WebGPU provides access to constrained global resources shared between different programs (and web pages) running on the same machine. An application can try to indirectly probe how constrained these global resources are, in order to reason about workloads performed by other open web pages, based on the patterns of usage of these shared resources. These issues are generally analogous to issues with Javascript, such as system memory and CPU execution throughput. WebGPU does not provide any additional mitigations for this.
WebGPU提供对在同一台计算机上运行的不同程序(和网页)之间共享的受限全局资源的访问。应用程序可以尝试间接探测这些全局资源的约束程度,以便根据这些共享资源的使用模式推断其他开放网页执行的工作负载。这些问题通常类似于Javascript的问题,例如系统内存和CPU执行吞吐量。WebGPU不为此提供任何其他缓解措施。
2.7.1. Memory resources
WebGPU exposes fallible allocations from machine-global memory heaps, such as VRAM. This allows for probing the size of the system’s remaining available memory (for a given heap type) by attempting to allocate and watching for allocation failures.
WebGPU暴露了来自硬件的全局内存堆(如VRAM)的易出错的分配。这允许通过尝试分配和观察分配失败来探测系统剩余可用内存的大小(对于给定堆类型)。
GPUs internally have one or more (typically only two) heaps of memory shared by all running applications. When a heap is depleted, WebGPU would fail to create a resource. This is observable, which may allow a malicious application to guess what heaps are used by other applications, and how much they allocate from them.
GPU内部有一个或多个(通常只有两个)由所有运行的应用程序共享的内存堆。当堆耗尽时,WebGPU将无法创建资源。这是可以观察到的,这可能允许恶意应用程序猜测其他应用程序使用了哪些堆,以及它们从中分配了多少。
2.7.2. Computation resources
If one site uses WebGPU at the same time as another, it may observe the increase in time it takes to process some work. For example, if a site constantly submits compute workloads and tracks completion of work on the queue, it may observe that something else also started using the GPU.
如果一个站点与其他页面同时使用WebGPU,它可能会观察到处理某些工作所需的时间增加。例如,如果站点不断提交计算工作负载并跟踪队列上的工作完成情况,那么它可能会发现其他东西也开始使用GPU。
A GPU has many parts that can be tested independently, such as the arithmetic units, texture sampling units, atomic units, etc. A malicious application may sense when some of these units are stressed, and attempt to guess the workload of another application by analyzing the stress patterns. This is analogous to the realities of CPU execution of Javascript.
GPU有许多可以独立测试的部分,如算术单元、纹理采样单元、原子单元等。恶意应用程序可能会感知其中一些单元何时受到压力,并试图通过分析压力模式来猜测另一个应用程序的工作负载。这类似于Javascript的CPU执行。