Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WASI] WASI Random Plugin #2875

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[WASI] WASI Random Plugin #2875

wants to merge 1 commit into from

Conversation

LFsWang
Copy link
Contributor

@LFsWang LFsWang commented Sep 24, 2023
edited

add WASI Random Plugin

Progress

  • random
  • insecure
  • insecure-seed

Support

  • Linux
  • MacOS
  • Windows

@juntao Flows.network Integration
Copy link
Member

juntao commented Sep 24, 2023
edited

Hello, I am a code review bot on flows.network. Here are my reviews of code commits in this PR.

Commit 81f8220a28eb71105b068071d9042b2e3f06c5b2

Key Changes:

The pull request appears to add a new plugin wasi_random, which provides an implementation for getting random bytes on different platforms (Linux, MacOS, Windows), for the WebAssembly System Interface (WASI).

Specifically, the changes include:

  1. Several modifications to the build-extensions.yml. This file serves for building of all the existing plugins. The new plugin, wasi_random has been added in several build options variables, tar names, test names, and output binaries - essentially configuring the GitHub actions for building the new plugin.
  2. Several implementations of this wasi_random plugin have been added, specifically for Linux, Windows, and MacOS systems. These essentially include functionalities for acquiring random bytes.
  3. New files have been created which include Cmake configurations and the new code for the random generator plugin.
  4. The Cmake files configure wasi_random as a shared library and define the dependencies for the plugin. The wasi_random plugin linkage and testing file organization have been added in the root plugin cmake file.
  5. To support Windows, a few declarations are made to declare Windows API for Crypto functions dealing with randomness.
  6. In the tests directory, new files for testing this plugin have also been added.

Potential Issues:

  1. It's difficult to find potential issues without the context of actual code changes. However, one potential issue to look out for would be security or privacy. When handling random numbers, especially those used for cryptographic uses, it would be important to ensure that the operations are secure and free from any possible security vulnerability or privacy leaks.

  2. Ensure that wasi_random is compatible with the rest of the WASI ecosystem.

  3. The platform-specific implementations for Linux, Windows, and MacOS should be thoroughly tested to work correctly on those platforms.

  4. The case when the OS random byte getter is not available or fails is not handled. This might lead to issues.

  5. No documentation has been added, this will make it hard for others to understand how to use and what is the purpose of wasi_random.

  6. Testing will be needed to ensure that the API behaves correctly for all possible inputs and states. The Tests provided in the patch should provide a good level of coverage, but boundary or edge cases might be missing.

  7. The efficiency of the plugin hasn’t been discussed or tested.

@github-actions github-actions bot added the c-Plugin An issue related to WasmEdge Plugin label Sep 24, 2023
@LFsWang LFsWang force-pushed the wasi-random branch 2 times, most recently from c80813d to 27c9782 Compare September 24, 2023 13:58
@codecov
Copy link

codecov bot commented Sep 24, 2023
edited

Codecov Report

Merging #2875 (2e07267) into master (88d4922) will increase coverage by 0.01%.
Report is 2 commits behind head on master.
The diff coverage is n/a.

❗ Current head 2e07267 differs from pull request most recent head 81f8220. Consider uploading reports for the commit 81f8220 to get more accurate results

@@            Coverage Diff             @@
##           master    #2875      +/-   ##
==========================================
+ Coverage   80.94%   80.96%   +0.01%     
==========================================
  Files         150      150              
  Lines       21624    21624              
  Branches     4352     4352              
==========================================
+ Hits        17503    17507       +4     
  Misses       2954     2954              
+ Partials     1167     1163       -4

see 3 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@github-actions github-actions bot added c-Test An issue/PR to enhance the test suite c-CI labels Sep 24, 2023
@LFsWang LFsWang force-pushed the wasi-random branch 5 times, most recently from 7711d1a to 2e07267 Compare September 25, 2023 08:52
@dannypsnl
Copy link
Member

NOTE glibc's LCG is insufficient for cryptography.

@LFsWang
[WASI] add wasi_random as plugin
81f8220 
Signed-off-by: Sylveon <sylveon@secondstate.io>
@dannypsnl dannypsnl mentioned this pull request Sep 27, 2023
Closed
8 tasks
dannypsnl
dannypsnl requested changes Oct 3, 2023
View reviewed changes
plugins/wasi_random/details/random_linux.cpp
Comment on lines +41 to +63
bool WasiRandomEnvironment::getRandomBytes(uint64_t Len, uint8_t *Buf) {
ssize_t RealQuerySize =
getrandom_wrapper(Buf, Len, GRND_RANDOM | GRND_NONBLOCK);

// note: the spec did not handle the error such like EAGAIN, we just make that
// case fail.
if (RealQuerySize < 0 || RealQuerySize != static_cast<ssize_t>(Len))
return false;

return true;
}

bool WasiRandomEnvironment::getInsecureRandomBytes(uint64_t Len, uint8_t *Buf) {
ssize_t RealQuerySize =
getrandom_wrapper(Buf, Len, GRND_INSECURE | GRND_NONBLOCK);

// note: the spec did not handle the error such like EAGAIN, we just make that
// case fail.
if (RealQuerySize < 0 || RealQuerySize != static_cast<ssize_t>(Len))
return false;

return true;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not merge them? If they're just with different flag.

plugins/wasi_random/details/random_macos.cpp
Comment on lines +10 to +18
bool WasiRandomEnvironment::getRandomBytes(uint64_t Len, uint8_t *Buf) {
auto Status = CCRandomGenerateBytes(Buf, Len);
return Status == kCCSuccess;
}

bool WasiRandomEnvironment::getInsecureRandomBytes(uint64_t Len, uint8_t *Buf) {
auto Status = CCRandomGenerateBytes(Buf, Len);
return Status == kCCSuccess;
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They're exact same, right?

plugins/wasi_random/details/random_windows.cpp
Comment on lines +31 to +41
bool WasiRandomEnvironment::getRandomBytes(uint64_t Len, uint8_t *Buf) {
if (Len > UINT32_MAX)
return false;
return WinGetRandomBytes(static_cast<uint32_t>(Len), Buf);
}

bool WasiRandomEnvironment::getInsecureRandomBytes(uint64_t Len, uint8_t *Buf) {
if (Len > UINT32_MAX)
return false;
return WinGetRandomBytes(static_cast<uint32_t>(Len), Buf);
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar problem

plugins/wasi_random/func.cpp
Comment on lines +76 to +97
if (unlikely(Env.getRandomBytes(Len, Buf.data()) == false)) {
return Unexpect(ErrCode::Value::HostFuncError);
}
return {};
}

Expect<void> WasiGetInsecureRandomU64::body(const Runtime::CallingFrame &Frame,
uint32_t /* Out */ U64Ptr) {
// Check memory instance from module.
auto *MemInst = Frame.getMemoryByIndex(0);
if (unlikely(MemInst == nullptr)) {
return Unexpect(ErrCode::Value::HostFuncError);
}

// Check for invalid address.
constexpr auto U64Len = sizeof(uint64_t);
const auto Buf = MemInst->getSpan<uint8_t>(U64Ptr, U64Len);
if (unlikely(Buf.size() != U64Len)) {
return Unexpect(ErrCode::Value::HostFuncError);
}

if (unlikely(Env.getRandomBytes(U64Len, Buf.data()) == false)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are them going to use getInsecureRandomBytes? Or intended use getRandomBytes?

plugins/wasi_random/module.cpp
namespace Host {

using namespace std::literals;

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe leave a link to the preview2, where one can check the WIT definitions.

@hydai hydai mentioned this pull request Oct 3, 2023
Open
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dannypsnl dannypsnl dannypsnl requested changes

@ibmibmibm ibmibmibm Awaiting requested review from ibmibmibm ibmibmibm is a code owner

@q82419 q82419 Awaiting requested review from q82419 q82419 is a code owner

@hydai hydai Awaiting requested review from hydai hydai is a code owner

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
c-CI c-Plugin An issue related to WasmEdge Plugin c-Test An issue/PR to enhance the test suite
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@LFsWang @juntao @dannypsnl