<div dir="ltr"><pre style="color:rgb(0,0,0)">Hi, and thank you for your prompt response. Replies inline. </pre><pre style="color:rgb(0,0,0)"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> 1. CPU utilization isn't something which can be easily computed or<br> reasoned on asymmetric multi-core CPUs, not to mention the dynamic<br> adjustment of CPU frequency further complicates the matter.</blockquote><div><br></div><div>Are you alluding to CPU architectures like big.LITTLE? and of dynamic clock frequencies?</div><div><br></div><div>This proposal takes this into account, here's how:</div><div><br></div><div>The utilization number returned aggregates how time was spent by the active cores in various states since the last time a sample was taken.</div><div>i.e. for each active core, the time spent in idle/non-idle states are compared and aggregated, to give an amount representative of the overall system state.</div><div>This gives an idea of how system state changed over time, and takes into account asymmetric multi-core CPU architectures.</div><div><br></div><div>As for dynamic clock frequencies, CPU speed also factors that, also with data aggregated over all active cores.</div><div>As with utilization, each active core's clock frequency ranges and state are noted, (i.e. minimum, base, maximum and current clock speed) and aggregated.</div><div>This gives an overall idea of the system's clock speed, even if the cores may have different clock speeds.</div><div><br></div><div>This is analogous to Apple's own CPU Power reporting API: <a href="https://developer.apple.com/documentation/iokit/1557079-iopmcopycpupowerstatus?language=objc">https://developer.apple.com/documentation/iokit/1557079-iopmcopycpupowerstatus?language=objc</a></div><div>Most particularly, the `cpu_speed_limit` concept, which returns a number which represents where the clock speed lies within its available range.</div><div><br></div><div>The goal of CPU Speed is to abstract away those details and provide clock frequency data that is actionable and yet preserves user privacy.</div></pre><pre style="color:rgb(0,0,0)"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> 2. Whether the system itself is under a heavy CPU load or not should not<br> have any bearing on how much CPU time a website is entitled to use because<br> the background CPU utilization may spontaneously change, and the reason of<br> a high or a low CPU utilization may depend on what the website is doing;<br> e.g. a daemon which wakes up in a response to a network request or some<br> file access.</blockquote><div><br></div><div>On the web, people write one-size-fits-all applications. Those need to run across devices of varying compute power capabilities.</div><div>For compute-intensive applications, this poses problems and leads to bad UX in the absence of hints from the system.</div><div><br></div><div>The proposal does not enforce any additional usage of resources, but instead allows apps to make informed decisions.</div><div>It is common for compute-intensive applications to self-throttle to provide a good UX<span style="font-family:Arial,Helvetica,sans-serif">.</span></div><div>One example is gaming: reducing drawing distance, effects, texture sizes or level of detail for geometries if it's affecting frame rate.</div><div><br></div><div>On the Nintendo Switch, game engines have the feature to reduce the rendering resolution when framerate drops occur or are anticipated.</div><div>On the Nintendo Switch, the compute power capability depends on whether the device is plugged in or in portable mode.</div><div>There might also be thermal factors.</div><div><br></div><div>For the Compute Pressure API, we've examined a few use-cases, and they are detailed in the explainer.</div><div>This is similar to video conferencing needs, reducing the number of simultaneous video feeds, or diminishing the processing of image processing effects.</div><div><br></div><div>Indeed, the reason for the load might be intrinsic to the application, or extrinsic, based on what's going on with the system.</div><div>This API, as proposed, provides system-level hints that help applications make informed decisions to provide a good UX for users.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> 3. The proposal as it currently stands seems to allow a side channel<br> communication between different top-level origins (i.e. bypasses storage<br> partitioning). A possible attack may involve busy looping or doing some<br> heavy computation in one origin and then observing that CPU utilization<br> goes up in another. We've reported an attack of a similar nature in<br> <a href="https://bugs.chromium.org/p/chromium/issues/detail?id=1126324.">https://bugs.chromium.org/p/chromium/issues/detail?id=1126324.</a></blockquote><div><br></div><div>Thanks for that insight. I'll look into it.</div></pre></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, May 5, 2021 at 1:27 PM Olivier Yiptong <<a href="mailto:oyiptong@chromium.org">oyiptong@chromium.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Yes, we've internally discussed how this can increase precision in fingerprinting.<div><br></div><div>The result of these discussions resulted in mitigations that address this: <a href="https://github.com/oyiptong/compute-pressure#minimizing-information-exposure" target="_blank">https://github.com/oyiptong/compute-pressure#minimizing-information-exposure</a></div><div><br></div><div>The main thrusts are as follows:</div><div><ul><li>The UA can control how many bits of entropy by decided on how many thresholds are accepted from an observer request, effectively determining the number of "buckets" of information to expose</li><li>The values returned are "quantized" relative to the requested thresholds</li><li>The observer requests are rate-limited</li><li>The values returned are normalized within a known range</li><li>Per-core information is aggregated into a single value for both utilization and speed</li></ul><div>We are also applying some mitigations in our implementation, e.g. only allowing access to the API in visible pages, having a different update rate for visible tabs than for those that aren't visible, etc.</div></div><div>We can also discuss implementation details if you're interested.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, May 5, 2021 at 12:13 PM Alex Christensen <<a href="mailto:achristensen@apple.com" target="_blank">achristensen@apple.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>Has anyone discussed how this can increase the precision of fingerprinting? It seems to reveal more information or more precise information about what else is going on on a user’s system.<br><div><br><blockquote type="cite"><div>On May 5, 2021, at 11:37 AM, Olivier Yiptong via webkit-dev <<a href="mailto:webkit-dev@lists.webkit.org" target="_blank">webkit-dev@lists.webkit.org</a>> wrote:</div><br><div><div dir="ltr">Hello WebKit devs,<div><br></div><div>We'd like to get WebKit's position on the Compute Pressure API.</div><div><br></div><div>Description:</div><div><br></div><div>We propose a new API that conveys the utilization of CPU resources on the user's device. This API targets applications that can trade off CPU resources for an improved user experience. For example, many applications can render video effects with varying degrees of sophistication. These applications aim to provide the best user experience, while avoiding driving the user's device in a high CPU utilization regime.<br><br>High CPU utilization is undesirable because it strongly degrades the user experience. Many smartphones, tablets and laptops become uncomfortably hot to the touch. The fans in laptops and desktops become so loud that they disrupt conversations or the users’ ability to focus. In many cases, a device under high CPU utilization appears to be unresponsive, as the operating system may fail to schedule the threads advancing the task that the user is waiting for.<br></div><div><br></div><div>Thanks!</div><div><br></div><div><ul style="box-sizing:border-box;padding-left:2em;margin-top:0px;margin-bottom:16px;color:rgb(36,41,46)"><li style="margin-left:0px;box-sizing:border-box"><font face="arial, sans-serif">Specification Title: Compute Pressure API</font></li><li style="margin-left:0px;box-sizing:border-box;margin-top:0.25em"><font face="arial, sans-serif">Specification URL: <a href="https://oyiptong.github.io/compute-pressure/" target="_blank">https://oyiptong.github.io/compute-pressure/</a></font></li><li style="margin-left:0px;box-sizing:border-box;margin-top:0.25em"><font face="arial, sans-serif">Explainger: <a href="https://github.com/oyiptong/compute-pressure/blob/main/README.md" target="_blank">https://github.com/oyiptong/compute-pressure/blob/main/README.md</a><br></font></li><li style="margin-left:0px;box-sizing:border-box;margin-top:0.25em"><font face="arial, sans-serif"><a href="http://ChromeStatus.com" target="_blank">ChromeStatus.com</a> entry: <a href="https://chromestatus.com/features/5597608644968448" target="_blank">https://chromestatus.com/features/5597608644968448</a></font></li><li style="margin-left:0px;box-sizing:border-box;margin-top:0.25em"><font face="arial, sans-serif">TAG design review request: <a href="https://github.com/w3ctag/design-reviews/issues/621" target="_blank">https://github.com/w3ctag/design-reviews/issues/621</a><br></font></li><li style="margin-left:0px;box-sizing:border-box;margin-top:0.25em"><font face="arial, sans-serif">Mozilla Request for Position: <a href="https://github.com/mozilla/standards-positions/issues/521" target="_blank">https://github.com/mozilla/standards-positions/issues/521</a></font></li></ul></div></div>
_______________________________________________<br>webkit-dev mailing list<br><a href="mailto:webkit-dev@lists.webkit.org" target="_blank">webkit-dev@lists.webkit.org</a><br><a href="https://lists.webkit.org/mailman/listinfo/webkit-dev" target="_blank">https://lists.webkit.org/mailman/listinfo/webkit-dev</a><br></div></blockquote></div><br></div></blockquote></div>
</blockquote></div>