Security Lunch: Доверя́й, но проверяй: SFI safety for native-compiled Wasm, Evan Johnson

Security Lunch

Title: Доверя́й, но проверяй: SFI safety for native-compiled Wasm
Speaker: Evan Johnson
Date: October 13
Time: 12:00pm
Event link: https://stanford.zoom.us/j/99099389394?pwd=dzN5eXlaM01sL0lNS0pEVWk3TUEwUT09

Abstract: 

WebAssembly (Wasm) is a platform-independent bytecode that offers both good performance and runtime isolation. To implement isolation, the compiler inserts safety checks when it compiles Wasm to native machine code. While this approach is cheap, it also requires trust in the compiler’s correctness—trust that the compiler has inserted each necessary check, correctly formed, in each proper place. Unfortunately, subtle bugs in the Wasm compiler can break—and have broken—isolation guarantees. To address this problem, we propose verifying memory isolation of Wasm binaries post-compilation. We implement this approach in VeriWasm, a static offline verifier for native x86-64 binaries compiled from Wasm; we prove the verifier’s soundness, and find that it can detect bugs with no false positives. Finally, we describe our deployment of VeriWasm at Fastly.

Date: 
Wednesday, October 13, 2021 - 12:00pm to 1:00pm