Native Client: A Technology for Running Native Code on the Web
By Brad Chen, Native Client
TeamModern PCs can execute billions of instructions per
second, but today's web applications can access only a small fraction of this computational
power. If web developers could use all of this power, just imagine the rich, dynamic
experiences they could create. At Google we're always trying to make the web a better
platform. That's why we're working on
Native
Client, a technology that aims to give web developers access to the full power of
the client's CPU while maintaining the browser neutrality, OS portability and safety that
people expect from web applications. Today, we're sharing our technology with the research and
security communities in the hopes that they will help us make this technology more useful and
more secure.
At its core, our release consists of a runtime, a browser
plugin, and a set of GCC-based compilation tools. Together, these components make it possible
to build applications that run in a web browser but incorporate native code modules. To help
protect users from malware and to maintain portability, we have defined strict rules for valid
modules. At a high level, these rules specify 1) that all modules meet a set of structural
criteria that make it possible to reliably disassemble them into instructions and 2) that
modules may not contain certain instruction sequences. This framework aims to enable our
runtime to detect and prevent potentially dangerous code from running and spreading. We
realize that making this technology safe is a considerable challenge. That's why we are open
sourcing it at an early stage: we believe that peer review, community feedback, and public
scrutiny greatly improve the quality of security technologies like this one.
While it's a big challenge to secure Native Client, we believe that the ability to safely
run fast native code in a browser has the potential to provide benefits to users and
developers. For example, imagine that you run a photo-sharing website and want to let your
users touch up their photos without leaving your site. Today, you could provide this feature
using a combination of JavaScript and server side processing. This approach, however, would
cause huge amounts of image data to be transferred between browser and the server, leading to
an experience that would probably be painfully slow for users who just want to make a few
simple changes. With the ability to seamlessly run native code on the user's machine, you
could instead perform the actual image processing on the desktop CPU, resulting in a much more
responsive application by minimizing data transfer and latency.
To
learn more and help test Native Client, please visit our
developer
site. There you can read our documentation and the Native Client research paper,
browse the source code, and download the research release. The release contains the
experimental compilation tools and runtime so that you can write and run portable code modules
that will work in Firefox, Safari, Opera, and Google Chrome on any modern Windows, Mac, or
Linux system that has an x86 processor. We're working on supporting other CPU architectures
(such as ARM and PPC) to make this technology work on the many types of devices that connect
to the web today.
Once you've gotten your bearings, please report any
bugs you find (especially security bugs) using our issue tracker, and join our
Google
Group to share your thoughts on the technology. We look forward to your feedback!
