Native Client

System-Level Functions

Native Client sandboxes the execution of code running in a browser. There are generally a set of "safe" and "unsafe" code paths. Some calls from Native Client must move from the safe path to the unsafe path to reach the OS level and accomplish specific tasks.


Native Client syscalls are the interface between untrusted code and the trusted codebase. They are the means by which a Native Client process can execute code outside the inner sandbox. Since the goal of Native Client is to prevent untrusted code from getting out of the inner sandbox, executing code outside of the inner sandbox is a big deal. Accordingly, the design and implementation of the syscall interface is a crucial part of the Native Client system.

The purpose of a syscall is to transfer control from an untrusted execution context to a trusted context, so that the thread can execute trusted code. The details of this implementation vary from platform to platform, but the general flow is the same. For a technical overview of how syscalls work and the interaction with the security layer, see Anatomy of a Syscall.

Authentication required

You need to be signed in with Google+ to do that.

Signing you in...

Google Developers needs your permission to do that.