Hacker News new | ask | show | jobs
by cleeus 3033 days ago
Remember that WebGL is also a security nightmare. Shaders are fed to the GPU driver. The driver contains a compiler and compiles the shaders into the GPU specific ISA. The GPU that runs that code is a PCIe device with full DMA access. What could possibly go wrong?

(I'm aware that at least Chrome does some syntactic checks on the shader syntax)
3 comments
twtw 3033 days ago
GPUs can only access pinned memory that is intentionally mapped into their address space. Also, each context gets its own virtual address space on the GPU, isolated from other contexts.

There can still be issues, but it isn't quite as much of a free for all as the above comment sounds.

link
floatboth 3033 days ago
Fun fact, the Raspberry Pi's GPU can access everything. And to deal with that, the Mesa VC4 driver validates every shader to prevent reading other processes' stuff.
link
FraKtus 3033 days ago
Isn't that because in that SOC they use unified memory where GPU and CPU memory is the same. This does not apply to most desktop computers or mobile phones...
link
FraKtus 3033 days ago
Are there examples where this model has been abused to steal real data?
link
jburgess777 3033 days ago
A long time ago, a bug in Firefox let a screenshot be taken of data outside the browser window:

"This issue allows attackers to capture screen shots of private or confidential information"

https://blog.mozilla.org/security/2011/06/16/webgl-graphics-...

link
FraKtus 3033 days ago
I suppose this is more about reading another texture than the one you are supposed to use. GPU memory is flat, and there is no concept of process memory up there.
link
jsheard 3033 days ago
In the early days of WebGL some browsers leaked information via uninitialized GPU memory, so an attacker could potentially read texture data left behind by other processes.

Todays WebGL implementations take care to wipe new memory allocations with zeros before letting the untrusted script do anything with them though.

link
FraKtus 3033 days ago
That's the same than starting a process and mallocing some memory; you will have the garbage of the previous process... Because you have no idea who owned that memory and what it was used to it would be hard to build something on top of that. This being said it's not a bad idea to zero stuff when you start to use them.
link
pjmlp 3033 days ago
Which is why WebGL is only a subset of native GL ES and will never be as good.
link