Skip to content

secure-foundations/rWasm

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

examples

examples

 
 

src

src

 
 

templates-for-generation

templates-for-generation

 
 

.gitignore

.gitignore

 
 

.internal-reference

.internal-reference

 
 

Cargo.lock

Cargo.lock

 
 

Cargo.toml

Cargo.toml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

rWasm

A cross-platform high-performance provably-safe sandboxing Wasm-to-native compiler.

As a sandboxing compiler, rWasm produces code whose execution (under any possible input) cannot use any memory outside the space provided to it at compile time, nor can it jump to arbitrary code outside of the explicitly provided interface. Being provably-safe, rWasm comes with an informal proof of the safety of its sandbox, which can be found in our paper. At a high-level, it obtains this through the power of unsafe-free Rust! However, note that this does not guarantee that the code must execute correctly (although we try to faithfully maintain the semantics of the input Wasm, with semantic assurance provided by the wasm-semantics-fuzzer), nor does it guarantee that the API boundary is even reasonable (rWasm just guarantees that the compile-time requested boundary is maintained).

Usage

Requires Rust to build and use. Use rustup to install Rust if necessary.

Most compilation with rWasm looks like cargo run -- {input.wasm} {output} followed by cd output && cargo run --release.

Side note: cargo run performs both the compile and build step; if you want to do it separately, run cargo build --release followed by cargo run --release (which will then use the cached build).

As an example, examples/hello-wasi.wasm (a simple Wasm program that prints "Hello World!" and exits) can be compiled and run using:

cargo run -- --wasi-executable examples/hello-wasi.wasm output
(cd output && cargo run --release)

For more options, including tracers, experimental performance-modifying options, etc., run cargo run -- --help in the current directory.

Related Projects

  • vWasm: a formally-verified provably-safe sandboxing compiler, built in F*
  • wasm-semantics-fuzzer: a tool for providing greater assurance in the semantic correctness of any Wasm implementation

License

BSD 3-Clause License. See LICENSE.

Publications

Provably-Safe Multilingual Software Sandboxing using WebAssembly. Jay Bosamiya, Wen Shih Lim, and Bryan Parno. In Proceedings of the USENIX Security Symposium, August, 2022.

@inproceedings{provably-safe-sandboxing-wasm,
  author    = {Bosamiya, Jay and Lim, Wen Shih and Parno, Bryan},
  booktitle = {Proceedings of the USENIX Security Symposium},
  month     = {August},
  title     = {Provably-Safe Multilingual Software Sandboxing using {WebAssembly}},
  year      = {2022}
}

About

A cross-platform high-performance provably-safe sandboxing Wasm-to-native compiler

Resources

Readme
Activity
Custom properties

Stars

28 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages