Expand description
Hyperlight host runtime for executing guest code in lightweight virtual machines.
This crate provides the host-side runtime for Hyperlight, enabling safe execution of untrusted guest code within micro virtual machines with minimal overhead. The runtime manages sandbox creation, guest function calls, memory isolation, and host-guest communication.
The primary entry points are UninitializedSandbox
for initial setup and
MultiUseSandbox
for executing guest functions.
§Guest Requirements
Hyperlight requires specially compiled guest binaries and cannot run regular
container images or executables. Guests must be built using either the Rust
API (hyperlight_guest
with optional use of hyperlight_guest_bin
),
or with the C API (hyperlight_guest_capi
).
Re-exports§
pub use error::HyperlightError;
pub use sandbox::MultiUseSandbox;
pub use sandbox::UninitializedSandbox;
pub use sandbox::is_hypervisor_present;
pub use sandbox::uninitialized::GuestBinary;
Modules§
- error
- Dealing with errors, including errors across VM boundaries
- func
- Wrappers for host and guest functions.
- hypervisor
- Wrappers for hypervisor implementations
- mem
- Functionality to establish and manage an individual sandbox’s memory.
- metrics
- Metric definitions and helpers
- sandbox
- The main sandbox implementations. Do not use this module directly in code outside this file. Types from this module needed for public consumption are re-exported below.
Macros§
- and
- Shorthand for chaining
SeccompCondition
s with theand
operator in aSeccompRule
. The rule will take theAllow
action if all the conditions are true. - debug
- Same as log::debug!, but will additionally print to stdout if the print_debug feature is enabled
- log_
then_ return - Logs an error then returns with it, more or less equivalent to the bail! macro in anyhow but for HyperlightError instead of anyhow::Error
- new_
error - Creates a
HyperlightError::Error
from a string literal or format string - or
- Shorthand for chaining
SeccompRule
s with theor
operator in aSeccompFilter
.
Type Aliases§
- Result
- The universal
Result
type used throughout the Hyperlight codebase.