Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs.
To that end, the company has been building parts of the Android Open Source Project (AOSP) with Rust for the past 18 months, with plans in the pipeline to scale this initiative to cover more aspects of the operating system.
“Managed languages like Java and Kotlin are the best option for Android app development,” Google said. “The Android OS uses Java extensively, effectively protecting large portions of the Android platform from memory bugs. Unfortunately, for the lower layers of the OS, Java and Kotlin are not an option.”
Stating that code written in C and C++ languages requires robust isolation when parsing untrustworthy input, Google said the technique of containing such code within a tightly constrained and unprivileged sandbox can be expensive, causing latency issues and additional memory usage.
With memory safety bugs in C and C++ constituting about 70% of Android’s high severity security vulnerabilities, the idea is to switch to a memory-safe language like Rust and prevent them from happening in the first place.
“Rust provides memory safety guarantees by using a combination of compile-time checks to enforce object lifetime/ownership and runtime checks to ensure that memory accesses are valid,” Google noted.
Despite the obvious benefits, Google doesn’t intend to rewrite all of its existing C and C++ code in the underlying OS, instead focusing its memory-safe language efforts on new or recently modified code that have a higher likelihood of memory bugs.
Some of Google’s ongoing efforts with Rust include a complete rewrite of Android’s Bluetooth stack, dubbed Gabeldorsche, which it began testing starting with Android 11 last year. Also in the works is a Rust-based network stack for its open-source Fuchsia operating system.