Stream: git-wasmtime

Topic: wasmtime / PR #5368 Fix some minor issues with stdin-load...


view this post on Zulip Wasmtime GitHub notifications bot (Dec 01 2022 at 19:54):

alexcrichton opened PR #5368 from minor-fixes to main:

This commit addresses a few items I saw after reading #5342 such as:

<!--

Please ensure that the following steps are all taken care of before submitting
the PR.

Please ensure all communication adheres to the code of conduct.
-->

view this post on Zulip Wasmtime GitHub notifications bot (Dec 01 2022 at 19:54):

alexcrichton requested jameysharp for a review on PR #5368.

view this post on Zulip Wasmtime GitHub notifications bot (Dec 01 2022 at 20:16):

jameysharp submitted PR review.

view this post on Zulip Wasmtime GitHub notifications bot (Dec 01 2022 at 20:16):

jameysharp submitted PR review.

view this post on Zulip Wasmtime GitHub notifications bot (Dec 01 2022 at 20:16):

jameysharp created PR review comment:

I don't want to re-introduce the ELF-magic check in the CLI for two reasons:

I think it'd be reasonable to declare that --allow-precompiled is incompatible with reading from stdin. With #5342, if stdin happens to be mmap-able because e.g. it's redirected from a file on Unix, then --allow-precompiled works, but I think it's okay to lose that "feature".

So I'd prefer to reject that combination while validating arguments, and replace this block with:

                Module::new(linker.engine(), &module)?

view this post on Zulip Wasmtime GitHub notifications bot (Dec 01 2022 at 21:00):

alexcrichton submitted PR review.

view this post on Zulip Wasmtime GitHub notifications bot (Dec 01 2022 at 21:00):

alexcrichton created PR review comment:

Can you elaborate more on why it's considered a good thing to disallow --allow-precompiled and stdin? It's already opt-in behavior which I would imagine suitably covers any misuse issues. It surely would be bad to curl | wasmtime --allow-precompiled but I don't feel like it's our place to prevent that if someone really wanted to.

As for the ELF detection, I don't mind moving it into the crate one way or another.

view this post on Zulip Wasmtime GitHub notifications bot (Jan 06 2023 at 02:23):

jameysharp submitted PR review.

view this post on Zulip Wasmtime GitHub notifications bot (Jan 06 2023 at 02:23):

jameysharp created PR review comment:

Sorry, I lost track of this. I guess I don't have a strong argument for preferring to disallow --allow-precompiled when reading from stdin on general principle.

I do think the API design is a little fiddly if you want to allow that case though. My suggestion, which we adopted in #5342, had been to combine "is this safe to mmap" with "is this safe to blindly execute as native code", so the same Module::from_trusted_file API is used to mean both things. We could introduce, I dunno, Module::from_trusted_bytes or something to mean only "safe to execute"?

view this post on Zulip Wasmtime GitHub notifications bot (Jan 17 2023 at 19:14):

alexcrichton submitted PR review.

view this post on Zulip Wasmtime GitHub notifications bot (Jan 17 2023 at 19:14):

alexcrichton created PR review comment:

Hm ok I've sort of lost context on this and don't feel strongly motivated for pushing it over the finish line, so I'll leave this to a future PR if it's necessary.

view this post on Zulip Wasmtime GitHub notifications bot (Jan 17 2023 at 19:15):

alexcrichton closed without merge PR #5368.


Last updated: Dec 23 2024 at 13:07 UTC