Hi Oliver. Thanks for your comments and suggestions. Here's an update on WebCL security.
First some background: within Khronos a cross working group security initiative was started by the WebCL working group to engage with the OpenCL, WebGL, OpenGL and OpenGL-ES working groups and representatives from the hardware, driver, browser and developer communities. The WebCL WG worked closely with the OpenCL WG, and has defined two OpenCL security extensions which have been ratified by Khronos. Looking at the various security requirements you mentioned from the WebCL working draft. - 4.2 Cross-Origin Information Leakage WebCL's position is that this be handled by the same mechanism as used for WebGL, ie https://www.khronos.org/registry/webgl/specs/latest/#4.2 . A bug will be filed to request update of wording in the working draft. - 4.3 Out-of-Range Memory Access The validator will perform static analysis on WebCL kernels to determine violations of WebCL kernel behavior and language restrictions. The results from the analysis will also be used to determine any necessary instrumentation to bring the WebCL kernels in compliance with security and syntactic requirements of the WebCL API. The RFQ for the WebCL Validator located at https://cvs.khronos.org/wiki/index.php/WebCL_Validator provides information on the approach recommended by the WebCL working group. - 4.4 Memory Initialization to prevent information leakage: This is addressed by the OpenCL CL_CONTEXT_MEMORY_INITIALIZE extension. In http://www.khronos.org/registry/cl/specs/opencl-1.2-extensions.pdf , please refer to section "9.15 Local and Private Memory Initialization". - 4.6 Prevention of potential denial of service (DoS) from long running kernels: This is addressed by the OpenCL CL_CONTEXT_TERMINATE extension. In http://www.khronos.org/registry/cl/specs/opencl-1.2-extensions.pdf , please refer to section "9.16 Terminating OpenCL contexts". With regards to HALF/SINGLE/DOUBLE, you can see that as tracked in https://www.khronos.org/bugzilla/show_bug.cgi?id=808 , it was agreed that support is through extensions ("khr_fp64" and "khr_fp16") and not supported, at this time, in the core API. I wanted to note that the WebCL API working draft is work in progress. Once completed by the WebCL WG, and approved by the Khronos Promoters, its availability will be announced to public as a specification. Khronos generally works on specifications internally, before they are made public. However, for web-based APIs, such as WebGL and WebCL, the members were allowed to share working drafts of the APIs, prior to completion. --Antonio Gomes On Tue, Apr 30, 2013 at 8:36 PM, Oliver Hunt <oli...@apple.com> wrote: > Before i saw any patches landed i would expect the specification to state > exactly what kernel features are allowed and required. > > Additionally the specification language of the security section is fairly > weak - 4.2 doesn't say how CORS will be used to achieve security. > Presumably WebCL just wants the WebGL security resource semantics, but the > language needs to be explicit. > > How is 4.3 enforced? > > The only way to reliably enforce 4.4 is to either restrict the valid > kernel constructs (see my first point - you aren't defining the kernel > semantics sufficiently well), or to avoid ever pushing the kernels onto a > gpu. On the plus side not pushing the kernel to the GPU means executing on > the CPU, and so having the benefit of sane interruption and memory access > behavior, which neatly solves 4.6. > > I'd rather not support the half-float format anywhere, as that simply > means at some point in the communication paths we end up having to do a > software double or single to half conversion, and back again later, all in > order to support older GPUs that don't support single, assuming we even let > the kernel get anywhere near the gpu. > > In general I don't like the design of the API, I believe it over-exposes > system information and doesn't sufficiently define edge case behavior. > > --Oliver > > On Apr 30, 2013, at 5:10 PM, Antonio Gomes <toniki...@webkit.org> wrote: > > Hello. > > As discussed before, Khronos has been working on a specification > for WebCL, a JavaScript API that exposes GPUs and multi-core processors > for intensive compute tasks. The latest version of the working draft is > available here: [1]. > > Over the past weeks, some discussion involving WebCL took place in this > mailing list ([2]), when some concerns were raised, and to which I later on > tried to address in [3]. > > At this time, I would like to contribute our WebCL prototype > implementation [4] to WebKit.org. > > Feature would be defined behind a ENABLE(WEBCL) feature flag, and work > will be tracked onhttps://bugs.webkit.org/show_bug.cgi?id=115457. > > Let me know if you have any comments or concerns. > > Cheers, > > [1] > https://cvs.khronos.org/svn/repos/registry/trunk/public/webcl/spec/latest/index.html > > [2] https://lists.webkit.org/pipermail/webkit-dev/2013-April/024546.html > [3] https://lists.webkit.org/pipermail/webkit-dev/2013-April/024747.html > [4] https://github.com/SRA-SiliconValley/webkit-webcl > > -- > --Antonio Gomes > _______________________________________________ > webkit-dev mailing list > webkit-dev@lists.webkit.org > https://lists.webkit.org/mailman/listinfo/webkit-dev > > >
_______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-dev