Redefining Windows driver development with Rust: Microsoft's latest shift in approach
Microsoft is making significant strides in enhancing the security of Windows driver development by integrating Rust, a memory-safe programming language, into its ecosystem.
In a move to bolster the security of Windows kernel development and third-party vendor drivers, Microsoft is developing secure structures and APIs. These new tools aim to reduce the occurrence of unsafe code blocks, providing developers with a more secure development experience.
To facilitate Rust driver development, Microsoft has introduced the Cargo extension cargo-wdk. This tool is similar to the templates offered in Microsoft Visual Studio for C development, offering features like creating empty driver projects and calling WDK tools.
Rust programmers working with the provided Rust project repository (windows-drivers-rs) can also utilise libraries and headers from the Windows Driver Kit (WDK). This integration allows Rust developers access to all Device Driver Interfaces (DDI) needed to create a Windows driver in both user and kernel mode.
One of the key benefits of using Rust is its type system and borrow checker, which Microsoft plans to leverage to prevent certain errors. The company aims to allow developers to write most of a Windows driver in safe Rust.
The progress of integrating Rust into the Windows kernel is being assessed by Microsoft, with the long-term goal of providing developers with the same build tools and configuration options in a Cargo environment as in Visual Studio. In the medium term, Microsoft plans to add features like automatic WDK installations, support for NT_TARGET_VERSION, additional driver templates, and full ARM64 support to cargo-wdk.
It's worth noting that several teams at Microsoft, including the Surface team and other departments, are involved in this initiative. They are working on developing secure structures and APIs that extend beyond the Windows Driver Framework (WDF), supporting both Windows kernel development and third-party driver development. This effort includes integrating Rust for safer Windows driver development and providing tools like cargo-wdk to improve security and development experience.
Microsoft's cargo-wdk can run the InfVerif tool over the INF file of a driver and display any errors found, further enhancing the security of the development process.
Some of these secure structures and APIs are already included in the Windows kernel today. Microsoft sees memory-safe languages like Rust as the future of secure software development, and this initiative is a significant step towards that vision.
