Safer Linux Kernel Modules Using the D Programming Language

[Paulo Pinto]

On Monday, 9 January 2023 at 07:23:48 UTC, Siarhei Siamashka 
wrote:
> On Monday, 9 January 2023 at 06:34:23 UTC, Paulo Pinto wrote:
>> On Monday, 9 January 2023 at 04:31:48 UTC, Siarhei Siamashka
>>> ASAN, Valgrind, Clang Static Analyzer and plenty of other 
>>> tools are the practical mechanisms to prevent buffer 
>>> overflows. Yes, they are not baked into the ISO language 
>>> standard. But D has no ISO language standard at all.
>>
>> The best part of memory safe systems programming languages is 
>> that many of those tools don't even have to exist, they are 
>> part of language semantics!
>
> Memory safe systems programming language is an oxymoron. To be 
> suitable for systems programming, the language has to provide a 
> mechanism to opt out of safety at least for some parts of the 
> code. These parts of code may have memory safety bugs. The 
> compiler of the safe language itself may have bugs. Valgrind is 
> very useful for troubleshooting D issues and this usefulness 
> won't go away any time soon. Here's one example: 
> https://forum.dlang.org/post/msjrcymphcdquslfgbrn@forum.dlang.org

It is a big difference having to audit 100% of the source code 
like in C, or just 1%.

One of the reasons why Burroughs is still available as Unisys 
ClearPath MCP, is that a couple of agencies that care about 
secure servers above anything else are willing to keep paying for 
it, alongside the safety guarantes provided by NEWP.