Planning isolation requirements (COOP/COEP) for SharedArrayBuffer

557 views
Skip to first unread message

Lutz Vahl

unread,
May 12, 2020, 7:46:52 PM5/12/20
to blin...@chromium.org

Hi all,


As part of our response to side-channel attacks like Spectre, Chromium disabled SharedArrayBuffer globally, and then re-enabled it on platforms where we could comfortably deploy Site Isolation. Since then, we've been working through new isolation primitives in collaboration with other browser vendors that we believe will enable us to safely re-enable SharedArrayBuffers on all platforms.


COOP and COEP will be shipping along with M83, and together allow developers to opt-into a "cross-origin isolated" state which substantially mitigates the risk that cross-origin data can accidentally flow into a process an attacker can poke at. Our plan is to enable SharedArrayBuffer on all platforms, only for pages that opt-into such protections.


We'd like feedback on the following rough timeline:

  • M85 (Aug, 2020): Re-enable SharedArrayBuffer on Android for cross-origin isolated pages

  • M89 (Mar, 2021): 

    • We'll migrate the usage of SharedArrayBuffer on desktop platforms to also require a "cross-origin isolated" state, and as such align desktop and mobile platforms. Further information will be provided later this year. If you anticipate challenges for your side transitioning to this requirement, please reach out to va...@chromium.org or respond on this thread.

    • A  reverse origin-trial will be offered to allow developers to keep the status quo behavior for the next two milestones

  • M91 (May, 2021): We'll remove the reverse origin-trial. SharedArrayBuffer can only be used on isolated pages.


The migration on desktop will unify the behavior between platforms and browsers, as Firefox is also going to require COOP/COEP in order to provide access to SharedArrayBuffers.


If you want to feature-detect for the availability of SharedArrayBuffers please follow this advice.


Additional info about COOP/COEP and why you should start using it right away can be found here:

https://web.dev/coop+coep

https://web.dev/why-coop-coep/

https://resourcepolicy.fyi/



Lutz Vahl

Technical Program Manager

va...@google.com



Google Germany GmbH

Erika-Mann-Strasse 36

80636 München


Geschäftsführer: Paul Manicle, Halimah DeLaine Prado

Registergericht und -nummer: Hamburg, HRB 86891

Sitz der Gesellschaft: Hamburg


Diese E-Mail ist vertraulich. Falls Sie diese fälschlicherweise erhalten haben sollten, leiten Sie diese bitte nicht an jemand anderes weiter, löschen Sie alle Kopien und Anhänge davon und lassen Sie mich bitte wissen, dass die E-Mail an die falsche Person gesendet wurde. 

     

This e-mail is confidential. If you received this communication by mistake, please don't forward it to anyone else, please erase all copies and attachments, and please let me know that it has gone to the wrong person.


Lutz Vahl

unread,
May 12, 2020, 7:47:19 PM5/12/20
to blink-dev

Hi all,


As part of our response to side-channel attacks like Spectre, Chromium disabled SharedArrayBuffer globally, and then re-enabled it on platforms where we could comfortably deploy Site Isolation. Since then, we've been working through new isolation primitives in collaboration with other browser vendors that we believe will enable us to safely re-enable SharedArrayBuffers on all platforms.


COOP and COEP will be shipping along with M83, and together allow developers to opt-into a "cross-origin isolated" state which substantially mitigates the risk that cross-origin data can accidentally flow into a process an attacker can poke at. Our plan is to enable SharedArrayBuffer on all platforms, only for pages that opt-into such protections.


We'd like feedback on the following rough timeline:

  • M85 (Aug, 2020): Re-enable SharedArrayBuffer on Android for cross-origin isolated pages

  • M89 (Mar, 2021): 

    • We'll migrate the usage of SharedArrayBuffer on desktop platforms to also require a "cross-origin isolated" state, and as such align desktop and mobile platforms. Further information will be provided later this year. If you anticipate challenges for your side transitioning to this requirement, please reach out to va...@chromium.org or respond on this thread.

    • A  reverse origin-trial will be offered to allow developers to keep the status quo behavior for the next two milestones

  • M91 (May, 2021): We'll remove the reverse origin-trial. SharedArrayBuffer can only be used on isolated pages.


The migration on desktop will unify the behavior between platforms and browsers, as Firefox is also going to require COOP/COEP in order to provide access to SharedArrayBuffers.


If you want to feature-detect for the availability of SharedArrayBuffers please follow this advice.


Additional info about COOP/COEP and why you should start using it right away can be found here:

https://web.dev/coop+coep

https://web.dev/why-coop-coep/

https://resourcepolicy.fyi/


Lutz Vahl

Technical Program Manager


Reply all
Reply to author
Forward
0 new messages