T0b1/wasmtime
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
61dc38c0652088363b466bd7adb92cad5a729620
wasmtime/crates/wasmtime
History
Chris Fallin 61dc38c065 Implement Spectre mitigations for table accesses and br_tables. (#4092) 
Currently, we have partial Spectre mitigation: we protect heap accesses
with dynamic bounds checks. Specifically, we guard against errant
accesses on the misspeculated path beyond the bounds-check conditional
branch by adding a conditional move that is also dependent on the
bounds-check condition. This data dependency on the condition is not
speculated and thus will always pick the "safe" value (in the heap case,
a NULL address) on the misspeculated path, until the pipeline flushes
and recovers onto the correct path.

This PR uses the same technique both for table accesses -- used to
implement Wasm tables -- and for jumptables, used to implement Wasm
`br_table` instructions.

In the case of Wasm tables, the cmove picks the table base address on
the misspeculated path. This is equivalent to reading the first table
entry. This prevents loads of arbitrary data addresses on the
misspeculated path.

In the case of `br_table`, the cmove picks index 0 on the misspeculated
path. This is safer than allowing a branch to an address loaded from an
index under misspeculation (i.e., it preserves control-flow integrity
even under misspeculation).

The table mitigation is controlled by a Cranelift setting, on by
default. The br_table mitigation is always on, because it is part of the
single lowering pseudoinstruction. In both cases, the impact should be
minimal: a single extra cmove in a (relatively) rarely-used operation.

The table mitigation is architecture-independent (happens during
legalization); the br_table mitigation has been implemented for both x64
and aarch64. (I don't know enough about s390x to implement this
confidently there, but would happily review a PR to do the same on that
platform.)
2022-05-02 11:19:16 -07:00
..
src
Implement Spectre mitigations for table accesses and br_tables. (#4092)
2022-05-02 11:19:16 -07:00
build.rs
Add a cranelift compile-time feature to wasmtime (#3206)
2021-08-18 16:47:47 -05:00
Cargo.toml
Update some dependencies in Cargo.lock (#4081)
2022-04-28 11:12:58 -05:00
LICENSE
Move crates/api to crates/wasmtime (#1693)
2020-05-13 16:04:31 -05:00
README.md
Move crates/api to crates/wasmtime (#1693)
2020-05-13 16:04:31 -05:00

README.md

Wasmtime Embedding API

The wasmtime crate is an embedding API of the wasmtime WebAssembly runtime. This is intended to be used in Rust projects and provides a high-level API of working with WebAssembly modules.

If you're interested in embedding wasmtime in other languages, you may wish to take a look a the C embedding API instead!