Hacker News new | past | comments | ask | show | jobs | submit login
Sugar: Secure GPU Acceleration in Web Browsers [pdf] (uci.edu)
48 points by lainon 8 months ago | hide | past | web | favorite | 7 comments

Given that GPUs already have full MMUs without going all the way to virtualization, I guess I don't see what virtualization is doing here intrinsically with the nested MMU context. Particularly for open source drivers like Intel's that they're using, we should just fix the bugs that are allowing you to map other process's vram. Virtualization still needs to communicate to the compositor overt IPC, so you end up with the same attack surface either way. It's like fixing Win95's half assed process isolation with virtualization rather than just having a cleaner process model.

Like, I'm sure they fixed the bugs they were looking at, but virtualization isn't magical security juice you can sprinkle over stuff. In fact it increases your attack surface in a lot of ways.

Not really the point of the paper's pitch, but I work for a company that does cloud GPU stuff. Currently, we have no safe way to share GPUs and over-provision them in the cloud in a cluster deploy. So we have one GPU per kubernetes pod. There are all sorts of problems with that. The idea of vGPUs is very exciting to me. I would like to test this out.

Ultimately that's a driver issue. GPUs have had the equivalent of an IOMMU for almost two decades; longer than virtualization has existed in commodity hardware. But the heavily closed nature of the hardware, and it not really being a priority for the GPU vendors has led to it not getting the love it needs in that regard. You don't need to add vGPUs to get there.


This seems to claims vGPU works with NVidia Grid.

The real issue you're facing is with over-provision them?

Yeah, it's industry wide. We work directly with nvidia. They use our product. I thought the paper was interesting, definitely not a magic bullet for the problem. You used to be able to over provision with kubernetes 1.8 and before, but they fixed that useful bug for good reasons. I expect we'll have an official solution in Q1 next year, but I'm always on the look out to explore related implementations.

> virtualization isn't magical security juice you can sprinkle over stuff. In fact it increases your attack surface in a lot of ways.

Any thoughts about qubes OS?

This is very cool.

That said, unless I'm missing something the claim of solving bug issues was kind of BS. I looked through more than half of the chrome bugs and most of them were actual bugs in chrome or angle that had absolutely nothing GPU specific about them.

In other words they could (and do) happen with all code as in

    const void* p = malloc(10);
    memset(p, 0, 11);  // oops
Nothing GPU specific about that code and nothing as far as I can tell that sugar will prevent (as in sugar could have exactly the same types of bugs).

Still, they claim to be getting great perf and less code so all of that is a win.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact