Enter Maestro, a unix-like monolithic kernel that aims to be compatible with Linux in order to ensure wide compatibility. Interestingly, it is written in Rust. It includes Solfége, a boot system and daemon manager, maestro-utils, which is a collection of system utility commands, and blimp, a package manager. According to Luc, it’s creator, the following third-party software has been tested and is working on the OS: musl (C standard library), bash, Some GNU coreutils commands such as ls, cat, mkdir, rm, rmdir, uname, whoami, etc… neofetch (a patched version, since the original neofetch does not know about the OS). If you want to test it out, fire up a VM with at least 1 GB of ram.

  • anthoniix@lemmy.world
    link
    fedilink
    English
    arrow-up
    100
    arrow-down
    6
    ·
    edit-2
    11 months ago

    This sounds cool, but troubling because of its license. Trying to write a linux compatible kernel and licensing as MIT is basically asking to get railroaded by gigantic organizations. I hope they reconsider in the future.

  • IrateAnteater@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    70
    arrow-down
    3
    ·
    11 months ago

    Ok, I’m out of the loop and I’ve seen this often enough that I have to ask; why do people always bring up “written in rust”? No one points out that a given project is written in C++/C#/python/ruby etc, yet we keep seeing it for rust.

    • xantoxis@lemmy.world
      link
      fedilink
      English
      arrow-up
      109
      arrow-down
      2
      ·
      11 months ago

      If you want a real answer, it’s mostly advocacy, the same reason Linux enthusiasts show up to every negative-sounding Windows thread to tell you to install Linux instead. And if it is less obnoxious, it’s only because there’s fewer Rust enthusiasts.

      There are, also, advantages to a Rust implementation that you can claim simply by virtue of something being implemented in Rust, as entire categories of problem that cause C projects to hemorrhage security vulnerabilities simply don’t exist for Rust.

      But mostly it’s people wanting you to be excited about and interested in Rust.

      • IrateAnteater@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        18
        arrow-down
        1
        ·
        11 months ago

        Is there something inherently safer with how rust does things, or is it just a case of it being new, so the vulnerabilities haven’t been found yet?

        • hperrin@lemmy.world
          link
          fedilink
          English
          arrow-up
          84
          ·
          edit-2
          11 months ago

          Yes, it is inherently safer than C. Unless you write code in an unsafe block, Rust will handle many aspects of memory allocation and management for you, and ensure their safety. It is memory safe and thread safe by default.

          C doesn’t have any of these safety checking features, so it would be equivalent to unsafe Rust, but all the time. It lets you do whatever you want with pointers for example, including making them point outside of the memory bounds. In program code, this will cause an illegal memory access exception, but in kernel code, all memory access is legal. Therefore, you could write a driver that accidentally overwrites the kernel’s own code in memory. That would likely cause a kernel panic and bring the whole system down. Whereas, in Rust, you can only do that within an unsafe code block.

          • wikibot@lemmy.worldB
            link
            fedilink
            English
            arrow-up
            11
            arrow-down
            2
            ·
            11 months ago

            Here’s the summary for the wikipedia article you mentioned in your comment:

            Thread safety is a computer programming concept applicable to multi-threaded code. Thread-safe code only manipulates shared data structures in a manner that ensures that all threads behave properly and fulfill their design specifications without unintended interaction. There are various strategies for making thread-safe data structures.A program may execute code in several threads simultaneously in a shared address space where each of those threads has access to virtually all of the memory of every other thread. Thread safety is a property that allows code to run in multithreaded environments by re-establishing some of the correspondences between the actual flow of control and the text of the program, by means of synchronization.

            article | about

        • magic_lobster_party@kbin.social
          link
          fedilink
          arrow-up
          29
          ·
          11 months ago

          Rust has many safeguards against some common errors that may cause security vulnerabilities. It’s by no means bulletproof against all vulnerabilities, but it’s something.

        • Sentient Loom@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          12
          arrow-down
          1
          ·
          11 months ago

          I only know the hype. But the hype says that Rust’s ownership system makes memory usage much safer by forcing the coder to deal with data. Your values will eventually go out of scope, and you have to dictate when that will happen or else it won’t compile.

          …or something like that.

        • bacon_pdp@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          21
          ·
          11 months ago

          Well rust has a borrow checker which does make some memory bugs harder to create but to say that rust solved any of the known open problems in computer security. The answer is clearly no. It just copied some good ideas from ocaml into C++ and got some good marketing.

          borrow checkers also already exist for C/C++/etc [just most people don’t use them]

          so, slightly safer defaults than C/C++ but doesn’t contain any new/unique security magic.

          • nickwitha_k (he/him)@lemmy.sdf.org
            link
            fedilink
            English
            arrow-up
            32
            ·
            11 months ago

            I feel like this is an example of innovation vs invention. Rust did not invent borrow checking. It did, however, make the borrow checker an integral part of the language and compiler. Making memory safety the default behavior is innovative and makes it the path of least resistance.

            Memory safety issues are responsible not just for crashes and perf degredation but are a significant attack vector for exploits. Making it harder to land there makes these exploitable conditions less common. The mechanism is not unique but its integral place in the language is.

            • barsoap@lemm.ee
              link
              fedilink
              English
              arrow-up
              8
              ·
              11 months ago

              It kinda really pioneered its particular kind of memory management. There’s some theoretical ancestry involving ML-based research languages with region typing, stuff like this, but those are ultimately quite different. The rest of the type system is basically a cut-down Haskell (Hindley-Milner with qualified types (typeclasses/traits)), with some minor titbits and fiddling.

            • bacon_pdp@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              18
              ·
              11 months ago

              not exactly, as there are rust compilers like mrust that don’t actually have borrow checkers and virtually none of those safety checks actually occur and there is a question of if the gcc rust compiler would be implementing that feature into the compiler.

              So, that would be an attribution failure; as it isn’t required by the language but the most popular rust compiler does include that feature.

              But yes, more compilers would likely benefit the languages they support by also adopting that feature by default.

              • QuaternionsRock@lemmy.world
                link
                fedilink
                English
                arrow-up
                15
                ·
                edit-2
                11 months ago

                Borrow checking is part of the language specification, and a compiler that does not include it is, by definition, incomplete. The authors of mrust even state this in the project README.

                Your claim is roughly equivalent to saying a C compiler which does not produce an error when a program calls an undeclared function means that C as a language does not ensure that your code doesn’t call functions that don’t exist - i.e., nonsense at worst, and irrelevant at best.

    • magic_lobster_party@kbin.social
      link
      fedilink
      arrow-up
      61
      arrow-down
      5
      ·
      11 months ago

      Programmers are hyped about Rust. It’s a programming language that has a legitimate chance to replace C and C++ for performance critical applications. So any new project in Rust increases the possibility of a future where C and C++ are programming languages of the past.

        • 5C5C5C@programming.dev
          link
          fedilink
          English
          arrow-up
          23
          arrow-down
          1
          ·
          11 months ago

          Whenever people complain that in Rust “the compiler is tough to beat”, the real problem is that individual’s mindset.

          I had this problem as well when I first started playing with Rust. I thought I was very smart and that I know exactly what I’m doing when I’m programming, so if the compiler is complaining so much about my code, it’s just being a dumb jerk.

          But if you stick with it instead of giving into your initial frustration, you’ll realize that the truth is the compiler is your friend and is saving you from innumerable subtle bugs that you’d be putting into your code if you were using any other language.

          When you realize that the 1.5x time+effort you need to spend to satisfy the Rust compiler is saving you 5x-50x time+effort that you’d have to spend debugging your program if you had written it in any other language, you’ll come to appreciate the strictness of the compiler instead of resenting it.

          There’s a reason us crustaceans are so zealous and the ecosystem is growing so rapidly, and it’s not because we’re super smart or have some unusually high work ethic. It’s because the language and the tooling is legitimately really good for producing high quality software at a rapid pace.

          There’s going to be an inflection point where the people who keep dismissing Rust are going to be left behind by the entire tech industry because there’s no other language that allows an ordinary developer to produce as high quality software as quickly that can work across EVERY platform, including web (via compiling to web assembly). I won’t pretend I can predict exactly when that inflection point will happen, but it will definitely happen.

            • 5C5C5C@programming.dev
              link
              fedilink
              English
              arrow-up
              18
              arrow-down
              2
              ·
              11 months ago

              I’ve had the privilege of switching from C++ to Rust almost completely in my professional work. I can tell you in no uncertain terms, the language itself makes an enormous difference.

              When I was doing highly concurrent multi-threaded programming in C++, I would sometimes have to waste entire weeks hunting down subtle data race bugs, despite the fact that I have a solid understanding of concurrency and multithreading. In some cases the bugs would originate in third party libraries that I was using, even though those libraries came from credible sources like Microsoft, Google, and GNU.

              Switching to Rust, those bugs are gone. By the time my code compiles there’s at 95% chance that it will work exactly the way it’s intended to without any debugging. The remaining 5% is silly little logic accidents like saying if condition { ... } when I meant to say if !condition { ... } and those bugs are trivially caught by writing a few simple unit tests (and Rust also makes it easier to write unit tests than any other language I know of).

              When I see my colleagues struggle with debugging problems in their JavaScript, Python, or C++ code, almost every time it turns out to be something that would’ve been trivially caught by the Rust compiler.

              By no means does using Rust guarantee that your code will be completely bug free. But the language alone gets you so close to that goal that it hardly takes any special effort beyond compiling to get all the way there.

              I think this is a huge reason that the ecosystem grows as quickly as it does: it’s so easy to write code that you can feel confident enough about to publish for anyone to use that many people go ahead and do that, and others feel confident using the work of others because the compiler does so much to ensure quality. It creates a virtuous cycle where people can develop faster by taking advantage of other people’s efforts and then release their own effort back into the community.

        • catastrophicblues@lemmy.ca
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          11 months ago

          Yeah the syntax is pretty far from more established languages, which is why I prefer C++ when I use it.

      • dewritoninja@pawb.social
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        4
        ·
        11 months ago

        Imo rust won’t replace cpp without true Oop so I might just make my own objective rust and piss off Oop haters

        • barsoap@lemm.ee
          link
          fedilink
          English
          arrow-up
          11
          arrow-down
          2
          ·
          11 months ago

          There has been no true OOP language since smalltalk, which btw wasn’t class-based.

          In practical terms Rust has subtyping – barely, at least in technical terms the only thing that uses true subtyping is lifetimes. In practical terms you have qualified types (aka traits) supporting interface inheritance which is perfectly proper as everybody knows that you shouldn’t inherit implementation as the Liskov Substitution Principle is undecidable.

          “Language X will fail because it’s not OO” what’s this, the early 00s? I thought we left that hype train behind.

      • HulkSmashBurgers@reddthat.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        I’ve never used rust but as you say it really does seem like a good successor to c/c++. It’s a modern, more memory safe programming language shat allows you to dig into the weeds if you need it.

    • devfuuu@lemmy.world
      link
      fedilink
      English
      arrow-up
      28
      arrow-down
      5
      ·
      11 months ago

      Because rust is the modern low level systems language, which means it gotta go fast without all the freaking problems of the only other real alternative so far that was C. The languages you list don’t even play in the same ballpark.

    • CaptDust@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      19
      arrow-down
      1
      ·
      edit-2
      11 months ago

      Mentioning it’s written in rust should imply this code base will have secure concurrency, better memory handling, be easier to extend, while maintaining near C++ performance. None of these are guarantees, but considering so many rust projects are “C/C++ programs, rewritten” it seems worth calling out as a differential. The language’s advantages extending to the kernel make it an interesting project.

    • Ricky Rigatoni@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      4
      ·
      11 months ago

      Yes they do? All the time? To the point where github has a bar on every project page showing what percentages of every project is written in which languages?

  • bacon_pdp@lemmy.world
    link
    fedilink
    English
    arrow-up
    36
    arrow-down
    11
    ·
    11 months ago

    50MB for a sub POSIX kernel and a shell prompt for a 50MB ISO image that has less functionality than a 4KB kernel (L4SEC) which has actual formal proofs of correctness.

    Well, I guess it has Rust as a selling point but that isn’t something that should matter if the goal is real security.

  • Armando3996@lemm.ee
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    11 months ago

    Finally, some “exciting” news, 2031 will be the year of the linux desktop(and Maestro)!

  • LainOfTheWired@lemy.lol
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    10
    ·
    11 months ago

    It’s interesting, but with Linux and BSD already available in many different flavours do we really need it?

    I mean what use case would it be better in except maybe an extreme rust enthusiast.

    • AVengefulAxolotl@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      11 months ago

      Whats the need for it? Another great operating systems engineer emerging from it even though the project itself might not be ‘useful’. You only truly learn stuff when actively doing it.

      One day he might be a significant contributor to Linux!

    • asdfasdfasdf@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      11 months ago
      1. Memory safety is super important
      2. Rust is far more approachable than C, so contribution and iteration is easier
      3. Did we really need an OS when Linux was released? It wasn’t the first.
      • LainOfTheWired@lemy.lol
        link
        fedilink
        English
        arrow-up
        1
        ·
        11 months ago

        It was the first fully working kernel licenced under a FOSS licence. So it was the first time someone could run a 100% open source OS.

        At least since maybe some really old mainframe back when stuff came with source code

    • L3ft_F13ld!@links.hackliberty.org
      link
      fedilink
      English
      arrow-up
      39
      ·
      edit-2
      11 months ago

      Because someone decided to do it.

      You don’t always need a good reason other than it might be cool/fun. Sometimes it’s just because you can.

      You’re not forced to use it, so if it’s not your cup of tea, that’s fine.

      • Im_old@lemmy.world
        link
        fedilink
        English
        arrow-up
        22
        ·
        11 months ago

        When my wife asks me “why are you doing [insert weird thing of the moment in my homelab]?” most of the times I answer “because I can!”.

      • Im_old@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        2
        ·
        11 months ago

        When my wife asks me “why are you doing [insert weird thing of the moment in my homelab]?” most of the times I answer “because I can!”.

    • Vincent Adultman@lemmy.world
      link
      fedilink
      English
      arrow-up
      16
      ·
      11 months ago

      He answers that in the project page. Just because there are kernels available, he can’t build his own and learn about kernel and computers in general (the answer for your question)

        • asdfasdfasdf@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          11 months ago

          Contributing to Linux can be extremely daunting. Refactoring can be as well. Rust makes both of those a LOT easier. If a project is written in Rust instead of C there will be many more potential contributors and flexibility.

          • Adanisi
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            11 months ago

            And Rust has a restrictive trademark policy which could theoretically cause problems. Especially because of how full the source code of Rust is of the trademarks.

            Just, why, Mozilla?

        • leanleft@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          4 months ago

          "In kernel development, debugging is very hard for several reasons:

          • Documentation is often hard to find, and BIOS implementations may be flawed (more often than you would think)
          • On boot, the kernel has full access to the memory and is allowed to write where it should not (its own code, for example)
          • Troubleshooting memory leaks is not easy. Tools such as valgrind cannot be used
          • gdb can be used with QEMU and VMWare, but the kernel may have a different behaviour when running on a different emulator or virtual machine. Also, those emulators may not support gdb (example VirtualBox)
          • Some features in the support for gdb in QEMU or VMWare are missing and gdb might even crash sometimes

          All those issues are reasons for using a memory-safe language, to avoid them as much as possible.

          Overall, the use of Rust in the kernel allowed for the implementation of a lot of safeguards. And I believe that it is, to this day, the best decision I have made for this project."

  • SSUPII@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    6
    ·
    edit-2
    11 months ago

    A VM with 1GB of RAM but the screenshot shows 50MB in use?

    Oh, looks like the install live environment needs it.

    • Gemini24601@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      27
      arrow-down
      2
      ·
      edit-2
      11 months ago

      You should’ve read the article, ”You should run the ISO with sufficient RAM (1GB should be more than enough). Such an amount of memory is required because packages to be installed are stored in RAM (on the initramsfs) instead of the disk. This is currently the best method since the OS is not yet able to read on a USB stick or CD-ROM by itself, so it relies on the bootloader for this. ”

      I guess you could run on lower ram, but package installs require more.