rseal 0.1.0

Memory sealing operations
Documentation
  • Coverage
  • 82.35%
    14 out of 17 items documented0 out of 6 items with examples
  • Size
  • Source code size: 27.14 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 1.44 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 17s Average build duration of successful builds.
  • all releases: 17s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • ab22593k/rseal
    0 0 0
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • ab22593k

RSeal

A Rust library for memory sealing operations using Linux's mseal syscall.

Overview

RSeal provides a safe Rust interface for sealing memory regions, preventing them from being modified after initialization. This is useful for security-sensitive applications that need to protect critical data from tampering.

Features

  • Safe wrapper around the Linux mseal syscall
  • Page-aligned memory allocation and sealing
  • Comprehensive error handling
  • Memory safety guarantees through Rust's ownership system
  • Extensive test coverage

Installation

Add this to your Cargo.toml:

[dependencies]
rseal = "0.1.0"

Quick Start

use rseal::SealedBuffer;

fn main() -> Result<(), rseal::errors::RSealMemError> {
    // Create a new sealed buffer with 4KB capacity
    let mut buffer = SealedBuffer::new(4096)?;

    // Write data to the buffer (before sealing)
    let data = b"Sensitive data";
    buffer.write(data);

    // After this point, the memory cannot be modified
    let sealed_data = buffer.read();
    assert_eq!(&sealed_data[..data.len()], data);

    Ok(())
}

API Documentation

Key Types

  • SealedMemory<T>: Low-level wrapper for sealed memory regions
  • SealedBuffer: High-level wrapper for byte-oriented sealed memory
  • RSealError: Error types for sealing operations
  • RSealMemError: Memory-specific error types

Safety

Memory sealing is irreversible - sealed memory regions cannot be freed until process termination. Use this library judiciously and be aware of the memory usage implications.

Technical Details

RSeal uses the Linux mseal syscall to prevent further modifications to memory regions. Key features include:

  • Page-aligned memory allocation
  • Comprehensive error checking
  • Safe Rust abstractions over unsafe system calls
  • Automatic handling of memory alignment requirements

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. Areas for improvement include:

  • Support for other operating systems
  • Additional memory protection features
  • Performance optimizations
  • Documentation improvements

License

This project is licensed under either of

at your option.

Platform Support

Currently supports Linux only. The mseal syscall is required.