Expand description
WebAssembly engine configuration for Oxide.
This module configures Wasmtime for running guest modules in a
sandboxed environment: bounded linear memory, instruction fuel metering, and a
SandboxPolicy that gates host capabilities (filesystem, environment variables, network
sockets)—all denied unless explicitly enabled.
Default SandboxPolicy limits: 16 MiB linear memory (256 × 64 KiB pages) and ~500M
Wasm instructions of fuel per [Store] before the guest is halted.
WasmEngine owns a shared [Engine] plus policy and is the main entry point for creating
stores, bounded memory, and compiled modules. ModuleLoader is a lighter bundle of engine
plus limits for scenarios such as loading child or dynamically linked modules.
Structs§
- Module
Loader - Minimal engine + limit bundle for loading additional Wasm modules (e.g. dynamic imports).
- Sandbox
Policy - Policy describing what resources a Wasm guest may use and the hard limits applied at runtime.
- Wasm
Engine - Sandbox-aware wrapper around a Wasmtime [
Engine].