Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wasm capability restrictions #45118

Open
kyessenov opened this issue May 24, 2023 · 2 comments · May be fixed by istio/api#2797
Open

Wasm capability restrictions #45118

kyessenov opened this issue May 24, 2023 · 2 comments · May be fixed by istio/api#2797
Labels
lifecycle/staleproof Indicates a PR or issue has been deemed to be immune from becoming stale and/or automatically closed

Comments

@kyessenov
Copy link
Contributor

kyessenov commented May 24, 2023
edited
Loading

Currently, Istio places no restrictions on Wasm modules running in Envoy. Wasm modules receive all the data, can write any data, make HTTP calls, or modify the internal filter state. This is not consistent with the principle of the least privilege when dealing with the un-trusted third party code. This is a proposal to add restrictions to Wasm execution by default:

  1. Allow the mesh operators to limit the information flow in/out of the modules: an explicit list of callback events to handle: request headers, request body, response headers, response body.
  2. Reduce the trusted base in Envoy to hide the less mature/experimental sections of the ABI, and accelerate adoption of the stable parts.

The default capabilities in Wasm can be grouped as follows:

DEFAULT:

  • log: ability to emit application logs;
  • property read: ability to read attributes (with a possible mask);

BASIC:

  • timer: ability to register periodic events;
  • metrics: ability to create new metrics;
  • side request: ability to make HTTP/gRPC calls;

ADVANCED:

  • property write: ability to write attributes;
  • store: ability to read/write from shared KV store;
  • queue: ability to read/write from shared queues;
  • foreign function: ability to invoke host functions;

The logic for grouping is that:

  • The default set should be generally safe and recommended.
  • The basic set has performance and stability concerns. For example, metrics suffer from the cardinality explosion, and side requests use the mangled xDS names.
  • The advanced set is actively discouraged since it is unstable.

cc @ramaraochavali @ingwonsong
@kyessenov kyessenov linked a pull request May 25, 2023 that will close this issue
Open
@kyessenov
Copy link
Contributor Author

CC @mathetake

@mathetake
Copy link
Member

cc @jcchavezs @M4tteoP

@istio-policy-bot istio-policy-bot added the lifecycle/stale Indicates a PR or issue hasn't been manipulated by an Istio team member for a while label Sep 6, 2023
@kyessenov kyessenov added lifecycle/staleproof Indicates a PR or issue has been deemed to be immune from becoming stale and/or automatically closed and removed lifecycle/stale Indicates a PR or issue hasn't been manipulated by an Istio team member for a while labels Sep 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
lifecycle/staleproof Indicates a PR or issue has been deemed to be immune from becoming stale and/or automatically closed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

wasm: add restrictions kyessenov/api
3 participants
@kyessenov @mathetake @istio-policy-bot