# How the LiteBox Platform Trait Enables Cross-Platform Sandboxing > Discover how the LiteBox Platform trait enables cross-platform sandboxing by abstracting system primitives. Compile for Linux, Windows, or kernel environments with zero runtime overhead. - Repository: [Microsoft/litebox](https://github.com/microsoft/litebox) - Tags: deep-dive - Published: 2026-02-16 --- **The LiteBox Platform trait abstracts low-level system primitives through a composable `Provider` interface, allowing the same sandboxing runtime to compile for Linux, Windows, or kernel environments without runtime overhead.** Microsoft LiteBox isolates guest code by defining a **platform abstraction layer** centered on the `Provider` trait in [`litebox/src/platform/mod.rs`](https://github.com/microsoft/litebox/blob/main/litebox/src/platform/mod.rs). Rather than hardcoding OS-specific syscalls, LiteBox delegates every low-level operation—mutexes, networking, time, memory—to a set of sub-traits aggregated under `Provider`. This architecture decouples the sandboxing engine from the host environment, enabling true cross-platform portability. ## Understanding the Platform Abstraction Layer ### The Provider Trait Composition The `Provider` trait acts as a **marker trait** that bundles six required sub-traits into a single interface. As defined in [`litebox/src/platform/mod.rs`](https://github.com/microsoft/litebox/blob/main/litebox/src/platform/mod.rs) (lines 38-49), any type implementing `Provider` must also implement: - `RawMutexProvider` – synchronization primitives - `IPInterfaceProvider` – network interface access - `TimeProvider` – monotonic and wall-clock time - `PunchthroughProvider` – NAT traversal capabilities - `DebugLogProvider` – structured logging - `RawPointerProvider` – raw memory pointer operations By composing these capabilities into one trait, LiteBox creates a **complete execution environment description**. The sandbox runtime interacts only with the abstract `Provider` interface, never with concrete OS APIs. ### Sub-Traits for Low-Level Primitives Each sub-trait defines a minimal contract for a specific system primitive. For example, `RawMutexProvider` exposes methods to allocate and lock mutexes, while `RawPointerProvider` handles unsafe memory operations. This granularity allows platform implementers to substitute individual components without affecting the rest of the system. Platform-specific structs implement the full `Provider` bundle. The Linux user-land implementation in [`litebox_platform_linux_userland/src/lib.rs`](https://github.com/microsoft/litebox/blob/main/litebox_platform_linux_userland/src/lib.rs) (lines 31-35) provides concrete implementations for all sub-traits using POSIX syscalls. Similarly, Windows and kernel environments (LVBS, SEV-SNP) provide their own structs implementing the same interface. ## Compile-Time Platform Selection ### The Multiplex Crate and Global Platform LiteBox uses **static dispatch** to eliminate runtime overhead. The `litebox_platform_multiplex` crate defines a compile-time alias `pub type Platform = …` that resolves to exactly one concrete implementation based on Cargo features. As shown in [`litebox_platform_multiplex/src/lib.rs`](https://github.com/microsoft/litebox/blob/main/litebox_platform_multiplex/src/lib.rs) (lines 31-45), enabling the `linux_userland` feature selects the Linux platform struct, while `windows_userland` selects the Windows implementation. The multiplex crate stores the selected platform in a global `once_cell::race::OnceRef` named `PLATFORM`. The `set_platform` function initializes this global reference at startup, and the `platform()` function returns a `&'static Platform` reference. This design allows all shim code to access the platform implementation without threading generic parameters through every function call. ### Static Dispatch with Generic LiteBox The core `LiteBox` struct is generic over the platform type, declared in [`litebox/src/litebox.rs`](https://github.com/microsoft/litebox/blob/main/litebox/src/litebox.rs) (lines 21-23) as: ```rust pub struct LiteBox { // ... } ``` Because `Platform` is a compile-time parameter, the Rust compiler **monomorphizes** all generic code for the specific platform selected. This produces zero-cost abstraction—there is no virtual table dispatch or runtime branching between OS implementations. The sandboxing logic remains identical across platforms while the generated machine code uses direct calls to the selected platform's methods. ## Cross-Platform Sandboxing in Practice The following example demonstrates initializing LiteBox on Linux user-land. The same code compiles for Windows by changing the Cargo feature: ```rust // Cargo.toml enables one platform feature: // [features] // default = ["litebox_platform_multiplex/linux_userland"] use litebox_platform_multiplex::{Platform, set_platform}; fn main() { // Initialize the global platform with network interface "tun0" let platform = Platform::new(Some("tun0")); set_platform(platform); // Create sandboxed instance using the global platform let litebox = litebox::LiteBox::new(litebox::platform::platform()); // Execute guest code in isolated environment litebox.run(/* guest binary */); } ``` When compiled with `windows_userland` feature, `Platform::new` resolves to the Windows implementation using Win32 APIs, yet the calling code remains unchanged. ### Testing with MockPlatform LiteBox includes a `MockPlatform` in [`litebox/src/platform/mock.rs`](https://github.com/microsoft/litebox/blob/main/litebox/src/platform/mock.rs) (lines 60-61) that implements the full `Provider` trait using in-process data structures. This allows unit tests to verify sandboxing logic without requiring real syscalls or elevated privileges: ```rust use litebox::platform::MockPlatform; #[test] fn test_sandbox_isolation() { let mock = MockPlatform::new(); let litebox = LiteBox::new(mock); // Test guest execution with mocked time, network, and memory } ``` ## Summary - **Trait Composition**: The `Provider` trait aggregates six sub-traits (`RawMutexProvider`, `IPInterfaceProvider`, etc.) into a unified platform interface defined in [`litebox/src/platform/mod.rs`](https://github.com/microsoft/litebox/blob/main/litebox/src/platform/mod.rs). - **Compile-Time Selection**: The `litebox_platform_multiplex` crate uses Cargo features to select exactly one platform implementation at compile time, storing it in a global `OnceRef`. - **Zero-Cost Abstraction**: `LiteBox` uses generic monomorphization to eliminate runtime dispatch, ensuring sandboxing logic runs at native speed on any supported host. - **Cross-Platform Portability**: The same guest execution engine runs on Linux user-land, Windows user-land, LVBS kernel, and SEV-SNP environments by swapping the platform implementation. - **Testability**: `MockPlatform` provides a complete in-process implementation of the `Provider` trait for unit testing without real system resources. ## Frequently Asked Questions ### What is the LiteBox Platform trait? The LiteBox Platform trait refers to the `Provider` trait defined in [`litebox/src/platform/mod.rs`](https://github.com/microsoft/litebox/blob/main/litebox/src/platform/mod.rs). It is a marker trait that composes six sub-traits—`RawMutexProvider`, `IPInterfaceProvider`, `TimeProvider`, `PunchthroughProvider`, `DebugLogProvider`, and `RawPointerProvider`—into a single interface that describes the complete execution environment required by a LiteBox sandbox instance. ### How does LiteBox achieve zero-cost abstraction? LiteBox achieves zero-cost abstraction through **static dispatch** and **monomorphization**. The core `LiteBox` struct is generic over the platform type, and the `litebox_platform_multiplex` crate selects exactly one concrete implementation at compile time using Cargo features. The Rust compiler generates specialized machine code for the selected platform, eliminating virtual table lookups or runtime branching while maintaining identical sandboxing logic across all targets. ### Can I run LiteBox on Windows and Linux with the same code? Yes. The same application code compiles for both Windows and Linux by changing the Cargo feature flag in `litebox_platform_multiplex`. When you enable the `linux_userland` feature, the `Platform` type alias resolves to the Linux implementation using POSIX syscalls. Enabling `windows_userland` resolves it to the Win32 implementation. The public API remains identical, so no source code changes are required when porting between platforms. ### How does MockPlatform facilitate testing? `MockPlatform` is a lightweight implementation of the `Provider` trait located in [`litebox/src/platform/mock.rs`](https://github.com/microsoft/litebox/blob/main/litebox/src/platform/mock.rs). It uses in-process data structures to simulate mutexes, network interfaces, time, and memory operations without requiring real syscalls or elevated privileges. Unit tests can instantiate `LiteBox::new(MockPlatform::new())` to verify sandboxing logic, guest execution, and isolation guarantees in a hermetic, reproducible environment that runs on any development machine.