diff --git a/program-runtime/src/instruction_processor.rs b/program-runtime/src/instruction_processor.rs index 4883efd723..48c2dbad0b 100644 --- a/program-runtime/src/instruction_processor.rs +++ b/program-runtime/src/instruction_processor.rs @@ -4,9 +4,7 @@ use solana_sdk::{ account::{AccountSharedData, ReadableAccount, WritableAccount}, account_utils::StateMut, bpf_loader_upgradeable::{self, UpgradeableLoaderState}, - feature_set::{ - demote_program_write_locks, do_support_realloc, fix_write_privs, remove_native_loader, - }, + feature_set::{demote_program_write_locks, do_support_realloc, remove_native_loader}, ic_msg, instruction::{Instruction, InstructionError}, keyed_account::keyed_account_at_index, @@ -523,7 +521,6 @@ impl InstructionProcessor { pub fn native_invoke( invoke_context: &mut dyn InvokeContext, instruction: Instruction, - keyed_account_indices_obsolete: &[usize], signers: &[Pubkey], ) -> Result<(), InstructionError> { let do_support_realloc = invoke_context.is_feature_active(&do_support_realloc::id()); @@ -531,17 +528,8 @@ impl InstructionProcessor { let mut invoke_context = invoke_context.borrow_mut(); // Translate and verify caller's data - let (message, mut caller_write_privileges, program_indices) = + let (message, caller_write_privileges, program_indices) = Self::create_message(&instruction, signers, &invoke_context)?; - if !invoke_context.is_feature_active(&fix_write_privs::id()) { - let caller_keyed_accounts = invoke_context.get_keyed_accounts()?; - caller_write_privileges = Vec::with_capacity(1 + keyed_account_indices_obsolete.len()); - caller_write_privileges.push(false); - for index in keyed_account_indices_obsolete.iter() { - caller_write_privileges - .push(keyed_account_at_index(caller_keyed_accounts, *index)?.is_writable()); - } - }; let mut account_indices = Vec::with_capacity(message.account_keys.len()); let mut accounts = Vec::with_capacity(message.account_keys.len()); for account_key in message.account_keys.iter() { diff --git a/programs/bpf_loader/src/lib.rs b/programs/bpf_loader/src/lib.rs index da6601e9db..73ed43f95a 100644 --- a/programs/bpf_loader/src/lib.rs +++ b/programs/bpf_loader/src/lib.rs @@ -31,8 +31,7 @@ use solana_sdk::{ clock::Clock, entrypoint::{HEAP_LENGTH, SUCCESS}, feature_set::{ - add_missing_program_error_mappings, close_upgradeable_program_accounts, do_support_realloc, - fix_write_privs, reduce_required_deploy_balance, requestable_heap_size, + do_support_realloc, reduce_required_deploy_balance, requestable_heap_size, stop_verify_mul64_imm_nonzero, }, ic_logger_msg, ic_msg, @@ -41,7 +40,6 @@ use solana_sdk::{ loader_instruction::LoaderInstruction, loader_upgradeable_instruction::UpgradeableLoaderInstruction, process_instruction::{stable_log, ComputeMeter, Executor, InvokeContext, Logger}, - program_error::{ACCOUNT_NOT_RENT_EXEMPT, BORSH_IO_ERROR}, program_utils::limited_deserialize, pubkey::Pubkey, rent::Rent, @@ -441,9 +439,8 @@ fn process_loader_upgradeable_instruction( return Err(InstructionError::InvalidArgument); } - let predrain_buffer = invoke_context - .is_feature_active(&reduce_required_deploy_balance::id()) - && invoke_context.is_feature_active(&fix_write_privs::id()); + let predrain_buffer = + invoke_context.is_feature_active(&reduce_required_deploy_balance::id()); if predrain_buffer { // Drain the Buffer account to payer before paying for programdata account payer @@ -470,12 +467,7 @@ fn process_loader_upgradeable_instruction( .iter() .map(|seeds| Pubkey::create_program_address(*seeds, caller_program_id)) .collect::, solana_sdk::pubkey::PubkeyError>>()?; - InstructionProcessor::native_invoke( - invoke_context, - instruction, - &[0, 1, 3, 6], - signers.as_slice(), - )?; + InstructionProcessor::native_invoke(invoke_context, instruction, signers.as_slice())?; // Load and verify the program bits let executor = create_executor( @@ -726,27 +718,11 @@ fn process_loader_upgradeable_instruction( let close_account = keyed_account_at_index(keyed_accounts, first_instruction_account)?; let recipient_account = keyed_account_at_index(keyed_accounts, first_instruction_account + 1)?; - if !invoke_context.is_feature_active(&close_upgradeable_program_accounts::id()) { - let _ = keyed_account_at_index(keyed_accounts, first_instruction_account + 2)?; - } - if close_account.unsigned_key() == recipient_account.unsigned_key() { ic_logger_msg!(logger, "Recipient is the same as the account being closed"); return Err(InstructionError::InvalidArgument); } - if !invoke_context.is_feature_active(&close_upgradeable_program_accounts::id()) - && !matches!( - close_account.state()?, - UpgradeableLoaderState::Buffer { - authority_address: _, - } - ) - { - ic_logger_msg!(logger, "Account does not support closing"); - return Err(InstructionError::InvalidArgument); - } - match close_account.state()? { UpgradeableLoaderState::Uninitialized => { recipient_account @@ -770,8 +746,6 @@ fn process_loader_upgradeable_instruction( close_account, recipient_account, logger.clone(), - !invoke_context - .is_feature_active(&close_upgradeable_program_accounts::id()), )?; ic_logger_msg!(logger, "Closed Buffer {}", close_account.unsigned_key()); @@ -814,8 +788,6 @@ fn process_loader_upgradeable_instruction( close_account, recipient_account, logger.clone(), - !invoke_context - .is_feature_active(&close_upgradeable_program_accounts::id()), )?; } _ => { @@ -843,7 +815,6 @@ fn common_close_account( close_account: &KeyedAccount, recipient_account: &KeyedAccount, logger: Rc>, - do_clear_data: bool, ) -> Result<(), InstructionError> { if authority_address.is_none() { ic_logger_msg!(logger, "Account is immutable"); @@ -862,13 +833,7 @@ fn common_close_account( .try_account_ref_mut()? .checked_add_lamports(close_account.lamports()?)?; close_account.try_account_ref_mut()?.set_lamports(0); - if do_clear_data { - for elt in close_account.try_account_ref_mut()?.data_as_mut_slice() { - *elt = 0; - } - } else { - close_account.set_state(&UpgradeableLoaderState::Uninitialized)?; - } + close_account.set_state(&UpgradeableLoaderState::Uninitialized)?; Ok(()) } @@ -965,8 +930,6 @@ impl Executor for BpfExecutor { ) -> Result<(), InstructionError> { let logger = invoke_context.get_logger(); let invoke_depth = invoke_context.invoke_depth(); - let add_missing_program_error_mappings = - invoke_context.is_feature_active(&add_missing_program_error_mappings::id()); let mut serialize_time = Measure::start("serialize"); let keyed_accounts = invoke_context.get_keyed_accounts()?; @@ -1032,14 +995,7 @@ impl Executor for BpfExecutor { match result { Ok(status) => { if status != SUCCESS { - let error: InstructionError = if !add_missing_program_error_mappings - && (status == ACCOUNT_NOT_RENT_EXEMPT || status == BORSH_IO_ERROR) - { - // map originally missing error mappings to InvalidError - InstructionError::InvalidError - } else { - status.into() - }; + let error: InstructionError = status.into(); stable_log::program_failure(&logger, &program_id, &error); return Err(error); } diff --git a/programs/bpf_loader/src/syscalls.rs b/programs/bpf_loader/src/syscalls.rs index e1f066fcec..98569626f5 100644 --- a/programs/bpf_loader/src/syscalls.rs +++ b/programs/bpf_loader/src/syscalls.rs @@ -19,9 +19,8 @@ use solana_sdk::{ entrypoint::{MAX_PERMITTED_DATA_INCREASE, SUCCESS}, epoch_schedule::EpochSchedule, feature_set::{ - allow_native_ids, blake3_syscall_enabled, check_seed_length, - close_upgradeable_program_accounts, demote_program_write_locks, disable_fees_sysvar, - do_support_realloc, libsecp256k1_0_5_upgrade_enabled, mem_overlap_fix, + blake3_syscall_enabled, demote_program_write_locks, disable_fees_sysvar, + do_support_realloc, libsecp256k1_0_5_upgrade_enabled, prevent_calling_precompiles_as_programs, return_data_syscall_enabled, secp256k1_recover_syscall_enabled, sol_log_data_syscall_enabled, }, @@ -260,15 +259,11 @@ pub fn bind_syscall_context_objects<'a>( None, )?; - let allow_native_ids = invoke_context.is_feature_active(&allow_native_ids::id()); - let check_seed_length = invoke_context.is_feature_active(&check_seed_length::id()); vm.bind_syscall_context_object( Box::new(SyscallCreateProgramAddress { cost: compute_budget.create_program_address_units, compute_meter: invoke_context.get_compute_meter(), loader_id, - allow_native_ids, - check_seed_length, }), None, )?; @@ -277,8 +272,6 @@ pub fn bind_syscall_context_objects<'a>( cost: compute_budget.create_program_address_units, compute_meter: invoke_context.get_compute_meter(), loader_id, - allow_native_ids, - check_seed_length, }), None, )?; @@ -308,7 +301,6 @@ pub fn bind_syscall_context_objects<'a>( cost: invoke_context.get_compute_budget().cpi_bytes_per_unit, compute_meter: invoke_context.get_compute_meter(), loader_id, - mem_overlap_fix: invoke_context.is_feature_active(&mem_overlap_fix::id()), }), None, )?; @@ -787,7 +779,6 @@ fn translate_and_check_program_address_inputs<'a>( program_id_addr: u64, memory_mapping: &MemoryMapping, loader_id: &Pubkey, - check_seed_length: bool, ) -> Result<(Vec<&'a [u8]>, &'a Pubkey), EbpfError> { let untranslated_seeds = translate_slice::<&[&u8]>(memory_mapping, seeds_addr, seeds_len, loader_id)?; @@ -797,7 +788,7 @@ fn translate_and_check_program_address_inputs<'a>( let seeds = untranslated_seeds .iter() .map(|untranslated_seed| { - if check_seed_length && untranslated_seed.len() > MAX_SEED_LEN { + if untranslated_seed.len() > MAX_SEED_LEN { return Err(SyscallError::BadSeeds(PubkeyError::MaxSeedLengthExceeded).into()); } translate_slice::( @@ -812,42 +803,11 @@ fn translate_and_check_program_address_inputs<'a>( Ok((seeds, program_id)) } -fn is_native_id(seeds: &[&[u8]], program_id: &Pubkey) -> bool { - use solana_sdk::{config, feature, secp256k1_program, stake, system_program, vote}; - // Does more than just check native ids in order to emulate the same failure - // signature that `compute_program_address` had before the removal of the - // check. - if seeds.len() > MAX_SEEDS { - return true; - } - for seed in seeds.iter() { - if seed.len() > MAX_SEED_LEN { - return true; - } - } - - let native_ids = [ - bpf_loader::id(), - bpf_loader_deprecated::id(), - feature::id(), - config::program::id(), - stake::program::id(), - stake::config::id(), - vote::program::id(), - secp256k1_program::id(), - system_program::id(), - sysvar::id(), - ]; - native_ids.contains(program_id) -} - /// Create a program address struct SyscallCreateProgramAddress<'a> { cost: u64, compute_meter: Rc>, loader_id: &'a Pubkey, - allow_native_ids: bool, - check_seed_length: bool, } impl<'a> SyscallObject for SyscallCreateProgramAddress<'a> { fn call( @@ -860,9 +820,7 @@ impl<'a> SyscallObject for SyscallCreateProgramAddress<'a> { memory_mapping: &MemoryMapping, result: &mut Result>, ) { - if self.check_seed_length { - question_mark!(self.compute_meter.consume(self.cost), result); - } + question_mark!(self.compute_meter.consume(self.cost), result); let (seeds, program_id) = question_mark!( translate_and_check_program_address_inputs( @@ -871,20 +829,10 @@ impl<'a> SyscallObject for SyscallCreateProgramAddress<'a> { program_id_addr, memory_mapping, self.loader_id, - self.check_seed_length, ), result ); - if !self.check_seed_length { - question_mark!(self.compute_meter.consume(self.cost), result); - } - - if !self.allow_native_ids && is_native_id(&seeds, program_id) { - *result = Ok(1); - return; - } - let new_address = match Pubkey::create_program_address(&seeds, program_id) { Ok(address) => address, Err(_) => { @@ -906,8 +854,6 @@ struct SyscallTryFindProgramAddress<'a> { cost: u64, compute_meter: Rc>, loader_id: &'a Pubkey, - allow_native_ids: bool, - check_seed_length: bool, } impl<'a> SyscallObject for SyscallTryFindProgramAddress<'a> { fn call( @@ -920,9 +866,7 @@ impl<'a> SyscallObject for SyscallTryFindProgramAddress<'a> { memory_mapping: &MemoryMapping, result: &mut Result>, ) { - if self.check_seed_length { - question_mark!(self.compute_meter.consume(self.cost), result); - } + question_mark!(self.compute_meter.consume(self.cost), result); let (seeds, program_id) = question_mark!( translate_and_check_program_address_inputs( @@ -931,7 +875,6 @@ impl<'a> SyscallObject for SyscallTryFindProgramAddress<'a> { program_id_addr, memory_mapping, self.loader_id, - self.check_seed_length, ), result ); @@ -942,42 +885,25 @@ impl<'a> SyscallObject for SyscallTryFindProgramAddress<'a> { let mut seeds_with_bump = seeds.to_vec(); seeds_with_bump.push(&bump_seed); - if !self.check_seed_length { - question_mark!(self.compute_meter.consume(self.cost), result); - } - - if self.allow_native_ids || !is_native_id(&seeds, program_id) { - if let Ok(new_address) = - Pubkey::create_program_address(&seeds_with_bump, program_id) - { - let bump_seed_ref = question_mark!( - translate_type_mut::( - memory_mapping, - bump_seed_addr, - self.loader_id, - ), - result - ); - let address = question_mark!( - translate_slice_mut::( - memory_mapping, - address_addr, - 32, - self.loader_id, - ), - result - ); - *bump_seed_ref = bump_seed[0]; - address.copy_from_slice(new_address.as_ref()); - *result = Ok(0); - return; - } + if let Ok(new_address) = + Pubkey::create_program_address(&seeds_with_bump, program_id) + { + let bump_seed_ref = question_mark!( + translate_type_mut::(memory_mapping, bump_seed_addr, self.loader_id,), + result + ); + let address = question_mark!( + translate_slice_mut::(memory_mapping, address_addr, 32, self.loader_id,), + result + ); + *bump_seed_ref = bump_seed[0]; + address.copy_from_slice(new_address.as_ref()); + *result = Ok(0); + return; } } bump_seed[0] -= 1; - if self.check_seed_length { - question_mark!(self.compute_meter.consume(self.cost), result); - } + question_mark!(self.compute_meter.consume(self.cost), result); } *result = Ok(1); } @@ -1231,7 +1157,6 @@ pub struct SyscallMemcpy<'a> { cost: u64, compute_meter: Rc>, loader_id: &'a Pubkey, - mem_overlap_fix: bool, } impl<'a> SyscallObject for SyscallMemcpy<'a> { fn call( @@ -1244,11 +1169,7 @@ impl<'a> SyscallObject for SyscallMemcpy<'a> { memory_mapping: &MemoryMapping, result: &mut Result>, ) { - if if self.mem_overlap_fix { - check_overlapping(src_addr, dst_addr, n) - } else { - dst_addr + n > src_addr && src_addr > dst_addr - } { + if check_overlapping(src_addr, dst_addr, n) { *result = Err(SyscallError::CopyOverlapping.into()); return; } @@ -2203,8 +2124,7 @@ fn check_authorized_program( || (bpf_loader_upgradeable::check_id(program_id) && !(bpf_loader_upgradeable::is_upgrade_instruction(instruction_data) || bpf_loader_upgradeable::is_set_authority_instruction(instruction_data) - || (invoke_context.is_feature_active(&close_upgradeable_program_accounts::id()) - && bpf_loader_upgradeable::is_close_instruction(instruction_data)))) + || bpf_loader_upgradeable::is_close_instruction(instruction_data))) || (invoke_context.is_feature_active(&prevent_calling_precompiles_as_programs::id()) && is_precompile(program_id, |feature_id: &Pubkey| { invoke_context.is_feature_active(feature_id) @@ -3627,8 +3547,6 @@ mod tests { cost: 1, compute_meter: compute_meter.clone(), loader_id: &bpf_loader::id(), - allow_native_ids: true, - check_seed_length: true, }; let (address, _) = call_program_address_common(seeds, program_id, &mut syscall)?; Ok(address) @@ -3645,8 +3563,6 @@ mod tests { cost: 1, compute_meter: compute_meter.clone(), loader_id: &bpf_loader::id(), - allow_native_ids: true, - check_seed_length: true, }; call_program_address_common(seeds, program_id, &mut syscall) } diff --git a/runtime/src/message_processor.rs b/runtime/src/message_processor.rs index 2b4f2169bb..71e5d91823 100644 --- a/runtime/src/message_processor.rs +++ b/runtime/src/message_processor.rs @@ -1484,7 +1484,6 @@ mod tests { InstructionProcessor::native_invoke( &mut invoke_context, callee_instruction.clone(), - &[0, 1, 2, 3], &[] ), Err(InstructionError::ExternalAccountDataModified) @@ -1494,12 +1493,7 @@ mod tests { // readonly account modified by the invoker accounts[2].1.borrow_mut().data_as_mut_slice()[0] = 1; assert_eq!( - InstructionProcessor::native_invoke( - &mut invoke_context, - callee_instruction, - &[0, 1, 2, 3], - &[] - ), + InstructionProcessor::native_invoke(&mut invoke_context, callee_instruction, &[]), Err(InstructionError::ReadonlyDataModified) ); accounts[2].1.borrow_mut().data_as_mut_slice()[0] = 0; @@ -1531,12 +1525,7 @@ mod tests { .push(&message, &caller_instruction, &program_indices, None) .unwrap(); assert_eq!( - InstructionProcessor::native_invoke( - &mut invoke_context, - callee_instruction, - &[0, 1, 2, 3], - &[] - ), + InstructionProcessor::native_invoke(&mut invoke_context, callee_instruction, &[]), case.1 ); invoke_context.pop(); diff --git a/sdk/src/feature_set.rs b/sdk/src/feature_set.rs index 5e39279879..d6c264f932 100644 --- a/sdk/src/feature_set.rs +++ b/sdk/src/feature_set.rs @@ -91,10 +91,6 @@ pub mod secp256k1_recover_syscall_enabled { solana_sdk::declare_id!("6RvdSWHh8oh72Dp7wMTS2DBkf3fRPtChfNrAo3cZZoXJ"); } -pub mod add_missing_program_error_mappings { - solana_sdk::declare_id!("3QEUpjhgPEt92nz3Mqf6pABkHPGCQwSvKtyGMq4SuQyL"); -} - pub mod system_transfer_zero_check { solana_sdk::declare_id!("BrTR9hzw4WBGFP65AJMbpAo64DcA3U6jdPSga9fMV5cS"); } @@ -159,10 +155,6 @@ pub mod gate_large_block { solana_sdk::declare_id!("2ry7ygxiYURULZCrypHhveanvP5tzZ4toRwVp89oCNSj"); } -pub mod mem_overlap_fix { - solana_sdk::declare_id!("vXDCFK7gphrEmyf5VnKgLmqbdJ4UxD2eZH1qbdouYKF"); -} - pub mod versioned_tx_message_enabled { solana_sdk::declare_id!("3KZZ6Ks1885aGBQ45fwRcPXVBCtzUvxhUTkwKMR41Tca"); } @@ -175,10 +167,6 @@ pub mod instructions_sysvar_owned_by_sysvar { solana_sdk::declare_id!("H3kBSaKdeiUsyHmeHqjJYNc27jesXZ6zWj3zWkowQbkV"); } -pub mod close_upgradeable_program_accounts { - solana_sdk::declare_id!("EQMtCuSAkMVF9ZdhGuABtgvyXJLtSRF5AQKv1RNsrhj7"); -} - pub mod stake_program_advance_activating_credits_observed { solana_sdk::declare_id!("SAdVFw3RZvzbo6DvySbSdBnHN4gkzSTH9dSxesyKKPj"); } @@ -191,22 +179,10 @@ pub mod ed25519_program_enabled { solana_sdk::declare_id!("E1TvTNipX8TKNHrhRC8SMuAwQmGY58TZ4drdztP3Gxwc"); } -pub mod allow_native_ids { - solana_sdk::declare_id!("GVnDbNkECwrzLM7aVBGWpBYo3yH1ACaXB4ottNX8pedZ"); -} - -pub mod check_seed_length { - solana_sdk::declare_id!("8HYXgkoKGreAMA3MfJkdjbKNVbfZRQP3jqFpa7iqN4v7"); -} - pub mod return_data_syscall_enabled { solana_sdk::declare_id!("BJVXq6NdLC7jCDGjfqJv7M1XHD4Y13VrpDqRF2U7UBcC"); } -pub mod fix_write_privs { - solana_sdk::declare_id!("7Tr5C1tdcCeBVD8jxtHYnvjL1DGdFboYBHCJkEFdenBb"); -} - pub mod reduce_required_deploy_balance { solana_sdk::declare_id!("EBeznQDjcPG8491sFsKZYBi5S5jTVXMpAKNDJMQPS2kq"); } @@ -275,7 +251,6 @@ lazy_static! { (check_init_vote_data::id(), "check initialized Vote data"), (stake_program_v4::id(), "solana_stake_program v4"), (secp256k1_recover_syscall_enabled::id(), "secp256k1_recover syscall"), - (add_missing_program_error_mappings::id(), "add missing program error mappings"), (system_transfer_zero_check::id(), "perform all checks for transfers of 0 lamports"), (blake3_syscall_enabled::id(), "blake3 syscall"), (dedupe_config_program_signers::id(), "dedupe config program signers"), @@ -292,18 +267,13 @@ lazy_static! { (disable_fees_sysvar::id(), "disable fees sysvar"), (stake_merge_with_unmatched_credits_observed::id(), "allow merging active stakes with unmatched credits_observed #18985"), (gate_large_block::id(), "validator checks block cost against max limit in realtime, reject if exceeds."), - (mem_overlap_fix::id(), "memory overlap fix"), (versioned_tx_message_enabled::id(), "enable versioned transaction message processing"), (libsecp256k1_fail_on_bad_count::id(), "fail libsec256k1_verify if count appears wrong"), (instructions_sysvar_owned_by_sysvar::id(), "fix owner for instructions sysvar"), - (close_upgradeable_program_accounts::id(), "enable closing upgradeable program accounts"), (stake_program_advance_activating_credits_observed::id(), "Enable advancing credits observed for activation epoch #19309"), (demote_program_write_locks::id(), "demote program write locks to readonly, except when upgradeable loader present #19593 #20265"), (ed25519_program_enabled::id(), "enable builtin ed25519 signature verify program"), - (allow_native_ids::id(), "allow native program ids in program derived addresses"), - (check_seed_length::id(), "Check program address seed lengths"), (return_data_syscall_enabled::id(), "enable sol_{set,get}_return_data syscall"), - (fix_write_privs::id(), "fix native invoke write privileges"), (reduce_required_deploy_balance::id(), "reduce required payer balance for program deploys"), (sol_log_data_syscall_enabled::id(), "enable sol_log_data syscall"), (stakes_remove_delegation_if_inactive::id(), "remove delegations from stakes cache when inactive"),