A Closer Look at Webassembly
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Differential Fuzzing the Webassembly
Master’s Programme in Security and Cloud Computing Differential Fuzzing the WebAssembly Master’s Thesis Gilang Mentari Hamidy MASTER’S THESIS Aalto University - EURECOM MASTER’STHESIS 2020 Differential Fuzzing the WebAssembly Fuzzing Différentiel le WebAssembly Gilang Mentari Hamidy This thesis is a public document and does not contain any confidential information. Cette thèse est un document public et ne contient aucun information confidentielle. Thesis submitted in partial fulfillment of the requirements for the degree of Master of Science in Technology. Antibes, 27 July 2020 Supervisor: Prof. Davide Balzarotti, EURECOM Co-Supervisor: Prof. Jan-Erik Ekberg, Aalto University Copyright © 2020 Gilang Mentari Hamidy Aalto University - School of Science EURECOM Master’s Programme in Security and Cloud Computing Abstract Author Gilang Mentari Hamidy Title Differential Fuzzing the WebAssembly School School of Science Degree programme Master of Science Major Security and Cloud Computing (SECCLO) Code SCI3084 Supervisor Prof. Davide Balzarotti, EURECOM Prof. Jan-Erik Ekberg, Aalto University Level Master’s thesis Date 27 July 2020 Pages 133 Language English Abstract WebAssembly, colloquially known as Wasm, is a specification for an intermediate representation that is suitable for the web environment, particularly in the client-side. It provides a machine abstraction and hardware-agnostic instruction sets, where a high-level programming language can target the compilation to the Wasm instead of specific hardware architecture. The JavaScript engine implements the Wasm specification and recompiles the Wasm instruction to the target machine instruction where the program is executed. Technically, Wasm is similar to a popular virtual machine bytecode, such as Java Virtual Machine (JVM) or Microsoft Intermediate Language (MSIL). -
Seamless Offloading of Web App Computations from Mobile Device to Edge Clouds Via HTML5 Web Worker Migration
Seamless Offloading of Web App Computations From Mobile Device to Edge Clouds via HTML5 Web Worker Migration Hyuk Jin Jeong Seoul National University SoCC 2019 Virtual Machine & Optimization Laboratory Department of Electrical and Computer Engineering Seoul National University Computation Offloading Mobile clients have limited hardware resources Require computation offloading to servers E.g., cloud gaming or cloud ML services for mobile Traditional cloud servers are located far from clients Suffer from high latency 60~70 ms (RTT from our lab to the closest Google Cloud DC) Latency<50 ms is preferred for time-critical games Cloud data center End device [Kjetil Raaen, NIK 2014] 2 Virtual Machine & Optimization Laboratory Edge Cloud Edge servers are located at the edge of the network Provide ultra low (~a few ms) latency Central Clouds Mobile WiFi APs Small cells Edge Device Cloud Clouds What if a user moves? 3 Virtual Machine & Optimization Laboratory A Major Issue: User Mobility How to seamlessly provide a service when a user moves to a different server? Resume the service at the new server What if execution state (e.g., game data) remains on the previous server? This is a challenging problem Edge computing community has struggled to solve it • VM Handoff [Ha et al. SEC’ 17], Container Migration [Lele Ma et al. SEC’ 17], Serverless Edge Computing [Claudio Cicconetti et al. PerCom’ 19] We propose a new approach for web apps based on app migration techniques 4 Virtual Machine & Optimization Laboratory Outline Motivation Proposed system WebAssembly -
Webassembly a New World of Native Exploits on the Web Agenda
WebAssembly A New World Of Native Exploits On The Web Agenda • Introduction • The WebAssembly Platform • Emscripten • Possible Exploit Scenarios • Conclusion Wasm: What is it good for? ● Archive.org web emulators ● Image/processing ● Video Games ● 3D Modeling ● Cryptography Libraries ● Desktop Application Ports Wasm: Crazy Incoming ● Browsix, jslinux ● Runtime.js (Node), Nebulet ● Cervus ● eWASM Java Applet Joke Slide ● Sandboxed ● Virtual Machine, runs its own instruction set ● Runs in your browser ● Write once, run anywhere ● In the future, will be embedded in other targets What Is WebAssembly? ● A relatively small set of low-level instructions ○ Instructions are executed by browsers ● Native code can be compiled into WebAssembly ○ Allows web developers to take their native C/C++ code to the browser ■ Or Rust, or Go, or anything else that can compile to Wasm ○ Improved Performance Over JavaScript ● Already widely supported in the latest versions of all major browsers ○ Not limited to running in browsers, Wasm could be anywhere Wasm: A Stack Machine Text Format Example Linear Memory Model Subtitle Function Pointers Wasm in the Browser ● Wasm doesn’t have access to memory, DOM, etc. ● Wasm functions can be exported to be callable from JS ● JS functions can be imported into Wasm ● Wasm’s linear memory is a JS resizable ArrayBuffer ● Memory can be shared across instances of Wasm ● Tables are accessible via JS, or can be shared to other instances of Wasm Demo: Wasm in a nutshell Emscripten ● Emscripten is an SDK that compiles C/C++ into .wasm binaries ● LLVM/Clang derivative ● Includes built-in C libraries, etc. ● Also produces JS and HTML code to allow easy integration into a site. -
Superoptimization of Webassembly Bytecode
Superoptimization of WebAssembly Bytecode Javier Cabrera Arteaga Shrinish Donde Jian Gu Orestis Floros [email protected] [email protected] [email protected] [email protected] Lucas Satabin Benoit Baudry Martin Monperrus [email protected] [email protected] [email protected] ABSTRACT 2 BACKGROUND Motivated by the fast adoption of WebAssembly, we propose the 2.1 WebAssembly first functional pipeline to support the superoptimization of Web- WebAssembly is a binary instruction format for a stack-based vir- Assembly bytecode. Our pipeline works over LLVM and Souper. tual machine [17]. As described in the WebAssembly Core Specifica- We evaluate our superoptimization pipeline with 12 programs from tion [7], WebAssembly is a portable, low-level code format designed the Rosetta code project. Our pipeline improves the code section for efficient execution and compact representation. WebAssembly size of 8 out of 12 programs. We discuss the challenges faced in has been first announced publicly in 2015. Since 2017, it has been superoptimization of WebAssembly with two case studies. implemented by four major web browsers (Chrome, Edge, Firefox, and Safari). A paper by Haas et al. [11] formalizes the language and 1 INTRODUCTION its type system, and explains the design rationale. The main goal of WebAssembly is to enable high performance After HTML, CSS, and JavaScript, WebAssembly (WASM) has be- applications on the web. WebAssembly can run as a standalone VM come the fourth standard language for web development [7]. This or in other environments such as Arduino [10]. It is independent new language has been designed to be fast, platform-independent, of any specific hardware or languages and can be compiled for and experiments have shown that WebAssembly can have an over- modern architectures or devices, from a wide variety of high-level head as low as 10% compared to native code [11]. -
Swivel: Hardening Webassembly Against Spectre
Swivel: Hardening WebAssembly against Spectre Shravan Narayan† Craig Disselkoen† Daniel Moghimi¶† Sunjay Cauligi† Evan Johnson† Zhao Gang† Anjo Vahldiek-Oberwagner? Ravi Sahita∗ Hovav Shacham‡ Dean Tullsen† Deian Stefan† †UC San Diego ¶Worcester Polytechnic Institute ?Intel Labs ∗Intel ‡UT Austin Abstract in recent microarchitectures [41] (see Section 6.2). In con- We describe Swivel, a new compiler framework for hardening trast, Spectre can allow attackers to bypass Wasm’s isolation WebAssembly (Wasm) against Spectre attacks. Outside the boundary on almost all superscalar CPUs [3, 4, 35]—and, browser, Wasm has become a popular lightweight, in-process unfortunately, current mitigations for Spectre cannot be im- sandbox and is, for example, used in production to isolate plemented entirely in hardware [5, 13, 43, 51, 59, 76, 81, 93]. different clients on edge clouds and function-as-a-service On multi-tenant serverless, edge-cloud, and function as a platforms. Unfortunately, Spectre attacks can bypass Wasm’s service (FaaS) platforms, where Wasm is used as the way to isolation guarantees. Swivel hardens Wasm against this class isolate mutually distursting tenants, this is particulary con- 1 of attacks by ensuring that potentially malicious code can nei- cerning: A malicious tenant can use Spectre to break out of ther use Spectre attacks to break out of the Wasm sandbox nor the sandbox and read another tenant’s secrets in two steps coerce victim code—another Wasm client or the embedding (§5.4). First, they mistrain different components of the under- process—to leak secret data. lying control flow prediction—the conditional branch predic- We describe two Swivel designs, a software-only approach tor (CBP), branch target buffer (BTB), or return stack buffer that can be used on existing CPUs, and a hardware-assisted (RSB)—to speculatively execute code that accesses data out- approach that uses extension available in Intel® 11th genera- side the sandbox boundary. -
View the Index
INDEX Symbol public, 248, 258 !! (JavaScript), 47, 53 runtime, 248, 255, 257 super, 263 A AssemblyScript loader, 247, 248, accumulator machine, 221 251–256, 260–266 accumulator register, 220 __allocString, 255 ActionScript Virtual Machine 2 demangle, 264 (AVM2), 9 __getString, 255 Advanced RISC Machine (ARM), 9 __newString, 255 alert (JavaScript), 232, 245 async (JavaScript), 24 allocates memory, 189 ATmega328, 117 __allocString (AssemblyScript AVM2 (ActionScript Virtual loader), 255 Machine 2), 9 AND mask, 80, 106 anyfunc (WAT), 59–60 B ArrayBuffer (JavaScript), 116 base address, 126 asc, 248, 255, 257, 261, 262, 263, 267 base index, 130 --exportRuntime, 255 benchmark (benchmark.js), 216 -h, 248 mean, 217 --importMemory, 252 run, 217 -o, 257, 258 sort, 217 -O, 248 suite, 217 -Oz, 249 suite.add, 217 --sourceMap, 248 suite.on, 217 ASCII, 88, 103, 106, 108, 112, 251 biased exponent, 75 Assembly language, 6 big-endian, 84, 93 AssemblyScript, 3, 6, 197, 198, 247–268 BigInt, 25, 73 class, 262, 263, 266 binary, 70, 101, 110, 147, 148, 151, 152, declare, 250 154, 155 export, 249 Binaryen, 197, 213 f64, 257 Binaryen optimizer, 208 function, 249 bit flipping, 73, 83 garbage collection, 248 bit manipulation, 71, 79 i32, 249 bit masking, 80 installing, 248 bit rotation, 80 private, 247, 248, 258, 259, 261, bit shifting, 79 262, 267 bitwise AND, 80, 212 protected, 248, 258 bitwise OR, 82 block (HTML), 145 r0, 221 block (WAT), 37, 38, 39, 50 StackCheck, 221 body (HTML), 145, 146, 149, 150 Star, 221 Bottom-Up (Chrome profiler), 192 TestLessThan, 221 -
Latest Consensus Test Suite Releases • Implementing Feature Requests from the Community (Truffle, Remix, Others), E.G
EthereumJS Documentation Release 0.1 EthereumJS Team Nov 05, 2020 Contents: 1 Introduction 3 1.1 Overview.................................................3 1.2 Focus and related Projects........................................3 1.3 Team and Contact............................................4 1.4 Ongoing Work Tasks...........................................4 2 Contributing 7 2.1 Where to Contribute...........................................7 2.2 How to Start...............................................8 3 Technical Reference 9 3.1 Development...............................................9 3.2 Distribution................................................ 10 3.3 Git Workflow............................................... 11 3.4 Code Quality............................................... 13 3.5 Security.................................................. 14 3.6 Shared Library Resources........................................ 14 4 Roadmap 17 4.1 Active Projects.............................................. 17 4.2 Considered Projects........................................... 18 4.3 Finished Projects............................................. 19 4.4 Stalled Projects.............................................. 20 4.5 Canceled Projects............................................ 20 5 Code of Conduct 21 6 Indices and tables 23 i ii EthereumJS Documentation, Release 0.1 This guide aims to be a both comprehensive and lightweight guide to the EthereumJS ecosystem. It is meant to serve as an internal reference, give guidance for new contributors -
Webassembly Backgrounder
Copyright (c) Clipcode Limited 2021 - All rights reserved Clipcode is a trademark of Clipcode Limited - All rights reserved WebAssembly Backgrounder [DRAFT] Written By Eamon O’Tuathail Last updated: January 8, 2021 Table of Contents 1: Introduction.................................................................................................3 2: Tooling & Getting Started.............................................................................13 3: Values.......................................................................................................18 4: Flow Control...............................................................................................27 5: Functions...................................................................................................33 6: (Linear) Memory.........................................................................................42 7: Tables........................................................................................................50 1: Introduction Overview The WebAssembly specification is a definition of an instruction set architecture (ISA) for a virtual CPU that runs inside a host embedder. Initially, the most widely used embedder is the modern standard web browser (no plug-ins required). Other types of embedders can run on the server (e.g. inside standard Node.js v8 – no add-ons required) or in future there could be more specialist host embedders such as a cross- platform macro-engine inside desktop, mobile or IoT applications. Google, Mozilla, Microsoft and -
Mitigating Javascript's Overhead with Webassembly
Samuli Ylenius Mitigating JavaScript’s overhead with WebAssembly Faculty of Information Technology and Communication Sciences M. Sc. thesis March 2020 ABSTRACT Samuli Ylenius: Mitigating JavaScript’s overhead with WebAssembly M. Sc. thesis Tampere University Master’s Degree Programme in Software Development March 2020 The web and web development have evolved considerably during its short history. As a result, complex applications aren’t limited to desktop applications anymore, but many of them have found themselves in the web. While JavaScript can meet the requirements of most web applications, its performance has been deemed to be inconsistent in applications that require top performance. There have been multiple attempts to bring native speed to the web, and the most recent promising one has been the open standard, WebAssembly. In this thesis, the target was to examine WebAssembly, its design, features, background, relationship with JavaScript, and evaluate the current status of Web- Assembly, and its future. Furthermore, to evaluate the overhead differences between JavaScript and WebAssembly, a Game of Life sample application was implemented in three splits, fully in JavaScript, mix of JavaScript and WebAssembly, and fully in WebAssembly. This allowed to not only compare the performance differences between JavaScript and WebAssembly but also evaluate the performance differences between different implementation splits. Based on the results, WebAssembly came ahead of JavaScript especially in terms of pure execution times, although, similar benefits were gained from asm.js, a predecessor to WebAssembly. However, WebAssembly outperformed asm.js in size and load times. In addition, there was minimal additional benefit from doing a WebAssembly-only implementation, as just porting bottleneck functions from JavaScript to WebAssembly had similar performance benefits. -
Contents in Detail
CONTENTS IN DETAIL FOREWORD xv ACKNOWLEDGMENTS xvii INTRODUCTION xix Who Should Read This Book . xix Why Users Are Interested in WebAssembly . xx Why the World Needs WebAssembly . xxi What’s in This Book . xxi 1 AN INTRODUCTION TO WEBASSEMBLY 1 What Is WebAssembly? . 2 Reasons to Use WebAssembly . 3 Better Performance . 3 Integrating Legacy Libraries . 4 Portability and Security . 4 JavaScript Skeptics . 4 WebAssembly’s Relationship with JavaScript . 5 Why Learn WAT? . 6 WAT Coding Styles . 7 The Embedding Environment . 11 The Browser . 11 WASI . 11 Visual Studio Code . 12 Node .js . 12 Our First Node .js WebAssembly App . 14 Calling the WebAssembly Module from Node .js . 15 The .then Syntax . 16 The Time Is Now . 17 2 WEBASSEMBLY TEXT BASICS 19 Writing the Simplest Module . 20 Hello World in WebAssembly . 20 Creating Our WAT Module . 21 Creating the JavaScript File . 23 WAT Variables . 25 Global Variables and Type Conversion . 25 Local Variables . 29 Unpacking S-Expressions . 30 Indexed Variables . 32 Converting Between Types . 32 if/else Conditional Logic . 34 Loops and Blocks . 37 The block Statement . 37 The loop Expression . 38 Using block and loop Together . 39 Branching with br_table . 42 Summary . 43 3 FUNCTIONS AND TABLES 45 When to Call Functions from WAT . 46 Writing an is_prime Function . 46 Passing Parameters . 46 Creating Internal Functions . 47 Adding the is_prime Function . 49 The JavaScript . 52 Declaring an Imported Function . 54 JavaScript Numbers . 55 Passing Data Types . 55 Objects in WAT . 55 Performance Implications of External Function Calls . 55 Function Tables . 59 Creating a Function Table in WAT . 59 Summary . -
WASM Presentation
DRUPAL DEVELOPER DAYS LISBON 2018 WebAssembly (WASM) A game changer for the Web Mladen Todorović 05.07.2018 Drupal Dev Days Lisbon Diamond Sponsor Platinum Sponsors Gold Sponsors About ME Face => Name: Mladen Todorović mtodor@everywhere (drupal.org, twitter, gmail, github, etc.) - some experience in software development (around 19 years) - front-end developer for several years (mainly ExtJS framework) - “full stack” developer, dev-ops, mother and father of RTB system - currently part of THunder Core team (for already 2 years) Applications, applications! Native applications ● [+] good performance ● [+] variety of languages ● [-] distributing application (different platforms, etc.) ● [-] security Web applications ● [+] one platform (any browser) ● [+] good security ● [-] performance is not so perfect ● [-] limited to one programming language WASM gets good parts It combines good parts from native and web applications. We have: - fast applications - use many languages (in theory) – it supports compiling from LLVM - runs on one platform widely available What is WASM? - web standard that defines a binary format that can be run in web browser - compilation target for languages such as C/C++ or Rust - near-native performance - alongside JavaScript About WASM - first announced on 17.06.2015 - the team includes people from Mozilla, Microsoft, Google and Apple. - MVP in March 2017 - around 74% global web browser support for WebAssembly How can we benefit? ● make better applications (we have more computational power) ● offload computation to clients ● security out of box (browsers are providing good sandboxing) ● no need for specialized developers in Web development ● reuse of existing libraries/algorithms/projects Software branches that will benefit most from WASM ● Gaming ● Crypto ● Software graphics and animation ● Computer vision ● Emulation cores ● Compression ● Audio processing ● In-memory databases Current problems complicated interface with JavaScript in order to manipulate DOM executing a WASM function from JS is slow Current problems (no. -
Formally Verifying Webassembly with Kwasm
Formally Verifying WebAssembly with KWasm Towards an Automated Prover for Wasm Smart Contracts Master’s thesis in Computer Science and Engineering RIKARD HJORT Department of Computer Science and Engineering CHALMERS UNIVERSITY OF TECHNOLOGY UNIVERSITY OF GOTHENBURG Gothenburg, Sweden 2020 Master’s thesis 2020 Formally Verifying WebAssembly with KWasm Towards an Automated Prover for Wasm Smart Contracts RIKARD HJORT Department of Computer Science and Engineering Chalmers University of Technology University of Gothenburg Gothenburg, Sweden 2020 Formally Verifying WebAssembly with KWasm Towards an Automated Prover for Wasm Smart Contracts RIKARD HJORT © RIKARD HJORT, 2020. Supervisor: Thomas Sewell, Department of Computer Science and Engineering Examiner: Wolfgang Ahrendt, Department of Computer Science and Engineering Master’s Thesis 2020 Department of Computer Science and Engineering Chalmers University of Technology and University of Gothenburg SE-412 96 Gothenburg Telephone +46 31 772 1000 Cover: Conceptual rendering of the KWasm system, as the logos for K ans Web- Assembly merged together, with a symbolic execution proof tree protruding. The cover image is made by Bogdan Stanciu, with permission. The WebAssembly logo made by Carlos Baraza and is licensed under Creative Commons License CC0. The K logo is property of Runtime Verification, Inc., with permission. Typeset in LATEX Gothenburg, Sweden 2020 iv Formally Verifying WebAssembly with KWasm Towards an Automated Prover for Wasm Smart Contracts Rikard Hjort Department of Computer Science and Engineering Chalmers University of Technology and University of Gothenburg Abstract A smart contract is immutable, public bytecode which handles valuable assets. This makes it a prime target for formal methods. WebAssembly (Wasm) is emerging as bytecode format for smart contracts.