Google Adds Rust-Based DNS Parser into Pixel 10 Modem to Enhance Security
تقوية "Baseband": Google كادخل "DNS Parser" بـ Rust فـ Modem ديال Pixel 10
Hardening the Baseband: Google Integrates Rust-Based DNS Parser into Pixel 10 Modem
TL;DR
Google has integrated a Rust-based DNS parser into the Pixel 10's modem firmware. This move marks the first time a memory-safe language has been used at the modem level in a Pixel device, aiming to eliminate entire classes of memory-safety vulnerabilities in critical cellular communication protocols.
Introduction: Securing the Foundation
In the evolving landscape of mobile security, the cellular baseband modem remains one of the most sensitive attack surfaces. Recognizing this, Google has announced a significant architectural shift for the Pixel 10: the integration of a Rust-based Domain Name System (DNS) parser directly into the modem firmware.
This initiative is part of a broader strategy to replace memory-unsafe code (like C/C++) with memory-safe languages at the most foundational levels of hardware communication.
Why DNS and Why Rust?
Modern cellular communications have transitioned almost entirely to digital data networks. Even fundamental operations—such as call forwarding—now rely on DNS services. Because DNS underpins such critical functionality, vulnerabilities in its implementation can have catastrophic consequences.
Using memory-unsafe languages for DNS parsing often leads to vulnerabilities like out-of-bounds memory access. Google specifically cited CVE-2024-27227 as an example of the risks inherent in traditional implementations. By using Rust, Google aims to:
- Mitigate Memory Safety Risks: Rust's compile-time checks prevent common bugs like buffer overflows and use-after-free errors.
- Reduce Attack Surfaces: Implementing the protocol in a memory-safe language decreases the potential for remote code execution (RCE) via malicious DNS responses.
Implementation Details: The "Hickory-Proto" Crate
To bring Rust to the modem, Google utilized the "hickory-proto" crate, a well-regarded Rust-based DNS client and resolver. However, implementing this in a modem environment presented unique challenges:
- Environment Adaptation: The Google team modified the crate to support "bare metal" and embedded environments where standard operating system resources are unavailable.
- Dependency Management: To manage the more than 30 dependencies introduced by the crate, Google used a custom tool called "cargo-gnaw" to maintain and resolve code requirements.
- C-to-Rust Interoperability: The implementation uses a hybrid approach. The DNS response parsing API is declared in C but implemented in Rust. While Rust handles the parsing logic, it dispatches existing C functions to update in-memory data structures that remain coupled with the original C implementation.
Challenges in Memory-Constrained Systems
While Rust provides security benefits, it isn’t inherently optimized for the highly memory-constrained environments typical of cellular modems. Google noted that the DNS Rust crate's code size could be further optimized. One proposed solution is the addition of extra feature flags to ensure modularity, allowing developers to selectively compile only the exact functionality required for the modem.
A Continuing Trend in Security Hardening
The Pixel 10 modem update is the latest in a series of steps Google has taken to harden its devices:
- 2023: Implementation of Clang sanitizers like IntSan (Overflow Sanitizer) and BoundSan (BoundsSanitizer) to catch undefined behavior.
- 2024: Introduction of firmware-level measures to combat 2G exploits and baseband-focused memory safety attacks.
- 2025: Google reported that memory safety vulnerabilities fell below 20% of the total vulnerabilities discovered in Android.
"The new Rust-based DNS parser significantly reduces our security risk by mitigating an entire class of vulnerabilities in a risky area," said Jiacheng Lu, a software engineer with the Google Pixel Team.
Conclusion
The integration of Rust into the Pixel 10 modem represents a milestone for mobile hardware security. By moving memory-safe code "down the stack" into the modem firmware, Google is setting a new baseline for how manufacturers protect users from sophisticated baseband attacks. As this implementation matures, it likely serves as the foundation for broader adoption of memory-safe code across other low-level firmware components.
Source: https://thehackernews.com/2026/04/google-adds-rust-based-dns-parser-into.html
