Mozilla developers presented the WASI project (WebAssembly System Interface), which is working on defining software interfaces that can be used to organize the interaction of applications delivered in WebAssembly format with the operating system.
The goal of the project is to provide an API that extends the use of WebAssembly and allows you to create programs regular based In this technology that run outside the browserThey are portable to any platform and demonstrate a high level of security.
What is WASI?
WASI allows the WebAssembly environment to access the functions provided by the operating systemsuch as files, file system, network sockets, timers, and random number generators.
The WASI API is initially developed as non-browser bound and standalone from the JavaScript / Web API, but at the same time provides an adequate level of system isolation main (applications run in a sandbox) and allows you to explicitly define the authority granted to the application in the style of CloudABI and Capsicum.
WASI uses a security model based on permission management, within which a program can only deliberately perform authorized actions.
Similar to how WebAssembly limits access at the level of import functions, WASI controls access to system capabilities.
Files, directories, sockets, and other resources are associated with a special type of file descriptor (capacity), and the application must have permissions to perform an action on each of the resources.
Permissions are managed hierarchically, that is, access to the directory is automatically opened and access to all the files it contains.
Given that WebAssembly is a platform-independent assembly language version, the use of JIT can achieve a level of performance close to native code, while maintaining the ability to run on various hardware platforms and operating systems.
Currently the project provides the wasi-core module with the implementation of the basic POSIX API (files, sockets, etc.), which currently lacks support for locks and asynchronous I / O.
In the future, it is planned to create modules with an API implementation to perform cryptographic operations, work with 3D graphics, interact with sensors, operations with processes (the fork call is not supported yet) and process multimedia data.
Component prototypes
Wasmtime is a runtime that is responsible for running applications based on WebAssembly with WASI extensions as ordinary standalone applications.
Se supports launching of WebAssembly bytecode with the help of a special command line utility and designing ready-to-use executable files (wasmtime is built into the application as a library).
To achieve the appropriate level of performance, a JIT compiler based on the elevation code generator is used.
Lucet is another runtime version of the Fastly project (the code is scheduled to be published today or tomorrow).
WASI SDK- Tools for compiling C / C ++ applications in web assembly format using Clang 8.0.
An assembly target with WASI support for the Rust language, which allows you to compile Rust code into a WebAssembly.
Wasi-sysroot is an implementation of the standard libc library for WASI, based on Musl code, as well as a runtime layer to translate the functions provided by the library into system calls of various operating systems to achieve the possibility of running a WASI application on different operating systems.
The project is also developing the polyfill JavaScript library with a WASI implementation to run applications within the browser., which allows to apply the "capabilities" access control model to code executed in the browser.
Of the plans, mention is made of the creation of a WASI-based module system for integration into isolated plug-in applications with additional functionality provided in the WebAssembly format.
One of the main tasks of WebAssembly is to ensure portability, predictability of behavior and identity of code execution on different platforms.