New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Optimized WebAssembly farbling #201
Closed
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commits adds a new implementation of image and audio farbling functions written in AssemblyScript. The farbling results must stay consistent with the JS version as the WASM module injection is not completely reliable and the JS version might have to be used as a fallback. For Chromium, a onHeadersReceived handler to modify received CSP headers must be registered because WASM initialization is subject to page CSP rules, the module must also be made available as a web accessible resource. The compiler uses NodeJS and has been added as a step during the build process using the provided makefile. This makes node a requirement for building JShelter. The WASM module is initialized on wrapping start just after WrapHelper and it's functions are exposed to wrappers in the wasm object. For storing and retrieving data from wasm memory, the included getter and setter must be used (to correctly work around xray protection on Firefox). Before any farbling operations begin, wasm.ready must be checked if the module is correctly initialized and the size of memory must be checked and expanded if needed by calling wasm.memory_grow and specifying the total bytes neccesarry for the current operation.
This commit adds a new adjustable level for WebAssembly farbling. The setting is added as a new wrapping group without wrappers. To make it work correctly, tweaks_gui had to be adjusted to not display hits for that tweak (there is nothing to track) and to not display the default off level 'Unprotected' since we want to show 'Disabled' as there is no protection in this case. On Chrome, this setting has 3 levels - off, on without CSP modifications and on with CSP modifications. On Firefox, CSP modifications aren't needed, so 2 levels - off and on - are used. This tweak has been enabled (without CSP on Chrome) in the Recommended level.
Wrap optimized farbling functions in a try catch block and fallback to the original javascript implementation on failure.
Because webrequest handlers fire independent on configuration creation, the configuration for the current domain must be checked to modify CSP headers only where enabled.
Replace script-src only with following whitespace, script-src-elem and similiar got broken when replacing regardless of whitespace.
reserved_offset was two bytes off, this was causing adjustWebGL to replace two bytes of the xoring array in memory, which changed the farbling outcome on subsequent WebGL farbling runs.
This tests the correct initialization of the WebAssembly farbling module and the consistency between JS and WASM implementations of Canvas farble, WEBGL farblePixels, WEBA audioFarble and audioFarbleInt. Known bug: audioFarble tests are not passing, crc16Float WASM implementation is not consistent with JS.
FPD wrapper call reports from pages now contain arguments only if specified by FPD wrapper evaulation configuration. This had a large impact on the performance of wrapped calls with large arguments (e.g. image or audio data arrays passed to functions like readPixels) where it was neccessary to serialize, postMessage, and deserialize them. FPD currently doesn't track any call arguments that are likely to get large; the current count of wrappers requiring argument tracking is just 12 (+2 exceptions in fp_code_builders.js that this change doesn't apply to).
Caused by the JS version expecting array length instead of byteLength in ARRAY_LEN which was changed when integrating WASM farbling.
Thank you. This one is looking good. I created a new branch at https://pagure.io/JShelter/webextension/tree/wasm with two additional commits. Some additional testing and feedback welcomed. Otherwise, I plan to release during August. |
In essence merged in the linked branch. To be released soon. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a new efficient implementation of image and audio farbling functions written in AssemblyScript. The farbling results must stay consistent with the JS version as the WASM module injection is not completely reliable and the JS version might have to be used as a fallback. Unit tests to check the consistency of both results were added. The compiler uses NodeJS and has been added as a step during the build process using the provided makefile. This makes node a requirement for building JShelter.
A new adjustable setting for this optimization was added as well. For Firefox, this can be enabled or disabled, enabled by default. For Chrome, the optimization can be disabled, passive (try to initialize the WASM module and fallback on fail) and active (modify CSP headers to force the initialization of the module), passive by default.