Stream: wasmtime

Topic: Running the min-platform example

view this post on Zulip Paul Osborne (Feb 28 2025 at 22:30):

In working on a patch for https://github.com/bytecodealliance/wasmtime/issues/10245 I was attempting to use the min-platform example in tree to do some testing around some of the no_std and #[cfg(not(has_virtual_memory))] paths.

I wanted to confirm whether there was a way to directly get the example to run. Targeting x86_64-unknown-none triple on an x64 host runs but fails out on "cannot load native code - requires virtual memory"

Just want to check that I'm not missing something obvious; I started to try some tweaks to the example to attempt to target pulley64 which should avoid the virtual memory requirement for the embedding.

Enable deserializing code owned by some external source · Issue #10245 · bytecodealliance/wasmtime
Currently in Wasmtime we have Module::deserialize and Module::deserialize_file. Given these APIs though it has the fundamental requirements that deserialize will copy the bytes into Wasmtime (e.g. ...

view this post on Zulip Alex Crichton (Feb 28 2025 at 22:47):

The test on CI is configured here where the general idea is that the host is x64 linux but the guest is "x64 none" so we're sort of lying that it's all embedded

wasmtime/.github/workflows/main.yml at af31e80deac455fe7c2dc17a121a7a9151f84338 · bytecodealliance/wasmtime
A lightweight WebAssembly runtime that is fast, secure, and standards-compliant - bytecodealliance/wasmtime

view this post on Zulip Alex Crichton (Feb 28 2025 at 22:47):

in theory though ./build.sh x86_64-unknown-none on an x64 host should work

view this post on Zulip Paul Osborne (Feb 28 2025 at 23:19):

Ok, I have it working now. I had seen the ci test but hadn't looked at the output in detail. Running the build with WASMTIME_SIGNALS_BASED_TRAPS=1 makes the difference to include the custom feature.

view this post on Zulip Ilya (Mar 09 2025 at 09:39):

Speaking of pulley and constrained environments, how can I verify pulley bytecode on the constrained device itself? Right now I'm doing:

let module = unsafe { wasmtime::Module::deserialize(&wasm_engine, include_bytes!("../patch.cwasm")) }.unwrap();

What if I don't necessarily trust the code being loaded?
Is there some different API that allows to validate pulley bytecode being loaded?

view this post on Zulip bjorn3 (Mar 09 2025 at 09:44):

Pulley bytecode is inherently trusted. It can read and write arbitrary memory on the host. Verifying that it doesn't do anything bad would require something like proof carrying code, which is an open research area.

view this post on Zulip Ilya (Mar 09 2025 at 09:50):

Is there any other way to run untrusted code on a constrained device with wasmtime? The device is no_std. Currently it's Cortex-M33 (with MPU) core of rp2350

view this post on Zulip Alex Crichton (Mar 09 2025 at 17:54):

bjorn3 is correct, there's no way to verify the input to Module::deserialize. It's up to the embedder to ensure those are trusted bytes.

view this post on Zulip Alex Crichton (Mar 09 2025 at 17:54):

There is no way to receive an untrusted *.cwasm and run it safely

view this post on Zulip Ilya (Mar 10 2025 at 08:16):

Thanks guys!

Last updated: Apr 07 2025 at 18:04 UTC