Adds a feature gate to reject the deployment of programs with unresolved syscall symbols. (#21298)

2021-12-03 22:24:49 +01:00
parent 9d66458a40
commit 06a3e9b178
2 changed files with 15 additions and 5 deletions
--- a/programs/bpf_loader/src/lib.rs
+++ b/programs/bpf_loader/src/lib.rs
@ -33,7 +33,8 @@ use {
        entrypoint::{HEAP_LENGTH, SUCCESS},
        feature_set::{
            add_missing_program_error_mappings, close_upgradeable_program_accounts,
-            fix_write_privs, reduce_required_deploy_balance, requestable_heap_size,
+            fix_write_privs, reduce_required_deploy_balance,
+            reject_deployment_of_unresolved_syscalls, requestable_heap_size,
            stop_verify_mul64_imm_nonzero, upgradeable_close_instruction,
        },
        ic_logger_msg, ic_msg,
@ -78,6 +79,7 @@ pub fn create_executor(
    program_data_offset: usize,
    invoke_context: &mut dyn InvokeContext,
    use_jit: bool,
+    reject_unresolved_syscalls: bool,
 ) -> Result<Arc<BpfExecutor>, InstructionError> {
    let syscall_registry = syscalls::register_syscalls(invoke_context).map_err(|e| {
        ic_msg!(invoke_context, "Failed to register syscalls: {}", e);
@ -88,6 +90,8 @@ pub fn create_executor(
        max_call_depth: bpf_compute_budget.max_call_depth,
        stack_frame_size: bpf_compute_budget.stack_frame_size,
        enable_instruction_tracing: log_enabled!(Trace),
+        reject_unresolved_syscalls: reject_unresolved_syscalls
+            && invoke_context.is_feature_active(&reject_deployment_of_unresolved_syscalls::id()),
        verify_mul64_imm_nonzero: !invoke_context
            .is_feature_active(&stop_verify_mul64_imm_nonzero::id()), // TODO: Feature gate and then remove me
        ..Config::default()
@ -238,7 +242,8 @@ fn process_instruction_common(
        let executor = match invoke_context.get_executor(program_id) {
            Some(executor) => executor,
            None => {
-                let executor = create_executor(0, program_data_offset, invoke_context, use_jit)?;
+                let executor =
+                    create_executor(0, program_data_offset, invoke_context, use_jit, false)?;
                invoke_context.add_executor(program_id, executor.clone());
                executor
            }
@ -432,7 +437,7 @@ fn process_loader_upgradeable_instruction(
            )?;

            // Load and verify the program bits
-            let executor = create_executor(3, buffer_data_offset, invoke_context, use_jit)?;
+            let executor = create_executor(3, buffer_data_offset, invoke_context, use_jit, true)?;
            invoke_context.add_executor(&new_program_id, executor);

            let keyed_accounts = invoke_context.get_keyed_accounts()?;
@ -564,7 +569,7 @@ fn process_loader_upgradeable_instruction(
            }

            // Load and verify the program bits
-            let executor = create_executor(2, buffer_data_offset, invoke_context, use_jit)?;
+            let executor = create_executor(2, buffer_data_offset, invoke_context, use_jit, true)?;
            invoke_context.add_executor(&new_program_id, executor);

            let keyed_accounts = invoke_context.get_keyed_accounts()?;
@ -833,7 +838,7 @@ fn process_loader_instruction(
                return Err(InstructionError::MissingRequiredSignature);
            }

-            let executor = create_executor(0, 0, invoke_context, use_jit)?;
+            let executor = create_executor(0, 0, invoke_context, use_jit, true)?;
            let keyed_accounts = invoke_context.get_keyed_accounts()?;
            let program = keyed_account_at_index(keyed_accounts, 0)?;
            invoke_context.add_executor(program.unsigned_key(), executor);
--- a/sdk/src/feature_set.rs
+++ b/sdk/src/feature_set.rs
@ -261,6 +261,10 @@ pub mod spl_token_v3_3_0_release {
    solana_sdk::declare_id!("Ftok2jhqAqxUWEiCVRrfRs9DPppWP8cgTB7NQNKL88mS");
 }

+pub mod reject_deployment_of_unresolved_syscalls {
+    solana_sdk::declare_id!("DqniU3MfvdpU3yhmNF1RKeaM5TZQELZuyFGosASRVUoy");
+}
+
 lazy_static! {
    /// Map of feature identifiers to user-visible description
    pub static ref FEATURE_NAMES: HashMap<Pubkey, &'static str> = [
@ -326,6 +330,7 @@ lazy_static! {
        (requestable_heap_size::id(), "Requestable heap frame size"),
        (add_compute_budget_program::id(), "Add compute_budget_program"),
        (spl_token_v3_3_0_release::id(), "spl-token v3.3.0 release"),
+        (reject_deployment_of_unresolved_syscalls::id(), "Reject deployment of programs with unresolved syscall symbols"),
        /*************** ADD NEW FEATURES HERE ***************/
    ]
    .iter()