Stop Hiding The Sharp Knives: The WebAssembly Linux Interface

📅 2023-12-06
🏛️ arXiv.org
📈 Citations: 2
Influential: 0
📄 PDF

career value

201K/year
🤖 AI Summary
WebAssembly (Wasm) is expanding beyond the web due to its portability and low overhead, yet the absence of a standardized system interface severely hinders software reuse and ecosystem growth in general-purpose computing. Method: This paper introduces WALI (WebAssembly Linux Interface), the first user-space, lightweight virtualization layer that natively exposes Linux system calls to Wasm modules. WALI integrates control-flow integrity enforcement with capability-based API virtualization, enabling secure, dependency-free execution while preserving binary compatibility and layered robustness. Built atop modern Wasm runtimes and leveraging existing compiler backends, it supports capability-driven API abstraction and selective passthrough of critical syscalls. Contribution/Results: Evaluation shows that multiple real-world applications require only minimal modifications to run on WALI, with bounded performance overhead. WALI significantly enhances Wasm’s applicability and deployment efficiency in general-purpose computing environments.
📝 Abstract
WebAssembly is gaining popularity as a portable binary format targetable from many programming languages. With a well-specified low-level virtual instruction set, minimal memory footprint and many high-performance implementations, it has been successfully adopted for lightweight in-process memory sandboxing in many contexts. Despite these advantages, WebAssembly lacks many standard system interfaces, making it difficult to reuse existing applications. This paper proposes WALI: The WebAssembly Linux Interface, a thin layer over Linux's userspace system calls, creating a new class of virtualization where WebAssembly seamlessly interacts with native processes and the underlying operating system. By virtualizing the lowest level of userspace, WALI offers application portability with little effort and reuses existing compiler backends. With WebAssembly's control flow integrity guarantees, these modules gain an additional level of protection against remote code injection attacks. Furthermore, capability-based APIs can themselves be virtualized and implemented in terms of WALI, improving reuse and robustness through better layering. We present an implementation of WALI in a modern WebAssembly engine and evaluate its performance on a number of applications which we can now compile with mostly trivial effort.
Problem

Research questions and friction points this paper is trying to address.

Lack of standard system interfaces in WebAssembly (Wasm) hinders adoption.
Proposes thin kernel interfaces to expose OS syscalls without breaking sandboxing.
Enables ISA portability, compiler backend reuse, and enhanced security in Wasm.
Innovation

Methods, ideas, or system contributions that make the work stand out.

Thin kernel interfaces expose OS syscalls
Enables Wasm as universal binary format
Improves reuse, robustness, and portability
🔎 Similar Papers
No similar papers found.