Rust’s unsafe code may introduce memory-safety vulnerabilities that compromise the entire program. To address this, we propose an in-process, fine-grained isolation mechanism leveraging Memory Protection Keys (MPK), the first to dynamically isolate safe and unsafe code regions in Rust—thereby preventing cross-region propagation of violations such as heap/stack buffer overflows. Our approach integrates lightweight context switching, cross-isolation secure serialization and communication protocols, and application-level fault detection with automatic rollback of safe code segments. Evaluation shows that our mechanism effectively intercepts diverse heap and stack memory violations; incurs low overhead (<5% on average), substantially outperforming process-level isolation; and supports highly automated integration, validated across multiple real-world Rust projects. Our core contributions are: (1) the first MPK-based isolation framework targeting the Rust safe/unsafe boundary, and (2) integrated rollback guarantees for safe code upon unsafe-region failures.

Rust is a popular memory-safe systems programming language. In order to interact with hardware or call into non-Rust libraries, Rust provides unsafe language features that shift responsibility for ensuring memory safety to the developer. Failing to do so, may lead to memory-safety violations in unsafe code which can violate safety of the entire application. In this work we explore in-process isolation with Memory Protection Keys as a mechanism to shield safe program sections from safety violations that may happen in unsafe sections. Our approach is easy to use and comprehensive as it prevents heap and stack-based violations. We further compare process-based and in-process isolation mechanisms and the necessary requirements for data serialization, communication, and context switching. Our results show that in-process isolation can be effective and efficient, permits for a high degree of automation, and also enables a notion of application rewinding where the safe program section may detect and safely handle violations in unsafe code.