Abacwaningi abavela eNyuvesi yaseStanford, iNyuvesi yaseCalifornia eSan Diego kanye naseNyuvesi yaseTexas e-Austin amathuluzi , engasetshenziswa njengesendlalelo esengeziwe sokuzihlukanisa ukuze kuvinjwe ubungozi kumalabhulali okusebenza. I-RLBox ihloselwe ukuxazulula inkinga yokuphepha yamalabhulali ezinkampani zangaphandle ezingathenjwa ezingekho ngaphansi konjiniyela, kodwa ubungozi bazo obungafaka engcupheni iphrojekthi enkulu.
Inkampani yeMozilla sebenzisa i-RLBox ekwakhiweni kweLinux kweFirefox 74 kanye nokwakhiwa kwe-macOS yeFirefox 75 ukuhlukanisa ukwenziwa komtapo wezincwadi , unomthwalo wemfanelo wokunikeza amafonti. Nokho, i-RLBox ayiqondile kuFirefox futhi ingasetshenziswa ukuhlukanisa noma imaphi amalabhulali kumaphrojekthi angenangqondo. I-RLBox ngaphansi kwelayisense ye-MIT. I-RLBox okwamanje isekela i-Linux kanye ne-macOS platforms, ngokusekelwa kwe-Windows okulindeleke kamuva.
Umsebenzi we-RLBox wehlela ekuhlanganiseni ikhodi ye-C/C++ yomtapo wolwazi ongawodwa ibe ikhodi yezinga eliphansi le-WebAssembly ephakathi, ebuye yakhelwe njengemojula ye-WebAssembly, izimvume zayo ezisethwe ngokuphathelene nale mojula kuphela (isibonelo, umtapo wolwazi. ngochungechunge lokucubungula ngeke lukwazi ukuvula isokhethi yenethiwekhi noma ifayela) . Ukuguqula ikhodi ye-C/C++ ibe yi-WebAssembly kwenziwa kusetshenziswa .
Ukuze kwenziwe okuqondile, imojula yeWebAssembly ihlanganiswa ibe ikhodi yomshini kusetshenziswa umdidiyeli futhi isebenza ku-"nanoprocess" ehlukile ehlukaniswe nayo yonke inkumbulo yohlelo lokusebenza. I-Lucet compiler isuselwe kukhodi efanayo neyenjini ye-JIT , esetshenziswa kuFirefox ukwenza iWebAssembly.
Imojula ehlanganisiwe isebenza endaweni ehlukile yememori futhi ayinakho ukufinyelela kuso sonke isikhala sekheli. Uma ubungozi kulabhulali kusetshenziswa, umhlaseli uzokhawulelwa futhi ngeke akwazi ukufinyelela izindawo zememori zenqubo eyinhloko noma ukulawula ukudlulisa ngaphandle kwendawo eqhelile.
Ulwazi lwezinga eliphezulu lunikezwa onjiniyela , okukuvumela ukuthi ushayele imisebenzi yelabhulali ngemodi yokuhlukanisa. Izibambi ze-WebAssembly azidingi cishe izinsiza ezengeziwe futhi ukusebenzisana nazo akunensa kakhulu kunokubiza imisebenzi evamile (imisebenzi yelabhulali yenziwa ngendlela yekhodi yomdabu, futhi izindleko eziphezulu zivela kuphela lapho ukopisha futhi uhlola idatha phakathi nokusebenzelana nendawo engayodwa). Imisebenzi yelabhulali engayodwa ayikwazi ukubizwa ngokuqondile futhi kufanele ifinyelelwe kusetshenziswa
layer invoke_sandbox_function().
Ngokulandelayo, uma kudingekile ukushayela imisebenzi yangaphandle kumtapo wolwazi, le misebenzi kufanele ichazwe ngokucacile kusetshenziswa indlela yerejista_callback (ngokuzenzakalelayo, i-RLBox inikeza ukufinyelela kumisebenzi. ). Ukuqinisekisa ukuphepha kwememori, ukuhlukaniswa kokwenziwa kwekhodi akwanele futhi kudinga nokuhlola ukusakazwa kwedatha okubuyisiwe.
Amanani akhiqizwa endaweni engayodwa amakwa njengangathembekile futhi alinganiselwe ukusetshenziswa futhi "ukuhlanza" bayakudinga kanye nokukopisha kumemori yohlelo lokusebenza.
Ngaphandle kokuhlanza, ukuzama ukusebenzisa idatha engcolile kumongo odinga idatha evamile (futhi okuphambene nalokho) kubangela amaphutha enziwe ngesikhathi sokuhlanganiswa. Izimpikiswano zokusebenza ezincane, amanani okubuyisela, nezakhiwo zidluliswa ngokukopishwa phakathi kwememori yenqubo nememori yebhokisi lesihlabathi. Kumasethi edatha amakhulu, inkumbulo yabelwa endaweni engayodwa futhi isikhombi sereferensi se-sandbox esiqondile sibuyiselwa enqubweni eyinhloko.
Source: opennet.ru