 Okay, good Yeah, thanks a lot. My name is Dan Phillips Daniel Phillips. This is going to be a short talk about web assembly and syscalls Quickly about me. I am an engineer and the wisdom lead at loophole labs. We're a small seed stage startup I would do a lot of networking stuff and also some other Info tools. We just released a thing called scale function runtime. It's a suite of tools for running functions in a web assembly environment On the internet. I'm D. Filla and some variation there of across different platforms And I also started and run the was on Chicago group So if you're ever in town, feel free to stop by or come join online Okay, so we'll get right to it syscalls and web assembly is a problem for the Unix epoch epoch epoch I like the word. I like the sound of epoch better So I have an arbitrary bet that I'd like to start this talk with At least until this epoch ends. We will need to handle legacy programs that rely heavily on POSIX interfaces with system specific function calls in web assembly, right? This the epoch ends in 2038, right the year 2038 problem. So I don't know just arbitrarily I feel like we're gonna need to handle POSIX and Unix based programs in web assembly until then So if we look at this code This is just a simple function that does that makes three but technically four Syscalls, right? This is rust. So we have open right read and close So if we run this in If we compile this to wasm 32 unknown unknown, what will happen? Can we run it not not really right like not out of the box But these are some very basic file system operations. So What do we do about these system calls? There's one option. We can patch these with host functions We which is how things like the M script in VFS work Things like wasm by engine these sort of things that call out to the host runtime And then possibly on in other places those call out to the operating system itself We can also ignore functions if they get compiled To this specific target There's a second option Which is we can allow scoped access to the underlying hosts that is wazzy right wazzy is the way to do this And at this juncture, I just like to say that any wazzy people in the room just cover your ears for the next segment and Everyone else. Let's just keep this between us, right? We're all friends here I'm kidding. By the way, we love wazzy and actually the whole point of this is to use This exact thing with wazzy components in the future So the third option which I'm going to talk about today is What if we provided a wasm component or layer that acts like the underlying system? That's kind of what we're going to explore and this would mean something like a libc implementation and possibly Usable system calls even though that they're not system calls in the traditional sense So how do we identify system related calls? This is a challenge with an arbitrary web assembly module, right? There's not a ton of tooling out there for this But recently my colleague who's here Jimmy Moore worked on a project at our company Called the wasm trace which allows you to it's an it's an s trace like tool Which allows you to trace the specific calls made in in any arbitrary wasm module. There's also some other interesting Toolkits in there that do some other things with dwarf symbols and I highly recommend you checking it out So if you've ever used s trace detrace, whatever You'll know that one of the things that it does for you is It it can print out the the system calls that are being made or will be made in a specific program, right? so If we have these syscalls we can figure out what syscalls are being made What can we do with them then if we're going to think about a wasm-first environment? There's a small project that we worked on Called marquardt wasm, which is a small CLI that adds system layers Sort of virtual system layer a virtual platform layer to an existing wasm application, right? and I'm just going to kind of go through this quickly and and show you what it can do as long as I don't trespass on on my time I'm going to do this by using our scale function runtime, which is the code snippet that I showed before so this is just a This is a QR code that goes to our landing page tells you about it. It's also at scale.sh, so with that Do some demoing oops if I can type Can everyone see that okay too small? Yeah Yeah, okay great. So this is a marquardt which comes from French, which means layering What this does is this will create? Either the libc interfaces that you can then use in your wasm code or if you pass in the full flag It will also create the sort of underlying system functionality, right the type of thing that The kernel would take care of in a native platform, but this just builds it in a virtualized layer Right right with this CLI and then you can just consume that in your web assembly program. So if we try this That's in the full flag Great, okay Okay, so here we have the code that created both the libc interfaces and the VFS for those specific calls Okay, so what I'm going to do is copy this Take it over to my scale function here, which you can see this is The code that I showed before right we have open right read and close there's there's no explicit close But when the function when the rust function Drops then closes is called right so what I'm going to do is instead of just I'm just for the sake of ease I'm just going to paste this here Okay, you'll see so this is here Really really quickly with a scale function, this is just all done with our CLI in scale What to find the dependencies are this thing called a scale file very simple key values And you'll see here we need the WASM VFS, which is a small project that mark hot relies on and then also These signatures which are what we use to communicate between the host and the guest That's all covered at scale.sh if you want to check that out Cool, so we've got this now and now I'm going to build fingers crossed to the demo gods great The scale function runtime is written in go so it comes with a fast HTTP server out of the box So we can do to run this locally Do scale function run? VFS latest Lastest Okay, so that's running at port 8080 and we'll do this and There we go. We're interacting with the file system right in a serverless function, which File systems aren't usually a thing in serverless functions. So there's there's some interesting things that we can do with this, right? So here right open right Read and then close after the after the function completes. So, yeah Last thing I'll say just as a side note. We can also do this as of this week so We have a global edge network that has that pushes this to Places all over the world to deploys on scale cloud, which is available in less than 50 milliseconds Anywhere on on earth as of this morning. So you can check that out too at your convenience We'll also have some more info about that. So, okay, so that's it for the demo, but Where does this leave us right? The future right so if we have these layers, what can we do with with these virtual platform layers? We could do something like layering with diffs kind of in the manner of Container images right how layering works and how you can use different dependencies instead of having to replace the whole thing You could just use different system layers and layer them on top pull them out update them Whatever you need to do Virtualization layers for other system components specifically those that must have host access right like if we're in a wasm first world We still need a network at some point probably we still need things like block devices One of the ideas here is just like a VFS works in the Linux kernel is that we could have a VFS sort of mapping over a Wazzy first component right which then that component itself has the only scope to access every other component could just be wasm Right, this might be an easier Institutional cell to kind of like stay in line with wasms sandbox and capabilities and just saying it's just this one Component that can communicate with the actual host and its scope to this exact thing. It's just a thought Could this lead towards a sort of true isomorphism right people who remember the early days of no JS Thinking about isomorphic JavaScript This could also sort of blur the lines maybe in some interesting ways between the server and the client with web assembly running with virtual file system layers virtual system layers in many places not just the server and client but IoT devices and many many other situations and with the component model, right? This is something that we're looking forward to parametric linking will make this much easier Resource and handle types will be a huge boon for this also So when we're thinking about the VFS layer that we just created that side steps The context switching that happens in from user space to kernel space, right? So with the component models resource and handle types This could actually make things faster than native for some of these file system operations Which is kind of a theoretical possibility, but very very interesting And then the tooling can evolve with new and emerging standards. We can sort of keep this going We've kind of set this up so that as soon as different runtimes have Support for the component model we can swap these things out and get them up to speed and make things even even better So thank you very much Thanks to the CNCF and the bike alliance really really incredible groups the wasm cg and wisey subgroup for letting me be a fly on The wall to help understand some of these things better and the organizers It's if you've ever organized something. It's so much more work than it seems. So thank you. Thank you very much again I'm Dan Phillips and thanks a lot appreciate it Thank you, Dan. I think we might have time for one or two questions if anyone has them Please go ahead and introduce yourself Thanks, I'm Roman from Cosmonic I've just quick question. So you quickly show that tool analyzing the wasm binary, right looking for syscalls So my question was so I briefly noticed you there was was illypsy in there So if I were to not rely on was illypsy Would it still be able to trace a syscall or does it only trace things going through was illypsy? Yeah, that's a great question. So The question was if any if everyone heard it, do you need was illypsy to trace the syscalls the answer is no So so like this the trace program that Jimmy wrote Jimmy by the way, if you could write likes wave, that's that's Jimmy my colleague He also wrote Mibbit if anyone knows Mibbit the IRC client a client anyway, so It traces everything right and so you can sort of pick out what you need So if there if it were if was illypsy were compiled it would trace that too So it but it doesn't rely on it. No. Yeah Also, I'd be happy if anyone thinks of other questions. I'd be happy to take them in the slack later, too Or just talk to you anybody else and Speaking of organizers Dan you're prolific with what you do with wasm Chicago I know that you like all things web assembly come across you and your community and thank you for all the hard work You do I think we'll go and wrap it up here. Thank you so much. Thank you