6 repository-uri
Development practices that combine low-level hardware access with modern memory safety guarantees.
Distinguishing note: Focuses on the intersection of performance and safety.
Explore 6 awesome GitHub repositories matching security & cryptography · Memory-Safe Systems Programming. Refine with filters or upvote what's useful.
Carbon is an experimental, compiled systems programming language designed as a successor to C++. It focuses on providing a high-performance environment for modern software development while prioritizing memory safety and expressive generic programming. The language is built to support performance-critical engineering, allowing for precise control over memory layout and execution flow. A primary differentiator of the project is its bidirectional interoperability with existing C++ codebases. This allows developers to call functions and share data between languages without manual wrappers, facil
Builds high-performance software with low-level access while preventing memory errors.
This project is a comprehensive educational framework designed to guide learners through the complexities of systems engineering and low-level software development. It provides structured learning paths that integrate hardware simulation, source code analysis, and project-based exercises to help developers master the foundational concepts of computer architecture, operating systems, and firmware design. The curriculum distinguishes itself by emphasizing direct interaction with system internals, requiring learners to examine and modify existing open-source kernel and driver implementations. By
Explores the adoption of modern language features to manage system resources and ensure memory safety within traditional low-level software architectures.
Youki is a low-level container runtime written in Rust that creates and manages isolated containers according to Open Container Initiative specifications. It serves as an execution engine that can function as a rootless container manager or a pluggable Kubernetes CRI runtime to manage pods and containers within a cluster. The project distinguishes itself by providing a Wasm container runtime capable of executing WebAssembly modules as isolated workloads compatible with standard orchestration tools. It further supports a rootless execution model, allowing isolated environments to start as non-
Built with Rust to ensure memory safety while interfacing directly with low-level Linux kernel system calls.
Carp is a statically typed Lisp compiler that compiles Lisp-like syntax directly to C source code, enabling seamless integration with existing C libraries and low-level system programming. It manages memory deterministically at compile time using ownership tracking and linear types, eliminating garbage collection pauses and runtime overhead while ensuring type safety through an inferred static type system. The language distinguishes itself through compile-time macro expansion and metaprogramming capabilities, allowing code generation and transformation before final binary output. It enforces
Enforces compile-time ownership tracking and linear types for deterministic memory management without garbage collection.
This project provides a framework and toolset for developing memory-safe kernel-mode and user-mode drivers for the Windows operating system. It enables developers to build drivers using safe programming patterns that prevent common memory errors and system crashes, while providing the necessary infrastructure to interface with low-level hardware and system APIs. The framework distinguishes itself by offering procedural macros and binding generation tools that translate complex C-style system headers into idiomatic, type-safe code. It includes a custom global allocator designed for the strict
Provides a development environment that enforces strict memory safety patterns for kernel-mode software.
Acest proiect oferă un framework de dezvoltare pentru scrierea modulelor de kernel Linux încărcabile folosind limbajul de programare Rust. Stabilește o metodologie pentru programarea sigură a sistemelor prin impunerea siguranței memoriei și a firelor de execuție în mediul restricționat al kernel-ului, permițând dezvoltatorilor să extindă funcționalitatea sistemului de operare prevenind în același timp erorile comune de corupere a memoriei. Framework-ul se distinge prin generarea automată de interfețe de funcții străine (FFI) sigure din punct de vedere al tipurilor, care fac legătura între codul de nivel înalt și headerele sau structurile de sistem de nivel scăzut ale kernel-ului. Acesta mapează constructele de sincronizare de nivel înalt direct la mecanismele native de blocare ale kernel-ului, asigurându-se că datele partajate rămân protejate în mai multe fire de execuție și contexte de întrerupere. Setul de instrumente se integrează cu pipeline-urile native de build ale kernel-ului pentru a gestiona compilarea și link-area codului sursă în obiecte binare. Oferind abstracții sigure pentru interfațarea cu hardware-ul și mediile cu resurse limitate, acesta susține crearea de drivere de dispozitiv și componente de sistem fiabile, care mențin reguli stricte de proprietate și împrumut la momentul compilării.
Establishes a methodology for enforcing memory and thread safety within the restricted kernel execution environment.