Google Git
Sign in
dawn / dawn / ba68620f6ff9cbfd8248e6926eb59a0caa8ecfa4
commitba68620f6ff9cbfd8248e6926eb59a0caa8ecfa4[log] [tgz]
authorAustin Eng <enga@chromium.org>Fri Sep 16 14:14:08 2022 +0000
committerDawn LUCI CQ <dawn-scoped@luci-project-accounts.iam.gserviceaccount.com>Fri Sep 16 14:14:08 2022 +0000
treee498145ee6840191b56387632e337d32f5c3a795
parent1fe74e5c0bc227186f1feccbe150693c93077b0a [diff]
Do not memcpy transparent wire structs on serialization

This removes a serialization optimization where structs could be
memcpy'ed. memcpy is still used for deserialization of structs.

Structs may contain padding bytes which when copied can leak
uninitialized data across a trusted boundary. In Chrome, this
means previously-written or uninitialized bytes in the GPU process
could leak into the Renderer process.

In the future, we may be able to bring this back by introducing
a concept of safe-to-memcpy structs, or by forking the code so
that Renderer->GPU process uses the unsafe memcpy, and
GPU->Renderer uses to the safe member-by-member version.

An alternative might be to ensure that everything returned from
the WebGPU API has initialized padding, but this invariant is not
trivial to guarantee.

Fixed: chromium:1359098
Change-Id: I91151251d1ab999e0f5552e1efccc472e451cc10
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/102461
Reviewed-by: Brandon Jones <bajones@chromium.org>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>
Kokoro: Kokoro <noreply+kokoro@google.com>
Commit-Queue: Austin Eng <enga@chromium.org>
1 file changed
tree: e498145ee6840191b56387632e337d32f5c3a795
  1. .vscode/
  2. build_overrides/
  3. docs/
  4. generator/
  5. include/
  6. infra/
  7. scripts/
  8. src/
  9. test/
  10. third_party/
  11. tools/
  12. webgpu-cts/
  13. .clang-format
  14. .clang-tidy
  15. .gitattributes
  16. .gitignore
  17. .gn
  18. AUTHORS
  19. BUILD.gn
  20. CMakeLists.txt
  21. CMakeSettings.json
  22. CODE_OF_CONDUCT.md
  23. codereview.settings
  24. CONTRIBUTING.md
  25. CPPLINT.cfg
  26. dawn.json
  27. dawn_wire.json
  28. DEPS
  29. DIR_METADATA
  30. Doxyfile
  31. go.mod
  32. go.sum
  33. go_presubmit_support.py
  34. LICENSE
  35. OWNERS
  36. PRESUBMIT.py
  37. README.chromium
  38. README.md
  39. tint_overrides_with_defaults.gni
README.md

Dawn's logo: a sun rising behind a stylized mountain inspired by the WebGPU logo. The text Dawn is written below it.

Dawn, a WebGPU implementation

Dawn is an open-source and cross-platform implementation of the work-in-progress WebGPU standard. More precisely it implements webgpu.h that is a one-to-one mapping with the WebGPU IDL. Dawn is meant to be integrated as part of a larger system and is the underlying implementation of WebGPU in Chromium.

Dawn provides several WebGPU building blocks:

  • WebGPU C/C++ headers that applications and other building blocks use.
    • The webgpu.h version that Dawn implements.
    • A C++ wrapper for the webgpu.h.
  • A “native” implementation of WebGPU using platforms' GPU APIs: D3D12, Metal, Vulkan and OpenGL. See per API support for more details.
  • A client-server implementation of WebGPU for applications that are in a sandbox without access to native drivers
  • Tint is a compiler for the WebGPU Shader Language (WGSL) that can be used in standalone to convert shaders from and to WGSL.

Helpful links:

Documentation table of content

Developer documentation:

User documentation: (TODO, figure out what overlaps with the webgpu.h docs)

Status

(TODO)

License

Apache 2.0 Public License, please see LICENSE.

Disclaimer

This is not an officially supported Google product.