Extending kernel functionality dynamically is essential for modern workloads in observability, profiling, and security, and is becoming increasingly popular for implementing low-latency, kernel-bypass logic in high-performant systems. However, existing mechanisms like kernel modules or eBPF come with steep learning curves, limited expressiveness, or tightly constrained environments. WebAssembly (Wasm), with its strong isolation guarantees, portable semantics, formally defined specification with machine-checked proofs, and low memory footprint, presents a compelling alternative for safe, runtime-extensible logic inside the kernel.

This work explores Wasm as a foundation for safe and flexible kernel extensibility. We present an early prototype that allows users to load and unload Wasm binaries into the kernel and hook them into system calls for interception and instrumentation. This prototype serves as an initial step toward rethinking kernel extensibility using Wasm as a secure and language-agnostic execution layer, enabling safer and more accessible in-kernel customization.

43 pages

Thesis Committee:
Anthony Rowe (Chair)
Benjamin Titzer

Srinivasan Seshan, Head, Computer Science Department
Martial Hebert, Dean, School of Computer Science

Return to: SCS Technical Report Collection
School of Computer Science

This page maintained by reports@cs.cmu.edu