Understanding what's missing for Rust dynamic linking (was: Proposal for how to deal with Go/Rust/etc security bugs)

To: debian-devel@lists.debian.org
Subject: Understanding what's missing for Rust dynamic linking (was: Proposal for how to deal with Go/Rust/etc security bugs)
From: Gard Spreemann <gspr@nonempty.org>
Date: Thu, 25 Jan 2024 16:25:45 +0100
Message-id: <[🔎] 874jf1fmy6.fsf@giraffe.home.nonempty.org>
In-reply-to: <[🔎] 1f1d6f877792475a3db656dbdec33b78b3cba90b.camel@debian.org>
References: <[🔎] 20240114111729.rhi7eekkd3h5fpjg@shell.thinkmo.de> <[🔎] 87v87wrl86.fsf@kaka.sjd.se> <[🔎] 20240115091717.tl2rif5mfnz7bwvp@shell.thinkmo.de> <[🔎] ec4237994fdf9ba540a7d31ba7521a53da0b091f.camel@debian.org> <[🔎] 87r0ihegzh.fsf@kaka.sjd.se> <[🔎] CAJxTCxyXODCUkoqBSGVdE28fW4V0OZZm62DGjQHbwU5gF+Q98g@mail.gmail.com> <[🔎] 7ffc4554fca50b778c228fb498cd9f0747e0d983.camel@josefsson.org> <[🔎] 871qa7xh2w.fsf_-_@kaka.sjd.se> <[🔎] CAMw=ZnQHdPx5Rdzvd3pHF_BMv+u7EGAjkE+A_mF7cOL_B2ZgjA@mail.gmail.com> <[🔎] 875xzix6bv.fsf@kaka.sjd.se> <[🔎] 20240125002438.GD32181@mail.wookware.org> <[🔎] 1f1d6f877792475a3db656dbdec33b78b3cba90b.camel@debian.org>

Hello.

Paul Wise <pabs@debian.org> writes:

> On Thu, 2024-01-25 at 00:24 +0000, Wookey wrote:
>
>> People keep telling us (@ARM) how marvellous Rust is, and we keep
>> telling them that it's useless in the real world until it sorts out
>> the stable ABI/dynamic linking problem.
>
> IIRC that has been worked on for some years now, and IIRC
> the static linking wiki page has some references about this.
>
> https://wiki.debian.org/StaticLinking

This reminded me that I'm not even sure that I fully understand what
Rust's remaining technical obstacles to achieving dynamic linking (at
least within Debian) are. I'm ignoring the potential cultural or
political issues that have been alluded to by others. My understanding –
and please do correct me! – has been that three components are missing:

(1) A stable ABI.

(2) A way of dealing with generic types/functions across dynamic linking
    boundaries.

(3) A way of dealing with macros across dynamic linking boundaries.

From Debian's perspective, is really (1) all that important given that a
stable release only has to deal with a specific version of the compiler?
Could we not live with every new version of *just* rustc in sid
introducing a transition with a rebuild of every Rust package?

As for (2): Since Debian has the privilege of having a complete overview
of the "closed system" of all Rust packages that we need to consider,
could we not conceivably make a pass across all Rust packages in the
entire archive and record every concrete version of every generic
type/function ever used? Then when a particular library package is
built, we would force the monomorphization of all the relevant
types/functions in that shared library's public interface. This would
require tooling support from upstream to force generation of
monomorphized versions of types/functions when building each shared
library, but that in itself does not seem impossible. (As a curious
effect, the introduction of a new package may then trigger the need to
rebuild some of its own dependencies due to new monomorphic versions of
functions being needed that had not been seen in the archive before.)

Similarly, for (3), could we expand every macro in every library as
needed by every depending package in the archive?

Just trying to get a handle on how far we are from a solution of sorts,
apologies for any stupid questions.

 Best,
 Gard

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Understanding what's missing for Rust dynamic linking (was: Proposal for how to deal with Go/Rust/etc security bugs)
  - From: Luca Boccassi <bluca@debian.org>

References:
- Re: Limited security support for Go/Rust? Re ssh3
  - From: Bastian Blank <waldi@debian.org>
- Re: Limited security support for Go/Rust? Re ssh3
  - From: Simon Josefsson <simon@josefsson.org>
- Re: Limited security support for Go/Rust? Re ssh3
  - From: Bastian Blank <waldi@debian.org>
- Re: Limited security support for Go/Rust? Re ssh3
  - From: Paul Wise <pabs@debian.org>
- Re: Limited security support for Go/Rust? Re ssh3
  - From: Simon Josefsson <simon@josefsson.org>
- Re: Limited security support for Go/Rust? Re ssh3
  - From: Jérémy Lal <kapouer@melix.org>
- Re: Limited security support for Go/Rust? Re ssh3
  - From: Simon Josefsson <simon@josefsson.org>
- Proposal for how to deal with Go/Rust/etc security bugs (was: Re: Limited security support for Go/Rust? Re ssh3)
  - From: Simon Josefsson <simon@josefsson.org>
- Re: Proposal for how to deal with Go/Rust/etc security bugs (was: Re: Limited security support for Go/Rust? Re ssh3)
  - From: Luca Boccassi <bluca@debian.org>
- Re: Proposal for how to deal with Go/Rust/etc security bugs
  - From: Simon Josefsson <simon@josefsson.org>
- Re: Proposal for how to deal with Go/Rust/etc security bugs
  - From: Wookey <wookey@wookware.org>
- Re: Proposal for how to deal with Go/Rust/etc security bugs
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: Proposal for how to deal with Go/Rust/etc security bugs
Next by Date: Re: Proposal for how to deal with Go/Rust/etc security bugs
Previous by thread: Re: Proposal for how to deal with Go/Rust/etc security bugs
Next by thread: Re: Understanding what's missing for Rust dynamic linking (was: Proposal for how to deal with Go/Rust/etc security bugs)
Index(es):
- Date
- Thread