Why Google Is Rewriting Android Firmware in Rust—and What It Means for Memory Safety

Google has rewritten the protected virtual‑machine firmware in its Android virtualization framework using Rust and is encouraging developers to adopt the same approach for firmware projects.

In a recent blog post, Android engineers Ivan Lozano and Dominik Maier explored the technical details of replacing traditional C and C++ code with Rust.

They demonstrated how straightforward it is to improve safety with embedded Rust and showed the Rust toolchain handling bare‑metal targets.

Although Rust is known for a steep learning curve, they argue that guiding C/C++ developers to view the world through Rust’s lens is achievable.

A recent controversy arose when a maintainer of the Rust‑for‑Linux project resigned after facing resistance from Linux kernel developers, underscoring concerns about forcing everyone to learn Rust.

Despite these challenges, Google continues to promote Rust adoption for developers willing to make the transition.

Lozano and Maier pointed out that firmware is usually written in memory‑unsafe languages like C or C++, lacking advanced safety mechanisms, whereas Rust provides a way to avoid memory‑safety vulnerabilities such as buffer overflows and use‑after‑free bugs—issues that account for many critical flaws in large codebases.

They emphasized that Rust offers a memory‑safe C/C++ alternative with comparable performance and code size, plus zero‑cost interoperability with C.

The U.S. government, through the Cybersecurity and Infrastructure Security Agency (CISA), has urged software vendors to prioritize eliminating memory‑safety bugs, and Google has responded, reporting that Rust developers are twice as productive as their C++ counterparts.

Lars Bergstrom, Google Android programming language engineering director and Rust Foundation board chair, stated that Rust plays a key role in building safe, reliable software at every layer. Google is expanding Rust usage across Android, Chromium, and embedded firmware to reduce memory‑safety vulnerabilities and is working with the Rust ecosystem to provide resources and training for developers.