Nebulet: A Rust Microkernel Running WebAssembly In Ring 0

You should likely be familiar with WebAssembly as the binary format for executing code within web pages that can be nearly as fast as running native machine code -- and certainly much faster than JavaScript. A new research project has been exploring running WebAssembly in the CPU's Ring 0 -- yes, the highest privileged state of the processor -- in the name of better performance.

Nebulet is a work-in-progress open-source project implementing a microkernel that executes WebAssembly modules in ring 0. The focus is on low context switching overhead, syscalls being just function calls, and a single address space to avoid page table switches.

While the idea of running WebAssembly in ring 0 may cause security shivers, Mozilla at least believes it can be done safely if the WebAssembly is verified as well as taking optimization steps to ensure no reading/writing outside of its assigned linear memory. Other steps/optimizations are also taken to reduce possible vulnerabilities.

Nebulet is very much still a work-in-progress but this research operating system did receive a lot of work this summer by Lachlan Sneff as part of GSoC 2018.

Lachlan was able to attain full WASM support in Nebulet, threading support, and other fundamentals this summer. And, yes, this research OS is written in the Rust programming language.

While there isn't much to see at this point for end-users, the code continues to be developed at Nebulet/Nebulet.