| Message ID | 20250408195720.2021-1-ian@retrospec.tv |
|---|---|
| Headers |
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org> X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id A311A27BC4B; Tue, 8 Apr 2025 20:58:27 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-7.4 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2, RCVD_IN_VALIDITY_CERTIFIED,RCVD_IN_VALIDITY_RPBL,RCVD_IN_VALIDITY_SAFE, SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 84F6127BC49 for <patchwork@mira.cbaines.net>; Tue, 8 Apr 2025 20:58:26 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from <guix-patches-bounces@gnu.org>) id 1u2F5C-0006t6-2m; Tue, 08 Apr 2025 15:58:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1u2F5A-0006sN-9v for guix-patches@gnu.org; Tue, 08 Apr 2025 15:58:04 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1u2F59-0003Pi-Vz for guix-patches@gnu.org; Tue, 08 Apr 2025 15:58:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debbugs.gnu.org; s=debbugs-gnu-org; h=MIME-Version:Date:From:To:Subject; bh=0UUAqwMtjrq9UrYC/6JSIkPF8vtVBG7ItbCAiOXQGgA=; b=ugb0cHcbFSm/2SPZwTlk/Jc9YjzUbKir7EXiiWQSJP9/LBWWCc8+3THYMHq9bgHwX1eRqUlaNZFjLGCsFGIUCfKGn7VEeEiOIO5d+nQ7jegJJeDEOLT+ovgVMPubOgHaAoxAvfEXuPwEZKBo1WiT/TK4Sc+QaKcgxt3CVWMj/UE87zfhXPH4ts5HfrEwX3O+Cquauw50jjJv1Fq5bEo1xL1kvmu35e6+gxPoRnxUf/aKWZy8SDgc1CX0XZ8yaCgkLuHZWyiatohvksZrMviVaH6oSsgXvyXXFbvrqBq/grXkQbLclF5mW8S45Oau7MraPFJEUXjgL4INfrotl4tweQ==; Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1u2F58-0000Jg-EP for guix-patches@gnu.org; Tue, 08 Apr 2025 15:58:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#77653] [PATCH 0/4] Add WASM toolchain, wasi-libc, and browser WASM sandbox support Resent-From: Ian Eure <ian@retrospec.tv> Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org> Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 08 Apr 2025 19:58:02 +0000 Resent-Message-ID: <handler.77653.B.17441422701181@debbugs.gnu.org> Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 77653 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 77653@debbugs.gnu.org Cc: Ian Eure <ian@retrospec.tv> X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17441422701181 (code B ref -1); Tue, 08 Apr 2025 19:58:02 +0000 Received: (at submit) by debbugs.gnu.org; 8 Apr 2025 19:57:50 +0000 Received: from localhost ([127.0.0.1]:35599 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>) id 1u2F4v-0000Ix-KH for submit@debbugs.gnu.org; Tue, 08 Apr 2025 15:57:50 -0400 Received: from lists.gnu.org ([2001:470:142::17]:35914) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@retrospec.tv>) id 1u2F4s-0000Ia-Iv for submit@debbugs.gnu.org; Tue, 08 Apr 2025 15:57:47 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ian@retrospec.tv>) id 1u2F4j-0006oS-5H for guix-patches@gnu.org; Tue, 08 Apr 2025 15:57:37 -0400 Received: from fout-a4-smtp.messagingengine.com ([103.168.172.147]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ian@retrospec.tv>) id 1u2F4c-0003O3-5o for guix-patches@gnu.org; Tue, 08 Apr 2025 15:57:36 -0400 Received: from phl-compute-11.internal (phl-compute-11.phl.internal [10.202.2.51]) by mailfout.phl.internal (Postfix) with ESMTP id 09B6A1380194; Tue, 8 Apr 2025 15:57:25 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-11.internal (MEProxy); Tue, 08 Apr 2025 15:57:25 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to; s=fm1; t=1744142245; x=1744228645; bh=0UUAqwMtjrq9UrYC/6JSI kPF8vtVBG7ItbCAiOXQGgA=; b=jyOvFfTfiiVBdSxoSkSc0vOBP/NC9QctuV5gA 3K/eeQLJnriyy/L44+q31HKi2EXzFIzdxr59ROIzlhQjb6wQVD14iFEOJoQt8Ok1 WnGpWTLEDs1QkCZvmmFn0cEsPmICY+T9Nc1jssCB6PRy4gDzlFhXNZaQGMff528/ 90Yf6uT6GaoREk0m+pvu9ggX+ot4BxEhZuFN/xeXBtGALGC+rbp0ZMwqBw8JvsAL 8QFv1/F68NkHx/+puSbUACrq/T441XaMrQYPMJdNO3oR0KDhUhfFAkJmUZvyMkB/ qMux27011c3Cngs6kKIY7SBkgmqHefN/vs02BSHxJt8uEJ6Yw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:message-id:mime-version:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1744142245; x=1744228645; bh=0UUAqwMtjrq9UrYC/6JSIkPF8vtVBG7ItbC AiOXQGgA=; b=xkOGWio+TDBUNjhE7coUD8PPF+hu0eUWo9/J0gHXSnTlvLD7RCQ mGj0FMzrukvt104k/AXsQamaMMWYHDV75SPTqebVsleOJ7wnGeCPbl+UohEXkRPL JpXZfULrf8PCVtMYaAVUhrfx9PsPkJFv6Y6UjkNSYzAzzZsDiljZwACtlY0OfiQU 7cf1hXBRlJrZSABjKHGmEr0QwkUTkDUYQ4THxNGU3o+WXzSU5bz+MX1YP6mCt//f BuG+32CYfgazOo1cEDvFMnQMlPuaOpZgHEtuBCTMtrMhzAhTvjMEtYKUuc2HQzfZ CQeVogGYBGjdUp9d3lU56r9Q30y0D5t2VuQ== X-ME-Sender: <xms:pH_1Z7AgHTisfbl4IZQ_s49EGH8OxFOxSIPQEsDsKA0wltCzxyIesw> <xme:pH_1Zxgn-xnzLbj949CYtMmQ7OM9DoUzEjrB5sgBMa_8EgM-wmsXCk_Oy9DAfB3hl JhnnQZEXUaD5N48Rg> X-ME-Received: <xmr:pH_1Z2mNj4av7oDkVK6NYzAaCTM7Y_cuXhUeuck3sPIuXNz2eaSF1kiu0aPOak0_gX6GBFPm18vAKEvZz7XsdxeZGEV0pX0q4gdpZgxGc3hZZuGdpDarKg> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddvtdefleelucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufffkffoggfgsedtkeertdertddtnecuhfhrohhmpefkrghnucfguhhrvgcuoehirghn sehrvghtrhhoshhpvggtrdhtvheqnecuggftrfgrthhtvghrnhepteduveegfefhieegke efkeeitdelleelffettefgueelteeitdeuleefgeffjeevnecuffhomhgrihhnpehmohii ihhllhgrrdhorhhgpdgtohguvggsvghrghdrohhrghdpghhithhlrggsrdgtohhmnecuve hluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepihgrnhesrhgv thhrohhsphgvtgdrthhvpdhnsggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuth dprhgtphhtthhopehguhhigidqphgrthgthhgvshesghhnuhdrohhrghdprhgtphhtthho pehirghnsehrvghtrhhoshhpvggtrdhtvh X-ME-Proxy: <xmx:pH_1Z9z32vO_wUt98fD1IAPmLzmrusNRam2VAqBF1SYf_zdMBB8zwA> <xmx:pH_1ZwT1_hHf00THCoUDvVN4oMGWH5RDnx1O71r_FYxlu-8I3iXTzA> <xmx:pH_1ZwaHRpJymlH5rt7Of7h4KkdSmf-InnIwV18qBNeacAcoLCzAYA> <xmx:pH_1ZxRzfMWoHel0ezQ0Jk9uwm0LzGWM-PdC7ItdBIonY9HiVP9S9Q> <xmx:pX_1Z5TPQAjwhT8wLYntSC9bLRjqgLWOGU3urnQU6QzfdcM1aSsaUBRh> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 8 Apr 2025 15:57:23 -0400 (EDT) From: Ian Eure <ian@retrospec.tv> Date: Tue, 8 Apr 2025 12:57:20 -0700 Message-ID: <20250408195720.2021-1-ian@retrospec.tv> X-Mailer: git-send-email 2.49.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=103.168.172.147; envelope-from=ian@retrospec.tv; helo=fout-a4-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: <guix-patches.gnu.org> List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=unsubscribe> List-Archive: <https://lists.gnu.org/archive/html/guix-patches> List-Post: <mailto:guix-patches@gnu.org> List-Help: <mailto:guix-patches-request@gnu.org?subject=help> List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>, <mailto:guix-patches-request@gnu.org?subject=subscribe> Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches |
| Series |
Add WASM toolchain, wasi-libc, and browser WASM sandbox support
|
|
Message
Ian Eure
April 8, 2025, 7:57 p.m. UTC
This patch series adds a Clang variant which can emit WASM; runtime support for WASM binaries; wasi-libc, a libc implementation for WASM programs; and a `wasm-sandboxed' function which creates a WASM sandboxed variant of Firefox-based browsers. In Firefox and Firefox-derived browsers, WASM sandboxing is a security technique which compiles C/C++ libraries into WASM, then translates the WASM back into native code. This allows leveraging the WASM security model to isolate the library from the browser, without needing a separate process to contain it. Please see this blog post for more info: https://hacks.mozilla.org/2020/02/securing-firefox-with-webassembly/ The code is extracted from my personal channel[1], which in turn is based on work done for nonguix's Firefox package. I've been daliy-driving personal variants of LibreWolf since before the package was accepted into Guix, and nonguix's Firefox has been using it even longer. [1]: https://codeberg.org/ieure/atomized-guix/src/branch/main/atomized/packages/wasm.scm [2]: https://gitlab.com/nonguix/nonguix/-/blob/master/nongnu/packages/wasm.scm?ref_type=heads Ian Eure (4): gnu: Add wasi-libc. gnu: Add wasm32-wasi-clang-runtime. gnu: Add wasm32-wasi-clang. gnu: Add wasm-sandboxed. gnu/packages/gnuzilla.scm | 30 +++++++++ gnu/packages/wasm.scm | 135 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 165 insertions(+) create mode 100644 gnu/packages/wasm.scm
Comments
Z572 <z572@z572.online> writes: > Ian Eure <ian@retrospec.tv> writes: > >> + (native-inputs >> + (list clang-16 >> + wasi-libc)) > > Should wasi-libc be placed in inputs? Good question. I think it can be, since it’s WASM bytecode. My only concern is that it might contain an arch-specific store reference, but I dug around in the output and didn’t see anything. So I think this should be fine, but I’ll do a little testing. All your other suggestions look good, I’ll give this a whirl and send a v2. Thanks, -- Ian
Hi Ian, Ian Eure <ian@retrospec.tv> writes: > This patch series adds a Clang variant which can emit WASM; runtime support for WASM binaries; wasi-libc, a libc implementation for WASM programs; and a `wasm-sandboxed' function which creates a WASM sandboxed variant of Firefox-based browsers. > > In Firefox and Firefox-derived browsers, WASM sandboxing is a security technique which compiles C/C++ libraries into WASM, then translates the WASM back into native code. This allows leveraging the WASM security model to isolate the library from the browser, without needing a separate process to contain it. Please see this blog post for more info: https://hacks.mozilla.org/2020/02/securing-firefox-with-webassembly/ > > The code is extracted from my personal channel[1], which in turn is based on work done for nonguix's Firefox package. I've been daliy-driving personal variants of LibreWolf since before the package was accepted into Guix, and nonguix's Firefox has been using it even longer. > > [1]: https://codeberg.org/ieure/atomized-guix/src/branch/main/atomized/packages/wasm.scm > [2]: https://gitlab.com/nonguix/nonguix/-/blob/master/nongnu/packages/wasm.scm?ref_type=heads > > Ian Eure (4): > gnu: Add wasi-libc. > gnu: Add wasm32-wasi-clang-runtime. > gnu: Add wasm32-wasi-clang. > gnu: Add wasm-sandboxed. Thanks for picking it up! Nice series. I've left a few hopefully useful comments. Could you please prepare a v2 taking them into account? Thank you!
Hi Maxim, Z572, Maxim Cournoyer <maxim.cournoyer@gmail.com> writes: > Hi Ian, > > > Thanks for picking it up! Nice series. I've left a few > hopefully > useful comments. Could you please prepare a v2 taking them into > account? Sorry about the delay on this. I appreciate the feedback and have a v2 in decent shape that incorporates nearly all the feedback from the two of you. Unfortunately, this work is currently blocked due to unclear licensing of the WASI specification, which wasi-libc includes a copy of via Git submodule. There’s an issue open for this, but it was opened in 2019 and still isn’t resolved. Hopefully recent pings on the issue will get it some renewed attention, but I’m not feeling confident about moving this forward at the moment. I’ll go ahead and send a v2 patch anyway, but it’s unpushable until the WASI situation is resolved. Thanks, -- Ian [1]: https://github.com/WebAssembly/WASI/issues/182
Hi, Ian Eure <ian@retrospec.tv> writes: > Hi Maxim, Z572, > > Maxim Cournoyer <maxim.cournoyer@gmail.com> writes: > >> Hi Ian, >> >> >> Thanks for picking it up! Nice series. I've left a few hopefully >> useful comments. Could you please prepare a v2 taking them into >> account? > > Sorry about the delay on this. I appreciate the feedback and have a > v2 in decent shape that incorporates nearly all the feedback from the > two of you. > > Unfortunately, this work is currently blocked due to unclear licensing > of the WASI specification, which wasi-libc includes a copy of via Git WASI specification sounds like non-functional data more than code, right? If that's correct, then it shouldn't be an impediment to having this merged in GNU Guix (though of course having this licensing issue fixed upstream would be nice), as the GNU FSDG has an exception for non-functional data, as long as is freely distributable. See the 'Non-functional Data' paragraph, specifically: > It can be included in a free system distribution as long as its > license gives you permission to copy and redistribute, both for > commercial and non-commercial purposes.
Hi Maxim, Maxim Cournoyer <maxim.cournoyer@gmail.com> writes: > Hi, > > Ian Eure <ian@retrospec.tv> writes: > >> Hi Maxim, Z572, >> >> Maxim Cournoyer <maxim.cournoyer@gmail.com> writes: >> >>> Hi Ian, >>> >>> >>> Thanks for picking it up! Nice series. I've left a few >>> hopefully >>> useful comments. Could you please prepare a v2 taking them >>> into >>> account? >> >> Sorry about the delay on this. I appreciate the feedback and >> have a >> v2 in decent shape that incorporates nearly all the feedback >> from the >> two of you. >> >> Unfortunately, this work is currently blocked due to unclear >> licensing >> of the WASI specification, which wasi-libc includes a copy of >> via Git > > WASI specification sounds like non-functional data more than > code, > right? If that's correct, then it shouldn't be an impediment to > having > this merged in GNU Guix (though of course having this licensing > issue > fixed upstream would be nice), as the GNU FSDG has an exception > for > non-functional data, as long as is freely distributable. See > the > 'Non-functional Data' paragraph, specifically: The stuff in the WASI repo is used to generate api.h in wasi-libc[1]. Since it’s already in there, maybe we don’t need to package the WASI repo or fetch the submodule at all. >> It can be included in a free system distribution as long as its >> license gives you permission to copy and redistribute, both for >> commercial and non-commercial purposes. The issue is that it’s unclear whether it has a user license at all. The only licensing information in the project is two sentences saying[2]: Copyright © 2019-2023 the Contributors to the WASI Specification, published by the WebAssembly Community Group under the W3C Community Contributor License Agreement (CLA). A human-readable summary is available. The CLA itself covers contributions into the project. While section 12.8 has some language about the terms it can be provided under, a specific license laying out those terms is not provided. It also appears to cover the Specification, which is the final work product, which hasn’t been published yet. Section 5 also allows contributions to be withdrawn up to 45 days after being contributed, which makes it incompatible with the GPL’s "Basic Permissions," which states: All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. I’ll see if wasi-libc builds without the WASI module and go from there. Thanks, -- Ian [1]: https://github.com/WebAssembly/wasi-libc/blob/main/libc-bottom-half/headers/public/wasi/api.h [2]: https://github.com/WebAssembly/WASI/blob/main/LICENSE.md