Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wasip2 uses wasi:random/random to generate hashmap_random_keys #129402

Open
juntyr opened this issue Aug 22, 2024 · 1 comment
Open

wasip2 uses wasi:random/random to generate hashmap_random_keys #129402

juntyr opened this issue Aug 22, 2024 · 1 comment
Labels
O-wasi Operating system: Wasi, Webassembly System Interface O-wasm Target: WASM (WebAssembly), http://webassembly.org/

Comments

@juntyr
Copy link
Contributor

juntyr commented Aug 22, 2024

wasip2 currently still uses (all?) wasip1 implementations internally. The generation of hashmap_random_keys for wasip1 is implemented here:

rust/library/std/src/sys/pal/wasi/helpers.rs

Lines 109 to 117 in a32d4a0

pub fn hashmap_random_keys() -> (u64, u64) {
let mut ret = (0u64, 0u64);
unsafe {
let base = &mut ret as *mut (u64, u64) as *mut u8;
let len = mem::size_of_val(&ret);
wasi::random_get(base, len).expect("random_get failure");
}
return ret;
}

using the wasi::random_get (https://github.com/WebAssembly/WASI/blob/main/legacy/preview1/docs.md#-random_getbuf-pointeru8-buf_len-size---result-errno) general-purpose function. With the popular wasi-preview1-component adapter crate (https://github.com/bytecodealliance/wasmtime/tree/main/crates/wasi-preview1-component-adapter), this call is mapped to the wasi:random/random wasip2 interface, which must be backed by a secure random source. This is unfortunate as wasip2 Rust code which only uses randomness in hashmaps now required a secure random source when an insecure one would suffice.

In wasip2, there is the separate wasi:random/insecure-seed interface, which is specifically designed to provide DoS protection when initialising a hash map. When the wasip2 implementation is fleshed out, perhaps the hashmap_random_keys function could be implemented with a pseudo-RNG that is seeded with one call to wasi:random/insecure-seed's insecure-seed()?

cc @alexcrichton
@juntyr juntyr added the C-bug Category: This is a bug. label Aug 22, 2024
@rustbot rustbot added the needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. label Aug 22, 2024
@bjorn3 bjorn3 added the O-wasi Operating system: Wasi, Webassembly System Interface label Aug 22, 2024
@juntyr juntyr mentioned this issue Aug 22, 2024
Closed
@alexcrichton
Copy link
Member

Yes hashmap_random_keys would be a good use case for insecure-random in WASIp2, and there's no blocking reason that hasn't been done yet other than the work just hasn't been prioritized. I think such work shouldn't be too too hard with the wasi crate which libstd already depends on, but most of the work of implementing this would be integrating the wasi crate at the latest version in the standard library as opposed to implementing this function (but getting that work done would pave the way for future updates too)

@saethlin saethlin added T-libs Relevant to the library team, which will review and decide on the PR/issue. and removed needs-triage This issue may need triage. Remove it if it has been sufficiently triaged. labels Sep 7, 2024
@workingjubilee workingjubilee added O-wasm Target: WASM (WebAssembly), http://webassembly.org/ and removed C-bug Category: This is a bug. T-libs Relevant to the library team, which will review and decide on the PR/issue. labels Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
O-wasi Operating system: Wasi, Webassembly System Interface O-wasm Target: WASM (WebAssembly), http://webassembly.org/
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@alexcrichton @saethlin @bjorn3 @workingjubilee @rustbot @juntyr