Chromium Docs – WebGPU Technical Report
Authors: tiszka@chromium.org, bookholt@chromium.org, mattdr@chromium.org
Chrome Graphics as Seen By Attackers
On this doc we define how WebGPU works via the thoughts of an attacker, our vulnerability analysis methodologies, and our thought processes in among the tougher analysis areas. There are a lot of fascinating parts of Chrome graphics that we omitted from evaluation to maintain scope manageable. Whereas our main focus was WebGPU, we did discover a couple of assault surfaces shared by different graphics options. We are going to interleave background info on WebGPU with descriptions of the essential bugs we discovered. We hope this report will give the safety neighborhood a deeper understanding of the form of vulnerabilities we could come to count on with the addition of WebGPU, together with a lens into the vulnerabilities we’d encounter sooner or later.
The graphics stack has lengthy been an space of curiosity for Chrome Safety. Earlier than we dive into WebGPU internals, contemplate the diagram under displaying a simplified view of the Chrome graphics structure.
Present above: Attackers’ perspective of Chrome graphics.
The Chrome course of mannequin makes use of sandboxing to create layered safety boundaries between untrusted content material from the net and guarded person information. Nonetheless, the speedy evolution and excessive complexity of Chrome’s accelerated graphics options coupled with their have to interface immediately with drivers within the kernel, in addition to their implementation in memory-unsafe languages imply bugs in graphics code are particularly helpful for bypassing Chrome sandbox boundaries. Moreover, though Chrome units the business customary for quickly fixing safety bugs and shortly delivery updates to customers, the presence and publicity of code supported by third events creates challenges to getting fixes to customers quickly that may lengthen the interval when a vulnerability could also be viable for exploitation, decreasing the price attackers should bear to maintain a functionality.
Enter WebGPU
WebGPU entered Origin Trial in mid-2022 marking the primary time net builders and customers obtained to expertise the brand new options. Coincidentally, the Chrome Offensive Safety crew determined to look into WebGPU as our first main analysis goal.
In response to the WebGPU spec, “WebGPU exposes an API for performing operations, resembling rendering and computation, on a Graphics Processing Unit”. Not like WebGL, its predecessor that set out with related objectives, WebGPU is not an present native API ported to the Internet; WebGPU is a brand new API designed to floor the performance of present graphics APIs like Vulkan, Metallic, and Direct3D. Within the context of this doc we’ll solely be discussing Vulkan as it’s ubiquitously reachable on each platform that WebGPU helps both via the GPU rendering pipeline or the software program rendering pipeline.
WebGPU introduces two distinctive assault surfaces to Chrome that can include their very own challenges:
- the WebGPU API Implementation which was added to the GPU course of & renderer course of; and
- the WGSL shader compiler added to the GPU course of
Whereas they’re associated and shader compilation is accessible through web-exposed APIs, they pose two distinctive challenges so we’ll dig into each assault surfaces individually.
To provide the massive image first, the diagram under exhibits the slice of the Chrome graphics stack required for WebGPU. Whereas WebGPU has many items and inter-connections, we omitted an ideal many notable parts of Chrome’s graphics assault floor, together with WebGL, Skia, Canvas2D, Widevine DRM, and video decoding for the sake of avoiding complexity explosion.
Proven above: The total Chrome WebGPU stack.
WebGPU API
The WebGPU API is uncovered through JavaScript which calls into Daybreak, the library inside Chrome that implements WebGPU.
Daybreak is separated into two totally different libraries: Daybreak Wire and Daybreak Native. Daybreak Wire is a client-server implementation of WebGPU. When a WebGPU API name is constituted of JavaScript the request is serialized within the renderer course of utilizing the Daybreak Wire Consumer, the serialized blob is handed to the GPU course of utilizing WebGPU extensions to the Chrome GPU Command Buffer (WebGPUDecoderImpl
) , after which deserialized within the GPU course of by Daybreak Wire Server. Daybreak Wire Server then calls into Daybreak Native which is the “native” implementation of WebGPU that wraps the underlying platform’s GPU APIs.
This portion of the evaluation centered on the WebGPU API implementation from Blink to Daybreak Backends. We additionally selected to scope our evaluation to Daybreak‘s Vulkan Backend as a result of it’s reachable on each WebGPU platform and it’s the solely platform that’s fuzzable with ClusterFuzz since a lot of the Vulkan Backend code will be exercised with no bodily GPU.