Microsoft introduces Rust repository for Windows driver development

Microsoft is gradually integrating Rust into the Windows kernel and is also gradually converting Windows driver development. Microsoft is taking stock.

Due to the complexity of the Windows kernel API, it will still take some time before the entire Rust design process is completed, according to Microsoft in a blog post by the Surface development team, which summarizes the current status of Windows driver programming with Rust. However, the company is determined to keep at it, as Microsoft believes that memory-safe languages such as Rust represent the future of secure software development. This is also because the security landscape requires reliability and security guarantees at every level.

Currently, Rust programmers who import the GitHub repository provided by Microsoft for the Rust project (windows-drivers-rs) can use the same libraries and headers in the Windows Driver Kit (WDK) as C developers. They also have access to all Device Driver Interfaces (DDI) required to create a Windows driver in user and kernel mode. With the cargo-wdk tool, both should now work more conveniently.

Visual Studio as a model: cargo-wdk for Rust

Microsoft Visual Studio provides various templates for writing Windows drivers in C. To make development with Rust similarly easy, Microsoft has now introduced the cargo extension cargo-wdk. It can be used to create empty driver projects that already contain all the necessary links, build steps and dependencies. In addition, cargo-wdk can call – similar to the creation of a driver in C in Visual Studio – WDK tools such as InfVerif.

Microsoft demonstrates how cargo-wdk works with an example. Developers use cargo wdk new –kmdf to create a KMDF driver template. By entering cargo wdk build, cargo-wdk then runs the InfVerif tool over the INF file of the driver and displays all errors found, similar to Visual Studio. In the example, the INF file is finally corrected, cargo-wdk is executed again and it is ensured that the driver is provided with the corresponding certificates.

In the medium term, the team plans to add features such as automatic WDK installations, support for NT_TARGET_VERSION, additional driver templates and full ARM64 support to cargo-wdk. In the long term, Microsoft plans to offer programmers in a cargo environment access to the same build tools and configuration options as in Visual Studio.

In addition to cargo-wdk, the repo also contains the following crates:

• wdk-build: A library for configuring a cargo build script that performs downstream linking of the WDK and generates Rust bindings.
• wdk-sys: Direct FFI bindings to APIs available in the WDK.
• wdk: Secure idiomatic bindings to APIs available in the WDK.
• wdk-panic: Standard implementation of panic handlers for programs created with the WDK
• wdk-alloc: A global allocator for the drivers.
• wdk-macros: A collection of macros that facilitate interaction with the direct bindings of wdk-sys.

From unsafe Rust to safe Rust

Although windows-drivers-rs currently includes all the building blocks needed to program Rust drivers for Windows, a considerable amount of unsafe Rust code is still required. According to the blog, unsafe Rust also offers advantages such as strong type checking, zero cost abstractions and good compatibility thanks to the Foreign Function Interface (FFI). In the long term, however, it should be possible for developers to write the majority of a Windows driver securely.

To this end, Microsoft wants to use the type system and the borrow checker from Rust to prevent certain types of errors that could previously only be detected by additional static analyses. In addition, the scope of the repository is to be continuously expanded. There will also be secure abstractions for kernel mode structures and DDIs to reduce the number of insecure code blocks required and increase security at compile time.

In addition to the Surface team, other departments at Microsoft are also working on developing secure structures and APIs. These go beyond the Windows Driver Framework (WDF) and can be used both in Windows kernel development and by third-party providers in driver development. Some of this work is already included in the Windows kernel today .

(mack)