Web Assembly
Background
From Swivel: Hardening WebAssembly against Spectre (USENIX SECURITY 21).
Take Lucet Wasm compiler as an example, Wasm features:
- Control flow safety: control flow of the compiled code is restricted to the sandbox and cannot be bent to bypass bounds checks.
- Memory isolation: explicitly bound all heap loads and stores and masks all pointers to be within a 4GB range, using guard pages to trap any offsets that may reach beyond the 4GB heap space.
- Embedding Wasm: allows safe control and data flow across the host-sandbox boundary via springboards and trampolines.
- Wasm in FaaS platforms: FaaS platforms place thousands of client Wasm modules within a single host process, and distribute these processes across thousands of servers and multiple datacenters.
WASM-Related Stuffs
extism - The Universal Plug-in System. Extend anything with WebAssembly (wasm).
The universal plug-in system. Run WebAssembly extensions inside your app. Use idiomatic Host SDKs for Go, Ruby, Python, Node, Rust, C, C++, OCaml, Haskell, PHP, Elixir/Erlang, .NET, Java, Zig & more (others coming soon).
Plug-in development kits (PDK) for plug-in authors supported in Rust, AssemblyScript, Go, C/C++, Haskell, and Zig.
yavkOS Operating system based off of blog_os, with the goal of running wasm modules as executables