There is a somewhat expanded README that has yet to be reviewed and checked in here: <a href="https://chromium.googlesource.com/chromiumos/platform/crosvm/+/837b59f2d97b005ef84ac36efa97530c1bbf2a79/README.md" rel="nofollow">https://chromium.googlesource.com/chromiumos/platform/crosvm...</a>
Isn't stuff like that exactly counteracting Rusts raison d'etre?<p>> // This is safe; nothing else will use or hold onto the raw sock fd.<p>> Ok(unsafe { net::UdpSocket::from_raw_fd(sock) })<p><a href="https://chromium.googlesource.com/chromiumos/platform/crosvm/+/6f366b54604e4012b43822d5dc2afe7d1616287d/net_util/src/lib.rs#55" rel="nofollow">https://chromium.googlesource.com/chromiumos/platform/crosvm...</a>
How does this square with rumors from a few days ago that the Pixelbook will be able to run virtualized Windows (or Linux)? I do not understand the implication of "No actual hardware is emulated."<p>If the Pixelbook <i>can</i> run Window or Linux in a VM, then its price slides a little closer towards justifiable.
Is this a new component for Chrome OS? Would this be a replacement for a project like Crouton or is something like this already being leveraged by that project?
The Fuchsia OS microkernel should be rewritten in Rust, too, especially if it's going to take another 5 years before we even see it in a commercial product. If Google wants to make a modern new OS that will help it avoid many of the existing security problems it needs to keep fixing with Android/Chrome OS right now, then it should do it right and avoid collecting a lot of "security debt" down the road because of unsafe code/poor initial security architecture decisions.