Post AOIsRBItcF6nDkPSFs by brion@mastodon.technology
(DIR) More posts by brion@mastodon.technology
(DIR) Post #AOIsR8XJu9rcdc8Qoy by brion@mastodon.technology
2022-10-06T19:51:23Z
0 likes, 1 repeats
For some reason I was speculating about what it would take to have a CPU that natively executed WebAssembly as its instruction set.Honestly it would kinda suck in many respects, as Wasm is meant to be compiled, and the binary format uses indirections and relative indexing that you don't get for free.But there are interesting aspects in keeping separate address spaces for linear memory (allows arbitrary loads/stores) and code, stack, etc which special instructions could gate access to.
(DIR) Post #AOIsR9X0CpChiuzgxs by brion@mastodon.technology
2022-10-06T19:54:02Z
0 likes, 0 repeats
For instance, there's no way to overwrite the return address in the stack frame in Wasm; there's simply no way to express access to the stack frame -- this removes an entire class of remote code injection vulnerabilities.Function pointers also can only be overwritten with pointers to other functions with the same signature. You can't force an indirect call to an arbitrary code location (but you could swap between two functions of the same sig, so it's not entirely safe).
(DIR) Post #AOIsRBItcF6nDkPSFs by brion@mastodon.technology
2022-10-06T19:56:27Z
0 likes, 1 repeats
One could have a separate address space for the call stack, set up by privileged kernel instructions and readable/writable only by the call & return instructions (for return address) and local get/set (for arguments and other locals not spilled to linear memory).
(DIR) Post #AOItUpsPK7pxsUKHfE by john@liberdon.com
2022-10-06T21:59:49Z
0 likes, 0 repeats
@brion These questions are well beyond the scope of my experience, but I have to wonder if you couldn't ameliorate some of the costs of those features with microcode.