Baidu Security X-Lab @ RustCon Asia 2019

In late April, more than 300 Rust developers from China, USA, Canada, Germany, Russia, India, Australia and other countries around the world attended the four-day RustCon Asia in Beijing. At the conference, more than 20 top Rust developers/lecturers gave talks and conducted workshop tutorials, covering a wide range of cross-industry Rust application practices including distributed data storage, security, search engines, embedded IoT, and image processing. As one of the leading groups using Rust in industry-level product development, Baidu Security X-Lab sent three of its top-notch experts to attend RustCon Asia, and they shared their wealth of experience and knowledge with the conference audience.

Dr. Mingshen Sun presented his work in rewriting Linux in Rust. Because of Rust’s memory-safety and zero-abstraction features, it is one of the best candidates for system programming. To provide a safe execution environment, Baidu Security built a Linux distribution from scratch in Rust including a building system, user-space utilities, and a simple package management system. In his talk, Dr. Sun mainly focused on user-space toolbox, which is a collection of core system utilities, and he discussed some design challenges and problems he encountered in building the toolbox, e.g., handling standard I/O, dynamic dispatching vs static generic type, testing and coverage issues.

Dr. Yiming Jing gave the talk “Cargo meets Autotools”. Since 1.10, rustc can generate a dynamic library that is intended to be used from C or C FFI, but the cargo install command does NOT work with the dynamic libraries. Dr. Jing and his peers had struggled a long way to get a working build infrastructure, just to build and distribute our dynamic library written in Rust. Eventually, they made autotools work smoothly together with the rust toolchain. Now a user can just download our source tarball, uncompress, and run ./configure && make && make install, just like old times. In this talk Dr. Jing shared his experience and lessons learned with the autotools that would be beneficial for the community.

Dr. Yu Ding and Dr. Mingshen Sun conducted a workshop jointly, introducing the Rust TEE ecosystem and Rust SGX SDK which has become the most popular SGX development environment. Unlike their previous talks at RustFest, QConSF and QConBJ with 30 minutes limit, this time they had time to explain into the details, as well as the Rust-trustzone. The workshop guided the audience to play Rust on two TEEs: SGX and Trustzone. In the session, Dr. Ding and Dr. Sun talked about the trusted computing theory and hardware-assisted trust execution engines. They also assisted the audience with hands-on experiments on Rust+SGX and Rust+Trustzone platforms. Towards the end of the session, they discussed about the internals and ecosystems, including the future work in the pipeline.

Baidu Security X-Lab has been using Rust extensively in product development due to its memory safety mechanism, and applied it as one of the key features in our ubiquitous secure computing framework — MesaTEE. We are continuing to build a strong and open ecosystem for MesaTEE to protect information and privacy data with Rust as its core component.