This is quickly going to get out of sync with moving ref HEAD. For Sel4 we explicitly put the HEAD ref as the version.
We probably need to do what https://endoflife.date/ does and add some regex or similar into the map, such that we can have a CI workflow that suggests updates. However, in a couple of weeks, what you have here won't just be out of date, it will be incorrect.
| latest: true | ||
| version_url: "https://github.com/CHERIoT-Platform/cheri-rust/tree/main" | ||
| cheri_spec: CHERIoT ISA v1.0 | ||
| upstream_version: "1.92.0" |
There was a problem hiding this comment.
This will get out of date too.
| description: |- | ||
| [Rust](https://rust-lang.org/) is an efficient (on par with C++) system level language with a rich type system that is heavily focused on memory-safety, thread-safety and data ownership. It does not have a garbage collector, hence is well suited for embedded hardware. In practice it means that the engineer will be normally fighting the Rust LLVM front end compiler and its checks/analysis instead of using GDB at program runtime like in C/C++ development cycle - which is arguably a better way for finding out severe software bugs. | ||
| The CHERI forks complement the language's own and language specific security features by replacing traditional pointers with new data type at the hardware level - the capability. | ||
| status: |- |
There was a problem hiding this comment.
This is good! I assume you've reached out for feedback from the relevant people?
There was a problem hiding this comment.
Not yet, doing it now.
There was a problem hiding this comment.
The CHERI forks complement the language's own and language specific security features by replacing traditional pointers with new data type at the hardware level - the capability.
I think this sentence could be a bit misleading, because the forks do not replace in the literal sense traditional pointers (as in, at the surface level, a &T is still a &T and same for *const T or *mut T), and capabilities aren't immediately visible to end users, unless they specifically want to handle them.
If it is useful, when a description of the project that fits in a sentence is necessary, I usually say something along the lines of:
While Rust provides compile-time guarantees for safe code, CHERI provides runtime guarantees for every fragment of unsafe code.
|
|
||
| For instructions on building the CHERIoT Rust project see instruction is their github repo at [https://github.com/CHERIoT-Platform/cheri-rust](https://github.com/CHERIoT-Platform/cheri-rust) | ||
|
|
||
| We might (and want) write a blogpost in the future on Rust in CHERIoT, so watch this space. |
There was a problem hiding this comment.
I'd tone this down to something like, "Check out our blog for ...." Or just remove it.
There was a problem hiding this comment.
The homepage of the CHERIoT Rust project also will also contain some blog posts and news.
|
|
||
| project_contribution: | ||
| src_tree: |- | ||
| - [CHERIoT](https://github.com/CHERIoT-Platform/cheri-rust) |
There was a problem hiding this comment.
Do we need to put reference to the relevant branches, or is it obvious?
| - [CHERIoT](https://github.com/CHERIoT-Platform/cheri-rust) | ||
| - [Morello](https://github.com/kent-weak-memory/rust) | ||
| chat: |- | ||
| [Signal chat for CHERIoT](https://signal.group/#CjQKIElxAs3t3MUEMOEmQEuMHRK4rErUk2xVeFzjAjFXAShzEhCK9qQwEMFKGLGZnCjrQ7zm) for live discussions (these messages are ephemeral and will be auto-deleted) |
There was a problem hiding this comment.
This isn't visible in the preview?
| @@ -0,0 +1,69 @@ | |||
| project_summary: | |||
| category: "language" | |||
| home_text: "Currently there are two projects that add CHERI support to the Rust compiler" | |||
There was a problem hiding this comment.
I don't think this is the right framing. Kent was funded under the original DSbD programme to do the Morello work. SCI, with Kent as a subcontractor, is funded under the CHERI enablement programme to do CHEIRoT rust. The CHERIoT Rust project is a follow on to the Morello one, updated for new Rust versions, aiming for upstreaming. The CHERIoT Rust project picked the cheri-rust name for the repo to make it clear that we're not just aiming to support CHERIoT, we're aiming to support CHERI platforms in general, with CHERIoT as an exemplar.
There was a problem hiding this comment.
Excellent thanks, so it will still aim to support Morello ?
There was a problem hiding this comment.
In that case, I shall make cheri-rust THE home url for this page.
There was a problem hiding this comment.
Supporting Morello would be nice, but it would need updates to the LLVM fork with support for Morello.
I don't know the details, but I think it's some versions behind the least recent version of LLVM that Rust currently supports.
There was a problem hiding this comment.
The Cambridge folks are working on that update. Our goal is to not break anything related to Morello (or other CHERI targets) so that it's very easy for other folks to add support as long as they have a working LLVM.
| home_text: "Currently there are two projects that add CHERI support to the Rust compiler" | ||
| short_description: "CHERI enabled Rust" | ||
| description: |- | ||
| [Rust](https://rust-lang.org/) is an efficient (on par with C++) system level language with a rich type system that is heavily focused on memory-safety, thread-safety and data ownership. It does not have a garbage collector, hence is well suited for embedded hardware. In practice it means that the engineer will be normally fighting the Rust LLVM front end compiler and its checks/analysis instead of using GDB at program runtime like in C/C++ development cycle - which is arguably a better way for finding out severe software bugs. |
There was a problem hiding this comment.
I think that it seldom happens that Rust users need to interact directly with LLVM (furthermore, Rust has upstream support for Cranelift and GCC as backends too). If I get the tone of the sentence right, I guess that the "hard" bit about Rust that would fit in the sentence is, usually, the borrow checker.
| mailing_lists: |- | ||
| - [WG - rust](https://lists.cheri-alliance.org/mailman3/postorius/lists/wg-rust.cheri-alliance.org/) | ||
| meetings: |- | ||
| There are no regular meetings held at this moment. |
There was a problem hiding this comment.
The Rust+CHERI working group arranges a meeting every month. We are currently in the process of reorganising a bit the cadence and objectives of these meetings, and those who want to participate can subscribe to the mailing list to receive updates and reminders.
| status: |- | ||
| In 2023 work bringing in Rust support to the [ARM Morello](https://git.morello-project.org/morello/) was done at [University of Kent](https://www.cs.kent.ac.uk/people/staff/mjb211/rust/index.htm) and published at [https://github.com/kent-weak-memory/rust](https://github.com/kent-weak-memory/rust) - it was based on Rust 1.72.1, so it is a dated version at this point (as upstream is 1.93), it also requires an old build of [Morello LLVM](https://git.morello-project.org/morello/llvm-project/-/commit/671d6dbe2b74525702368edfa086e68f5afadc24). The authors point out that the compiler is fully tested but is still experimental and one should expect bugs. The maintenance and support shall be limited on this project. | ||
|
|
||
| In 2025 new funding was announced for bringing in Rust to the CHERIoT platform, work to be done by [SCI Semiconductor](https://www.scisemi.com/), but in collaboration with previous project owners from the Univeristy of Kent. It shall add extensions specific to [CHERIoT](https://github.com/CHERIoT-Platform) but the goal is to be compatible with any CHERI enabled LLVM back end (so this would enable for potential RVY support in the future as well), the project lives at [https://github.com/CHERIoT-Platform/cheri-rust](https://github.com/CHERIoT-Platform/cheri-rust). |
There was a problem hiding this comment.
| In 2025 new funding was announced for bringing in Rust to the CHERIoT platform, work to be done by [SCI Semiconductor](https://www.scisemi.com/), but in collaboration with previous project owners from the Univeristy of Kent. It shall add extensions specific to [CHERIoT](https://github.com/CHERIoT-Platform) but the goal is to be compatible with any CHERI enabled LLVM back end (so this would enable for potential RVY support in the future as well), the project lives at [https://github.com/CHERIoT-Platform/cheri-rust](https://github.com/CHERIoT-Platform/cheri-rust). | |
| In 2025 new funding was announced for bringing in Rust to the CHERIoT platform, work to be done by [SCI Semiconductor](https://www.scisemi.com/), but in collaboration with previous project owners from the University of Kent. It shall add extensions specific to [CHERIoT](https://github.com/CHERIoT-Platform) but the goal is to be compatible with any CHERI enabled LLVM back end (so this would enable for potential RVY support in the future as well), the project lives at [https://github.com/CHERIoT-Platform/cheri-rust](https://github.com/CHERIoT-Platform/cheri-rust). |
|
|
||
| In 2025 new funding was announced for bringing in Rust to the CHERIoT platform, work to be done by [SCI Semiconductor](https://www.scisemi.com/), but in collaboration with previous project owners from the Univeristy of Kent. It shall add extensions specific to [CHERIoT](https://github.com/CHERIoT-Platform) but the goal is to be compatible with any CHERI enabled LLVM back end (so this would enable for potential RVY support in the future as well), the project lives at [https://github.com/CHERIoT-Platform/cheri-rust](https://github.com/CHERIoT-Platform/cheri-rust). | ||
|
|
||
| For the foresable future CHERIoT is where most of Rust development shall take place. The codebase shall track the [main](https://github.com/rust-lang/rust) and [beta](https://github.com/rust-lang/rust/tree/beta) branches from upstream, so the goal is to be in sync with upstream, which is very nice, we like. |
There was a problem hiding this comment.
| For the foresable future CHERIoT is where most of Rust development shall take place. The codebase shall track the [main](https://github.com/rust-lang/rust) and [beta](https://github.com/rust-lang/rust/tree/beta) branches from upstream, so the goal is to be in sync with upstream, which is very nice, we like. | |
| For the foreseeable future CHERIoT is where most of Rust development shall take place. The codebase shall track the [main](https://github.com/rust-lang/rust) and [beta](https://github.com/rust-lang/rust/tree/beta) branches from upstream, so the goal is to be in sync with upstream, which is very nice, we like. |
| buildingFromSource: |- | ||
| For instructions on building the Morello 1.72.1 Rust project see instructions in the github repo at [https://github.com/kent-weak-memory/rust](https://github.com/kent-weak-memory/rust) | ||
|
|
||
| For instructions on building the CHERIoT Rust project see instruction is their github repo at [https://github.com/CHERIoT-Platform/cheri-rust](https://github.com/CHERIoT-Platform/cheri-rust) |
There was a problem hiding this comment.
| For instructions on building the CHERIoT Rust project see instruction is their github repo at [https://github.com/CHERIoT-Platform/cheri-rust](https://github.com/CHERIoT-Platform/cheri-rust) | |
| For instructions on building the CHERIoT Rust project see the README in their [github repository](https://github.com/CHERIoT-Platform/cheri-rust). |
If you want to take some relevant bits or links from it, the homepage of the Rust + CHERI WG also lists where to find information to get started.
See webpage preview:
https://pz-rust-map-the-capable-hub-website.andrew-murray.workers.dev/software/rust/