Firmware in Rust: More Than Just 'Rewrite It In Rust'

Rust is becoming one of the most popular languages for firmware development as an alternative to C. Its primary advantage is the compiler's ability to enforce memory safety at compile time, significantly reducing memory corruption bugs that can lead to critical vulnerabilities. In addition, Rust allows unsafe operations, balancing safety with flexibility. However, ensuring safety in complex code, especially when handling memory operations from devices such as MMIO, remains a challenge. Furthermore, the Rust compiler cannot verify the correctness of code logic, leaving developers responsible for writing correct code. While unit and integration testing can help identify bugs, they do not guarantee correctness.
In this talk, I will explore existing methods for addressing these challenges, particularly in the context of firmware development. I will demonstrate their application not only through simple examples but also by applying them to a practical project: the Rust Hypervisor Firmware. This firmware, written in Rust, aims to boot a guest OS using a Linux boot loader specification or a UEFI-compatible layer in a virtual machine. By examining this real-world example, the talk will provide practical insights into effectively using Rust for firmware development.