gaspersic/solana
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Buffer authority must match upgrade authority for deploys and upgrades (#14932)

Browse Source
This commit is contained in:
Jack May
2021-01-29 12:43:53 -08:00
committed by GitHub
parent 7c05216e34
commit 893cc76472
9 changed files with 934 additions and 576 deletions
Download Patch File Download Diff File Expand all files Collapse all files

315
cli/src/program.rs
View File

@ -62,8 +62,7 @@ pub enum ProgramCliCommand {
program_pubkey: Option<Pubkey>, program_pubkey: Option<Pubkey>,
buffer_signer_index: Option<SignerIndex>, buffer_signer_index: Option<SignerIndex>,
buffer_pubkey: Option<Pubkey>, buffer_pubkey: Option<Pubkey>,
upgrade_authority_signer_index: Option<SignerIndex>, upgrade_authority_signer_index: SignerIndex,
upgrade_authority_pubkey: Option<Pubkey>,
is_final: bool, is_final: bool,
max_len: Option<usize>, max_len: Option<usize>,
allow_excessive_balance: bool, allow_excessive_balance: bool,
@ -73,13 +72,12 @@ pub enum ProgramCliCommand {
buffer_signer_index: Option<SignerIndex>, buffer_signer_index: Option<SignerIndex>,
buffer_pubkey: Option<Pubkey>, buffer_pubkey: Option<Pubkey>,
buffer_authority_signer_index: Option<SignerIndex>, buffer_authority_signer_index: Option<SignerIndex>,
is_final: bool,
max_len: Option<usize>, max_len: Option<usize>,
}, },
SetBufferAuthority { SetBufferAuthority {
buffer_pubkey: Pubkey, buffer_pubkey: Pubkey,
buffer_authority_index: Option<SignerIndex>, buffer_authority_index: Option<SignerIndex>,
new_buffer_authority: Option<Pubkey>, new_buffer_authority: Pubkey,
}, },
SetUpgradeAuthority { SetUpgradeAuthority {
program_pubkey: Pubkey, program_pubkey: Pubkey,
@ -119,10 +117,12 @@ impl ProgramSubCommands for App<'_, '_> {
[default: random address]") [default: random address]")
) )
.arg( .arg(
pubkey!(Arg::with_name("upgrade_authority") Arg::with_name("upgrade_authority")
.long("upgrade-authority") .long("upgrade-authority")
.value_name("UPGRADE_AUTHORITY"), .value_name("UPGRADE_AUTHORITY_SIGNER")
"Upgrade authority [default: the default configured keypair]"), .takes_value(true)
.validator(is_valid_signer)
.help("Upgrade authority [default: the default configured keypair]")
) )
.arg( .arg(
pubkey!(Arg::with_name("program_id") pubkey!(Arg::with_name("program_id")
@ -179,11 +179,6 @@ impl ProgramSubCommands for App<'_, '_> {
.validator(is_valid_signer) .validator(is_valid_signer)
.help("Buffer authority [default: the default configured keypair]") .help("Buffer authority [default: the default configured keypair]")
) )
.arg(
Arg::with_name("final")
.long("final")
.help("The program will not be upgradeable")
)
.arg( .arg(
Arg::with_name("max_len") Arg::with_name("max_len")
.long("max-len") .long("max-len")
@ -217,15 +212,9 @@ impl ProgramSubCommands for App<'_, '_> {
pubkey!(Arg::with_name("new_buffer_authority") pubkey!(Arg::with_name("new_buffer_authority")
.long("new-buffer-authority") .long("new-buffer-authority")
.value_name("NEW_BUFFER_AUTHORITY") .value_name("NEW_BUFFER_AUTHORITY")
.required_unless("final"), .required(true),
"Address of the new buffer authority"), "Address of the new buffer authority"),
) )
.arg(
Arg::with_name("final")
.long("final")
.conflicts_with("new_buffer_authority")
.help("The buffer will be immutable")
)
) )
.subcommand( .subcommand(
SubCommand::with_name("set-upgrade-authority") SubCommand::with_name("set-upgrade-authority")
@ -312,10 +301,6 @@ pub fn parse_program_subcommand(
{ {
bulk_signers.push(upgrade_authority_signer); bulk_signers.push(upgrade_authority_signer);
Some(upgrade_authority_pubkey) Some(upgrade_authority_pubkey)
} else if let Some(upgrade_authority_pubkey) =
pubkey_of_signer(matches, "upgrade_authority", wallet_manager)?
{
Some(upgrade_authority_pubkey)
} else { } else {
Some( Some(
default_signer default_signer
@ -337,8 +322,8 @@ pub fn parse_program_subcommand(
buffer_signer_index: signer_info.index_of_or_none(buffer_pubkey), buffer_signer_index: signer_info.index_of_or_none(buffer_pubkey),
buffer_pubkey, buffer_pubkey,
upgrade_authority_signer_index: signer_info upgrade_authority_signer_index: signer_info
.index_of_or_none(upgrade_authority_pubkey), .index_of(upgrade_authority_pubkey)
upgrade_authority_pubkey, .unwrap(),
is_final: matches.is_present("final"), is_final: matches.is_present("final"),
max_len, max_len,
allow_excessive_balance: matches.is_present("allow_excessive_balance"), allow_excessive_balance: matches.is_present("allow_excessive_balance"),
@ -389,7 +374,6 @@ pub fn parse_program_subcommand(
buffer_pubkey, buffer_pubkey,
buffer_authority_signer_index: signer_info buffer_authority_signer_index: signer_info
.index_of_or_none(buffer_authority_pubkey), .index_of_or_none(buffer_authority_pubkey),
is_final: matches.is_present("final"),
max_len, max_len,
}), }),
signers: signer_info.signers, signers: signer_info.signers,
@ -400,16 +384,14 @@ pub fn parse_program_subcommand(
let (buffer_authority_signer, buffer_authority_pubkey) = let (buffer_authority_signer, buffer_authority_pubkey) =
signer_of(matches, "buffer_authority", wallet_manager)?; signer_of(matches, "buffer_authority", wallet_manager)?;
let new_buffer_authority = if matches.is_present("final") { let new_buffer_authority = if let Some(new_buffer_authority) =
None
} else if let Some(new_buffer_authority) =
pubkey_of_signer(matches, "new_buffer_authority", wallet_manager)? pubkey_of_signer(matches, "new_buffer_authority", wallet_manager)?
{ {
Some(new_buffer_authority) new_buffer_authority
} else { } else {
let (_, new_buffer_authority) = let (_, new_buffer_authority) =
signer_of(matches, "new_buffer_authority", wallet_manager)?; signer_of(matches, "new_buffer_authority", wallet_manager)?;
new_buffer_authority new_buffer_authority.unwrap()
}; };
let signer_info = default_signer.generate_unique_signers( let signer_info = default_signer.generate_unique_signers(
@ -482,7 +464,6 @@ pub fn process_program_subcommand(
buffer_signer_index, buffer_signer_index,
buffer_pubkey, buffer_pubkey,
upgrade_authority_signer_index, upgrade_authority_signer_index,
upgrade_authority_pubkey,
is_final, is_final,
max_len, max_len,
allow_excessive_balance, allow_excessive_balance,
@ -495,7 +476,6 @@ pub fn process_program_subcommand(
*buffer_signer_index, *buffer_signer_index,
*buffer_pubkey, *buffer_pubkey,
*upgrade_authority_signer_index, *upgrade_authority_signer_index,
*upgrade_authority_pubkey,
*is_final, *is_final,
*max_len, *max_len,
*allow_excessive_balance, *allow_excessive_balance,
@ -505,7 +485,6 @@ pub fn process_program_subcommand(
buffer_signer_index, buffer_signer_index,
buffer_pubkey, buffer_pubkey,
buffer_authority_signer_index, buffer_authority_signer_index,
is_final,
max_len, max_len,
} => process_write_buffer( } => process_write_buffer(
&rpc_client, &rpc_client,
@ -514,7 +493,6 @@ pub fn process_program_subcommand(
*buffer_signer_index, *buffer_signer_index,
*buffer_pubkey, *buffer_pubkey,
*buffer_authority_signer_index, *buffer_authority_signer_index,
*is_final,
*max_len, *max_len,
), ),
ProgramCliCommand::SetBufferAuthority { ProgramCliCommand::SetBufferAuthority {
@ -527,7 +505,7 @@ pub fn process_program_subcommand(
None, None,
Some(*buffer_pubkey), Some(*buffer_pubkey),
*buffer_authority_index, *buffer_authority_index,
*new_buffer_authority, Some(*new_buffer_authority),
), ),
ProgramCliCommand::SetUpgradeAuthority { ProgramCliCommand::SetUpgradeAuthority {
program_pubkey, program_pubkey,
@ -575,8 +553,7 @@ fn process_program_deploy(
program_pubkey: Option<Pubkey>, program_pubkey: Option<Pubkey>,
buffer_signer_index: Option<SignerIndex>, buffer_signer_index: Option<SignerIndex>,
buffer_pubkey: Option<Pubkey>, buffer_pubkey: Option<Pubkey>,
upgrade_authority_signer_index: Option<SignerIndex>, upgrade_authority_signer_index: SignerIndex,
upgrade_authority_pubkey: Option<Pubkey>,
is_final: bool, is_final: bool,
max_len: Option<usize>, max_len: Option<usize>,
allow_excessive_balance: bool, allow_excessive_balance: bool,
@ -592,6 +569,7 @@ fn process_program_deploy(
buffer_keypair.pubkey(), buffer_keypair.pubkey(),
) )
}; };
let upgrade_authority_signer = config.signers[upgrade_authority_signer_index];
let default_program_keypair = get_default_program_keypair(&program_location); let default_program_keypair = get_default_program_keypair(&program_location);
let (program_signer, program_pubkey) = if let Some(i) = program_signer_index { let (program_signer, program_pubkey) = if let Some(i) = program_signer_index {
@ -628,10 +606,11 @@ fn process_program_deploy(
if program_authority_pubkey.is_none() { if program_authority_pubkey.is_none() {
return Err("Program is no longer upgradeable".into()); return Err("Program is no longer upgradeable".into());
} }
if program_authority_pubkey != upgrade_authority_pubkey { if program_authority_pubkey != Some(upgrade_authority_signer.pubkey()) {
return Err(format!( return Err(format!(
"Program's authority {:?} does not match authority provided {:?}", "Program's authority {:?} does not match authority provided {:?}",
program_authority_pubkey, upgrade_authority_pubkey, program_authority_pubkey,
upgrade_authority_signer.pubkey(),
) )
.into()); .into());
} }
@ -693,25 +672,22 @@ fn process_program_deploy(
buffer_data_len, buffer_data_len,
minimum_balance, minimum_balance,
&bpf_loader_upgradeable::id(), &bpf_loader_upgradeable::id(),
Some(program_signer.unwrap()), Some(&[program_signer.unwrap(), upgrade_authority_signer]),
buffer_signer, buffer_signer,
&buffer_pubkey, &buffer_pubkey,
buffer_signer, Some(upgrade_authority_signer),
upgrade_authority_pubkey,
allow_excessive_balance, allow_excessive_balance,
) )
} else if let Some(upgrade_authority_index) = upgrade_authority_signer_index { } else {
do_process_program_upgrade( do_process_program_upgrade(
rpc_client, rpc_client,
config, config,
&program_data, &program_data,
&program_pubkey, &program_pubkey,
config.signers[upgrade_authority_index], config.signers[upgrade_authority_signer_index],
&buffer_pubkey, &buffer_pubkey,
buffer_signer, buffer_signer,
) )
} else {
return Err("Program upgrade requires an authority".into());
}; };
if result.is_ok() && is_final { if result.is_ok() && is_final {
process_set_authority( process_set_authority(
@ -719,7 +695,7 @@ fn process_program_deploy(
config, config,
Some(program_pubkey), Some(program_pubkey),
None, None,
upgrade_authority_signer_index, Some(upgrade_authority_signer_index),
None, None,
)?; )?;
} }
@ -736,7 +712,6 @@ fn process_write_buffer(
buffer_signer_index: Option<SignerIndex>, buffer_signer_index: Option<SignerIndex>,
buffer_pubkey: Option<Pubkey>, buffer_pubkey: Option<Pubkey>,
buffer_authority_signer_index: Option<SignerIndex>, buffer_authority_signer_index: Option<SignerIndex>,
is_final: bool,
max_len: Option<usize>, max_len: Option<usize>,
) -> ProcessResult { ) -> ProcessResult {
// Create ephemeral keypair to use for Buffer account, if not provided // Create ephemeral keypair to use for Buffer account, if not provided
@ -799,21 +774,9 @@ fn process_write_buffer(
buffer_signer, buffer_signer,
&buffer_pubkey, &buffer_pubkey,
Some(buffer_authority), Some(buffer_authority),
None,
true, true,
); );
if result.is_ok() && is_final {
process_set_authority(
rpc_client,
config,
None,
Some(buffer_pubkey),
buffer_authority_signer_index,
None,
)?;
}
if result.is_err() && buffer_signer_index.is_none() && buffer_signer.is_some() { if result.is_err() && buffer_signer_index.is_none() && buffer_signer.is_some() {
report_ephemeral_mnemonic(words, mnemonic); report_ephemeral_mnemonic(words, mnemonic);
} }
@ -837,24 +800,28 @@ fn process_set_authority(
trace!("Set a new authority"); trace!("Set a new authority");
let (blockhash, _) = rpc_client.get_recent_blockhash()?; let (blockhash, _) = rpc_client.get_recent_blockhash()?;
let mut tx = if let Some(pubkey) = program_pubkey { let mut tx = if let Some(ref pubkey) = program_pubkey {
Transaction::new_unsigned(Message::new( Transaction::new_unsigned(Message::new(
&[bpf_loader_upgradeable::set_upgrade_authority( &[bpf_loader_upgradeable::set_upgrade_authority(
&pubkey, pubkey,
&authority_signer.pubkey(), &authority_signer.pubkey(),
new_authority.as_ref(), new_authority.as_ref(),
)], )],
Some(&config.signers[0].pubkey()), Some(&config.signers[0].pubkey()),
)) ))
} else if let Some(pubkey) = buffer_pubkey { } else if let Some(pubkey) = buffer_pubkey {
Transaction::new_unsigned(Message::new( if let Some(ref new_authority) = new_authority {
&[bpf_loader_upgradeable::set_buffer_authority( Transaction::new_unsigned(Message::new(
&pubkey, &[bpf_loader_upgradeable::set_buffer_authority(
&authority_signer.pubkey(), &pubkey,
new_authority.as_ref(), &authority_signer.pubkey(),
)], new_authority,
Some(&config.signers[0].pubkey()), )],
)) Some(&config.signers[0].pubkey()),
))
} else {
return Err("Buffer authority cannot be None".into());
}
} else { } else {
return Err("Program or Buffer not provided".into()); return Err("Program or Buffer not provided".into());
}; };
@ -916,11 +883,10 @@ pub fn process_deploy(
program_data.len(), program_data.len(),
minimum_balance, minimum_balance,
&loader_id, &loader_id,
Some(buffer_signer), Some(&[buffer_signer]),
Some(buffer_signer), Some(buffer_signer),
&buffer_signer.pubkey(), &buffer_signer.pubkey(),
Some(buffer_signer), Some(buffer_signer),
None,
allow_excessive_balance, allow_excessive_balance,
); );
if result.is_err() && buffer_signer_index.is_none() { if result.is_err() && buffer_signer_index.is_none() {
@ -937,11 +903,10 @@ fn do_process_program_write_and_deploy(
buffer_data_len: usize, buffer_data_len: usize,
minimum_balance: u64, minimum_balance: u64,
loader_id: &Pubkey, loader_id: &Pubkey,
program_signer: Option<&dyn Signer>, program_signers: Option<&[&dyn Signer]>,
buffer_signer: Option<&dyn Signer>, buffer_signer: Option<&dyn Signer>,
buffer_pubkey: &Pubkey, buffer_pubkey: &Pubkey,
buffer_authority_signer: Option<&dyn Signer>, buffer_authority_signer: Option<&dyn Signer>,
upgrade_authority: Option<Pubkey>,
allow_excessive_balance: bool, allow_excessive_balance: bool,
) -> ProcessResult { ) -> ProcessResult {
// Build messages to calculate fees // Build messages to calculate fees
@ -972,7 +937,7 @@ fn do_process_program_write_and_deploy(
bpf_loader_upgradeable::create_buffer( bpf_loader_upgradeable::create_buffer(
&config.signers[0].pubkey(), &config.signers[0].pubkey(),
buffer_pubkey, buffer_pubkey,
Some(&buffer_authority_signer.pubkey()), &buffer_authority_signer.pubkey(),
minimum_balance, minimum_balance,
buffer_data_len, buffer_data_len,
)?, )?,
@ -1006,7 +971,7 @@ fn do_process_program_write_and_deploy(
let instruction = if loader_id == &bpf_loader_upgradeable::id() { let instruction = if loader_id == &bpf_loader_upgradeable::id() {
bpf_loader_upgradeable::write( bpf_loader_upgradeable::write(
buffer_pubkey, buffer_pubkey,
Some(&buffer_authority_signer.pubkey()), &buffer_authority_signer.pubkey(),
(i * DATA_CHUNK_SIZE) as u32, (i * DATA_CHUNK_SIZE) as u32,
chunk.to_vec(), chunk.to_vec(),
) )
@ -1040,14 +1005,14 @@ fn do_process_program_write_and_deploy(
// Create and add final message // Create and add final message
let final_message = if let Some(program_signer) = program_signer { let final_message = if let Some(program_signers) = program_signers {
let message = if loader_id == &bpf_loader_upgradeable::id() { let message = if loader_id == &bpf_loader_upgradeable::id() {
Message::new( Message::new(
&bpf_loader_upgradeable::deploy_with_max_program_len( &bpf_loader_upgradeable::deploy_with_max_program_len(
&config.signers[0].pubkey(), &config.signers[0].pubkey(),
&program_signer.pubkey(), &program_signers[0].pubkey(),
buffer_pubkey, buffer_pubkey,
upgrade_authority.as_ref(), &program_signers[1].pubkey(),
rpc_client.get_minimum_balance_for_rent_exemption( rpc_client.get_minimum_balance_for_rent_exemption(
UpgradeableLoaderState::program_len()?, UpgradeableLoaderState::program_len()?,
)?, )?,
@ -1079,12 +1044,12 @@ fn do_process_program_write_and_deploy(
&final_message, &final_message,
buffer_signer, buffer_signer,
buffer_authority_signer, buffer_authority_signer,
program_signer, program_signers,
)?; )?;
if let Some(program_signer) = program_signer { if let Some(program_signers) = program_signers {
Ok(json!({ Ok(json!({
"programId": format!("{}", program_signer.pubkey()), "programId": format!("{}", program_signers[0].pubkey()),
}) })
.to_string()) .to_string())
} else { } else {
@ -1134,7 +1099,7 @@ fn do_process_program_upgrade(
bpf_loader_upgradeable::create_buffer( bpf_loader_upgradeable::create_buffer(
&config.signers[0].pubkey(), &config.signers[0].pubkey(),
buffer_pubkey, buffer_pubkey,
Some(&buffer_signer.pubkey()), &upgrade_authority.pubkey(),
minimum_balance, minimum_balance,
data_len, data_len,
)?, )?,
@ -1156,7 +1121,7 @@ fn do_process_program_upgrade(
for (chunk, i) in program_data.chunks(DATA_CHUNK_SIZE).zip(0..) { for (chunk, i) in program_data.chunks(DATA_CHUNK_SIZE).zip(0..) {
let instruction = bpf_loader_upgradeable::write( let instruction = bpf_loader_upgradeable::write(
&buffer_signer.pubkey(), &buffer_signer.pubkey(),
None, &upgrade_authority.pubkey(),
(i * DATA_CHUNK_SIZE) as u32, (i * DATA_CHUNK_SIZE) as u32,
chunk.to_vec(), chunk.to_vec(),
); );
@ -1200,8 +1165,8 @@ fn do_process_program_upgrade(
&write_messages, &write_messages,
&Some(final_message), &Some(final_message),
buffer_signer, buffer_signer,
buffer_signer,
Some(upgrade_authority), Some(upgrade_authority),
Some(&[upgrade_authority]),
)?; )?;
Ok(json!({ Ok(json!({
@ -1300,9 +1265,10 @@ fn send_deploy_messages(
final_message: &Option<Message>, final_message: &Option<Message>,
initial_signer: Option<&dyn Signer>, initial_signer: Option<&dyn Signer>,
write_signer: Option<&dyn Signer>, write_signer: Option<&dyn Signer>,
final_signer: Option<&dyn Signer>, final_signers: Option<&[&dyn Signer]>,
) -> Result<(), Box<dyn std::error::Error>> { ) -> Result<(), Box<dyn std::error::Error>> {
let payer_signer = config.signers[0]; let payer_signer = config.signers[0];
if let Some(message) = initial_message { if let Some(message) = initial_message {
if let Some(initial_signer) = initial_signer { if let Some(initial_signer) = initial_signer {
trace!("Preparing the required accounts"); trace!("Preparing the required accounts");
@ -1351,12 +1317,14 @@ fn send_deploy_messages(
} }
if let Some(message) = final_message { if let Some(message) = final_message {
if let Some(final_signer) = final_signer { if let Some(final_signers) = final_signers {
trace!("Deploying program"); trace!("Deploying program");
let (blockhash, _) = rpc_client.get_recent_blockhash()?; let (blockhash, _) = rpc_client.get_recent_blockhash()?;
let mut final_tx = Transaction::new_unsigned(message.clone()); let mut final_tx = Transaction::new_unsigned(message.clone());
final_tx.try_sign(&[payer_signer, final_signer], blockhash)?; let mut signers = final_signers.to_vec();
signers.push(payer_signer);
final_tx.try_sign(&signers, blockhash)?;
rpc_client rpc_client
.send_and_confirm_transaction_with_spinner_and_config( .send_and_confirm_transaction_with_spinner_and_config(
&final_tx, &final_tx,
@ -1615,8 +1583,7 @@ mod tests {
buffer_pubkey: None, buffer_pubkey: None,
program_signer_index: None, program_signer_index: None,
program_pubkey: None, program_pubkey: None,
upgrade_authority_signer_index: Some(0), upgrade_authority_signer_index: 0,
upgrade_authority_pubkey: Some(default_keypair.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
allow_excessive_balance: false, allow_excessive_balance: false,
@ -1642,8 +1609,7 @@ mod tests {
buffer_pubkey: None, buffer_pubkey: None,
program_signer_index: None, program_signer_index: None,
program_pubkey: None, program_pubkey: None,
upgrade_authority_signer_index: Some(0), upgrade_authority_signer_index: 0,
upgrade_authority_pubkey: Some(default_keypair.pubkey()),
is_final: false, is_final: false,
max_len: Some(42), max_len: Some(42),
allow_excessive_balance: false, allow_excessive_balance: false,
@ -1671,8 +1637,7 @@ mod tests {
buffer_pubkey: Some(buffer_keypair.pubkey()), buffer_pubkey: Some(buffer_keypair.pubkey()),
program_signer_index: None, program_signer_index: None,
program_pubkey: None, program_pubkey: None,
upgrade_authority_signer_index: Some(0), upgrade_authority_signer_index: 0,
upgrade_authority_pubkey: Some(default_keypair.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
allow_excessive_balance: false, allow_excessive_balance: false,
@ -1702,8 +1667,7 @@ mod tests {
buffer_pubkey: None, buffer_pubkey: None,
program_signer_index: None, program_signer_index: None,
program_pubkey: Some(program_pubkey), program_pubkey: Some(program_pubkey),
upgrade_authority_signer_index: Some(0), upgrade_authority_signer_index: 0,
upgrade_authority_pubkey: Some(default_keypair.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
allow_excessive_balance: false, allow_excessive_balance: false,
@ -1732,8 +1696,7 @@ mod tests {
buffer_pubkey: None, buffer_pubkey: None,
program_signer_index: Some(1), program_signer_index: Some(1),
program_pubkey: Some(program_keypair.pubkey()), program_pubkey: Some(program_keypair.pubkey()),
upgrade_authority_signer_index: Some(0), upgrade_authority_signer_index: 0,
upgrade_authority_pubkey: Some(default_keypair.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
allow_excessive_balance: false, allow_excessive_balance: false,
@ -1745,34 +1708,6 @@ mod tests {
} }
); );
let authority_pubkey = Pubkey::new_unique();
let test_deploy = test_commands.clone().get_matches_from(vec![
"test",
"program",
"deploy",
"/Users/test/program.so",
"--upgrade-authority",
&authority_pubkey.to_string(),
]);
assert_eq!(
parse_command(&test_deploy, &default_signer, &mut None).unwrap(),
CliCommandInfo {
command: CliCommand::Program(ProgramCliCommand::Deploy {
program_location: Some("/Users/test/program.so".to_string()),
buffer_signer_index: None,
buffer_pubkey: None,
program_signer_index: None,
program_pubkey: None,
upgrade_authority_signer_index: None,
upgrade_authority_pubkey: Some(authority_pubkey),
is_final: false,
max_len: None,
allow_excessive_balance: false,
}),
signers: vec![read_keypair_file(&keypair_file).unwrap().into()],
}
);
let authority_keypair = Keypair::new(); let authority_keypair = Keypair::new();
let authority_keypair_file = make_tmp_path("authority_keypair_file"); let authority_keypair_file = make_tmp_path("authority_keypair_file");
write_keypair_file(&authority_keypair, &authority_keypair_file).unwrap(); write_keypair_file(&authority_keypair, &authority_keypair_file).unwrap();
@ -1793,8 +1728,7 @@ mod tests {
buffer_pubkey: None, buffer_pubkey: None,
program_signer_index: None, program_signer_index: None,
program_pubkey: None, program_pubkey: None,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(authority_keypair.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
allow_excessive_balance: false, allow_excessive_balance: false,
@ -1822,8 +1756,7 @@ mod tests {
buffer_pubkey: None, buffer_pubkey: None,
program_signer_index: None, program_signer_index: None,
program_pubkey: None, program_pubkey: None,
upgrade_authority_signer_index: Some(0), upgrade_authority_signer_index: 0,
upgrade_authority_pubkey: Some(default_keypair.pubkey()),
is_final: true, is_final: true,
max_len: None, max_len: None,
allow_excessive_balance: false, allow_excessive_balance: false,
@ -1861,7 +1794,6 @@ mod tests {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
buffer_authority_signer_index: Some(0), buffer_authority_signer_index: Some(0),
is_final: false,
max_len: None, max_len: None,
}), }),
signers: vec![read_keypair_file(&keypair_file).unwrap().into()], signers: vec![read_keypair_file(&keypair_file).unwrap().into()],
@ -1885,7 +1817,6 @@ mod tests {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
buffer_authority_signer_index: Some(0), buffer_authority_signer_index: Some(0),
is_final: false,
max_len: Some(42), max_len: Some(42),
}), }),
signers: vec![read_keypair_file(&keypair_file).unwrap().into()], signers: vec![read_keypair_file(&keypair_file).unwrap().into()],
@ -1912,7 +1843,6 @@ mod tests {
buffer_signer_index: Some(1), buffer_signer_index: Some(1),
buffer_pubkey: Some(buffer_keypair.pubkey()), buffer_pubkey: Some(buffer_keypair.pubkey()),
buffer_authority_signer_index: Some(0), buffer_authority_signer_index: Some(0),
is_final: false,
max_len: None, max_len: None,
}), }),
signers: vec![ signers: vec![
@ -1942,7 +1872,6 @@ mod tests {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
buffer_authority_signer_index: Some(1), buffer_authority_signer_index: Some(1),
is_final: false,
max_len: None, max_len: None,
}), }),
signers: vec![ signers: vec![
@ -1977,7 +1906,6 @@ mod tests {
buffer_signer_index: Some(1), buffer_signer_index: Some(1),
buffer_pubkey: Some(buffer_keypair.pubkey()), buffer_pubkey: Some(buffer_keypair.pubkey()),
buffer_authority_signer_index: Some(2), buffer_authority_signer_index: Some(2),
is_final: false,
max_len: None, max_len: None,
}), }),
signers: vec![ signers: vec![
@ -1987,60 +1915,6 @@ mod tests {
], ],
} }
); );
// specify authority
let test_deploy = test_commands.clone().get_matches_from(vec![
"test",
"program",
"write-buffer",
"/Users/test/program.so",
"--final",
]);
assert_eq!(
parse_command(&test_deploy, &default_signer, &mut None).unwrap(),
CliCommandInfo {
command: CliCommand::Program(ProgramCliCommand::WriteBuffer {
program_location: "/Users/test/program.so".to_string(),
buffer_signer_index: None,
buffer_pubkey: None,
buffer_authority_signer_index: Some(0),
is_final: true,
max_len: None,
}),
signers: vec![read_keypair_file(&keypair_file).unwrap().into()],
}
);
// specify both buffer and authority and final
let authority_keypair = Keypair::new();
let authority_keypair_file = make_tmp_path("authority_keypair_file");
write_keypair_file(&authority_keypair, &authority_keypair_file).unwrap();
let test_deploy = test_commands.clone().get_matches_from(vec![
"test",
"program",
"write-buffer",
"/Users/test/program.so",
"--buffer-authority",
&authority_keypair_file,
"--final",
]);
assert_eq!(
parse_command(&test_deploy, &default_signer, &mut None).unwrap(),
CliCommandInfo {
command: CliCommand::Program(ProgramCliCommand::WriteBuffer {
program_location: "/Users/test/program.so".to_string(),
buffer_signer_index: None,
buffer_pubkey: None,
buffer_authority_signer_index: Some(1),
is_final: true,
max_len: None,
}),
signers: vec![
read_keypair_file(&keypair_file).unwrap().into(),
read_keypair_file(&authority_keypair_file).unwrap().into(),
],
}
);
} }
#[test] #[test]
@ -2186,7 +2060,7 @@ mod tests {
command: CliCommand::Program(ProgramCliCommand::SetBufferAuthority { command: CliCommand::Program(ProgramCliCommand::SetBufferAuthority {
buffer_pubkey, buffer_pubkey,
buffer_authority_index: Some(0), buffer_authority_index: Some(0),
new_buffer_authority: Some(new_authority_pubkey), new_buffer_authority: new_authority_pubkey,
}), }),
signers: vec![read_keypair_file(&keypair_file).unwrap().into()], signers: vec![read_keypair_file(&keypair_file).unwrap().into()],
} }
@ -2210,65 +2084,11 @@ mod tests {
command: CliCommand::Program(ProgramCliCommand::SetBufferAuthority { command: CliCommand::Program(ProgramCliCommand::SetBufferAuthority {
buffer_pubkey, buffer_pubkey,
buffer_authority_index: Some(0), buffer_authority_index: Some(0),
new_buffer_authority: Some(new_authority_pubkey.pubkey()), new_buffer_authority: new_authority_pubkey.pubkey(),
}), }),
signers: vec![read_keypair_file(&keypair_file).unwrap().into()], signers: vec![read_keypair_file(&keypair_file).unwrap().into()],
} }
); );
let buffer_pubkey = Pubkey::new_unique();
let new_authority_pubkey = Keypair::new();
let new_authority_pubkey_file = make_tmp_path("authority_keypair_file");
write_keypair_file(&new_authority_pubkey, &new_authority_pubkey_file).unwrap();
let test_deploy = test_commands.clone().get_matches_from(vec![
"test",
"program",
"set-buffer-authority",
&buffer_pubkey.to_string(),
"--final",
]);
assert_eq!(
parse_command(&test_deploy, &default_signer, &mut None).unwrap(),
CliCommandInfo {
command: CliCommand::Program(ProgramCliCommand::SetBufferAuthority {
buffer_pubkey,
buffer_authority_index: Some(0),
new_buffer_authority: None,
}),
signers: vec![read_keypair_file(&keypair_file).unwrap().into()],
}
);
let buffer_pubkey = Pubkey::new_unique();
let authority = Keypair::new();
let authority_keypair_file = make_tmp_path("authority_keypair_file");
write_keypair_file(&authority, &authority_keypair_file).unwrap();
let new_authority_pubkey = Keypair::new();
let new_authority_pubkey_file = make_tmp_path("authority_keypair_file");
write_keypair_file(&new_authority_pubkey, &new_authority_pubkey_file).unwrap();
let test_deploy = test_commands.clone().get_matches_from(vec![
"test",
"program",
"set-buffer-authority",
&buffer_pubkey.to_string(),
"--buffer-authority",
&authority_keypair_file,
"--final",
]);
assert_eq!(
parse_command(&test_deploy, &default_signer, &mut None).unwrap(),
CliCommandInfo {
command: CliCommand::Program(ProgramCliCommand::SetBufferAuthority {
buffer_pubkey,
buffer_authority_index: Some(1),
new_buffer_authority: None,
}),
signers: vec![
read_keypair_file(&keypair_file).unwrap().into(),
read_keypair_file(&authority_keypair_file).unwrap().into(),
],
}
);
} }
#[test] #[test]
@ -2299,8 +2119,7 @@ mod tests {
buffer_pubkey: None, buffer_pubkey: None,
program_signer_index: None, program_signer_index: None,
program_pubkey: None, program_pubkey: None,
upgrade_authority_signer_index: None, upgrade_authority_signer_index: 0,
upgrade_authority_pubkey: Some(default_keypair.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
allow_excessive_balance: false, allow_excessive_balance: false,

179
cli/tests/program.rs
View File

@ -202,8 +202,8 @@ fn test_cli_program_deploy_no_authority() {
config.signers = vec![&keypair]; config.signers = vec![&keypair];
process_command(&config).unwrap(); process_command(&config).unwrap();
// Deploy a program with no authority // Deploy a program
config.signers = vec![&keypair]; config.signers = vec![&keypair, &upgrade_authority];
config.command = CliCommand::Program(ProgramCliCommand::Deploy { config.command = CliCommand::Program(ProgramCliCommand::Deploy {
program_location: Some(pathbuf.to_str().unwrap().to_string()), program_location: Some(pathbuf.to_str().unwrap().to_string()),
program_signer_index: None, program_signer_index: None,
@ -211,9 +211,8 @@ fn test_cli_program_deploy_no_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: None, upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: None, is_final: true,
is_final: false,
max_len: None, max_len: None,
}); });
let response = process_command(&config); let response = process_command(&config);
@ -236,8 +235,7 @@ fn test_cli_program_deploy_no_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(upgrade_authority.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
}); });
@ -308,8 +306,7 @@ fn test_cli_program_deploy_with_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(upgrade_authority.pubkey()),
is_final: false, is_final: false,
max_len: Some(max_len), max_len: Some(max_len),
}); });
@ -355,8 +352,7 @@ fn test_cli_program_deploy_with_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(upgrade_authority.pubkey()),
is_final: false, is_final: false,
max_len: Some(max_len), max_len: Some(max_len),
}); });
@ -397,8 +393,7 @@ fn test_cli_program_deploy_with_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(upgrade_authority.pubkey()),
is_final: false, is_final: false,
max_len: Some(max_len), max_len: Some(max_len),
}); });
@ -452,8 +447,7 @@ fn test_cli_program_deploy_with_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(new_upgrade_authority.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
}); });
@ -503,8 +497,7 @@ fn test_cli_program_deploy_with_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(new_upgrade_authority.pubkey()),
is_final: false, is_final: false,
max_len: None, max_len: None,
}); });
@ -519,8 +512,7 @@ fn test_cli_program_deploy_with_authority() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
allow_excessive_balance: false, allow_excessive_balance: false,
upgrade_authority_signer_index: Some(1), upgrade_authority_signer_index: 1,
upgrade_authority_pubkey: Some(new_upgrade_authority.pubkey()),
is_final: true, is_final: true,
max_len: None, max_len: None,
}); });
@ -610,7 +602,6 @@ fn test_cli_program_write_buffer() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
buffer_authority_signer_index: None, buffer_authority_signer_index: None,
is_final: false,
max_len: None, max_len: None,
}); });
let response = process_command(&config); let response = process_command(&config);
@ -644,7 +635,6 @@ fn test_cli_program_write_buffer() {
buffer_signer_index: Some(1), buffer_signer_index: Some(1),
buffer_pubkey: Some(buffer_keypair.pubkey()), buffer_pubkey: Some(buffer_keypair.pubkey()),
buffer_authority_signer_index: None, buffer_authority_signer_index: None,
is_final: false,
max_len: Some(max_len), max_len: Some(max_len),
}); });
let response = process_command(&config); let response = process_command(&config);
@ -682,7 +672,6 @@ fn test_cli_program_write_buffer() {
buffer_signer_index: Some(1), buffer_signer_index: Some(1),
buffer_pubkey: Some(buffer_keypair.pubkey()), buffer_pubkey: Some(buffer_keypair.pubkey()),
buffer_authority_signer_index: Some(2), buffer_authority_signer_index: Some(2),
is_final: false,
max_len: None, max_len: None,
}); });
let response = process_command(&config); let response = process_command(&config);
@ -720,7 +709,6 @@ fn test_cli_program_write_buffer() {
buffer_signer_index: None, buffer_signer_index: None,
buffer_pubkey: None, buffer_pubkey: None,
buffer_authority_signer_index: Some(2), buffer_authority_signer_index: Some(2),
is_final: false,
max_len: None, max_len: None,
}); });
let response = process_command(&config); let response = process_command(&config);
@ -746,35 +734,6 @@ fn test_cli_program_write_buffer() {
program_data[..] program_data[..]
); );
// Specify final
let buffer_keypair = Keypair::new();
let authority_keypair = Keypair::new();
config.signers = vec![&keypair, &buffer_keypair, &authority_keypair];
config.command = CliCommand::Program(ProgramCliCommand::WriteBuffer {
program_location: pathbuf.to_str().unwrap().to_string(),
buffer_signer_index: None,
buffer_pubkey: None,
buffer_authority_signer_index: Some(2),
is_final: true,
max_len: None,
});
let response = process_command(&config);
let json: Value = serde_json::from_str(&response.unwrap()).unwrap();
let buffer_pubkey_str = json
.as_object()
.unwrap()
.get("buffer")
.unwrap()
.as_str()
.unwrap();
let buffer_pubkey = Pubkey::from_str(&buffer_pubkey_str).unwrap();
let buffer_account = rpc_client.get_account(&buffer_pubkey).unwrap();
if let UpgradeableLoaderState::Buffer { authority_address } = buffer_account.state().unwrap() {
assert_eq!(authority_address, None);
} else {
panic!("not a buffer account");
}
server.close().unwrap(); server.close().unwrap();
remove_dir_all(ledger_path).unwrap(); remove_dir_all(ledger_path).unwrap();
} }
@ -834,7 +793,6 @@ fn test_cli_program_set_buffer_authority() {
buffer_signer_index: Some(1), buffer_signer_index: Some(1),
buffer_pubkey: Some(buffer_keypair.pubkey()), buffer_pubkey: Some(buffer_keypair.pubkey()),
buffer_authority_signer_index: None, buffer_authority_signer_index: None,
is_final: false,
max_len: None, max_len: None,
}); });
process_command(&config).unwrap(); process_command(&config).unwrap();
@ -851,7 +809,7 @@ fn test_cli_program_set_buffer_authority() {
config.command = CliCommand::Program(ProgramCliCommand::SetBufferAuthority { config.command = CliCommand::Program(ProgramCliCommand::SetBufferAuthority {
buffer_pubkey: buffer_keypair.pubkey(), buffer_pubkey: buffer_keypair.pubkey(),
buffer_authority_index: Some(0), buffer_authority_index: Some(0),
new_buffer_authority: Some(new_buffer_authority.pubkey()), new_buffer_authority: new_buffer_authority.pubkey(),
}); });
let response = process_command(&config); let response = process_command(&config);
let json: Value = serde_json::from_str(&response.unwrap()).unwrap(); let json: Value = serde_json::from_str(&response.unwrap()).unwrap();
@ -878,7 +836,7 @@ fn test_cli_program_set_buffer_authority() {
config.command = CliCommand::Program(ProgramCliCommand::SetBufferAuthority { config.command = CliCommand::Program(ProgramCliCommand::SetBufferAuthority {
buffer_pubkey: buffer_keypair.pubkey(), buffer_pubkey: buffer_keypair.pubkey(),
buffer_authority_index: Some(1), buffer_authority_index: Some(1),
new_buffer_authority: Some(buffer_keypair.pubkey()), new_buffer_authority: buffer_keypair.pubkey(),
}); });
let response = process_command(&config); let response = process_command(&config);
let json: Value = serde_json::from_str(&response.unwrap()).unwrap(); let json: Value = serde_json::from_str(&response.unwrap()).unwrap();
@ -900,30 +858,107 @@ fn test_cli_program_set_buffer_authority() {
panic!("not a buffer account"); panic!("not a buffer account");
} }
// Set authority to None server.close().unwrap();
config.signers = vec![&keypair, &buffer_keypair]; remove_dir_all(ledger_path).unwrap();
config.command = CliCommand::Program(ProgramCliCommand::SetBufferAuthority { }
buffer_pubkey: buffer_keypair.pubkey(),
buffer_authority_index: Some(1), #[test]
new_buffer_authority: None, fn test_cli_program_mismatch_buffer_authority() {
}); solana_logger::setup();
let response = process_command(&config);
let json: Value = serde_json::from_str(&response.unwrap()).unwrap(); let mut pathbuf = PathBuf::from(env!("CARGO_MANIFEST_DIR"));
let buffer_authority_str = json pathbuf.push("tests");
.as_object() pathbuf.push("fixtures");
.unwrap() pathbuf.push("noop");
.get("authority") pathbuf.set_extension("so");
.unwrap()
.as_str() let TestValidator {
server,
leader_data,
alice,
ledger_path,
..
} = TestValidator::run();
let (sender, receiver) = channel();
run_local_faucet(alice, sender, None);
let faucet_addr = receiver.recv().unwrap();
let rpc_client =
RpcClient::new_socket_with_commitment(leader_data.rpc, CommitmentConfig::recent());
let mut file = File::open(pathbuf.to_str().unwrap()).unwrap();
let mut program_data = Vec::new();
file.read_to_end(&mut program_data).unwrap();
let max_len = program_data.len();
let minimum_balance_for_buffer = rpc_client
.get_minimum_balance_for_rent_exemption(
UpgradeableLoaderState::programdata_len(max_len).unwrap(),
)
.unwrap(); .unwrap();
assert_eq!(buffer_authority_str, "none");
let mut config = CliConfig::recent_for_tests();
let keypair = Keypair::new();
config.json_rpc_url = format!("http://{}:{}", leader_data.rpc.ip(), leader_data.rpc.port());
config.signers = vec![&keypair];
config.command = CliCommand::Airdrop {
faucet_host: None,
faucet_port: faucet_addr.port(),
pubkey: None,
lamports: 100 * minimum_balance_for_buffer,
};
process_command(&config).unwrap();
// Write a buffer
let buffer_authority = Keypair::new();
let buffer_keypair = Keypair::new();
config.signers = vec![&keypair, &buffer_keypair, &buffer_authority];
config.command = CliCommand::Program(ProgramCliCommand::WriteBuffer {
program_location: pathbuf.to_str().unwrap().to_string(),
buffer_signer_index: Some(1),
buffer_pubkey: Some(buffer_keypair.pubkey()),
buffer_authority_signer_index: Some(2),
max_len: None,
});
process_command(&config).unwrap();
let buffer_account = rpc_client.get_account(&buffer_keypair.pubkey()).unwrap(); let buffer_account = rpc_client.get_account(&buffer_keypair.pubkey()).unwrap();
if let UpgradeableLoaderState::Buffer { authority_address } = buffer_account.state().unwrap() { if let UpgradeableLoaderState::Buffer { authority_address } = buffer_account.state().unwrap() {
assert_eq!(authority_address, None); assert_eq!(authority_address, Some(buffer_authority.pubkey()));
} else { } else {
panic!("not a buffer account"); panic!("not a buffer account");
} }
// Attempt to deploy with mismatched authority
let upgrade_authority = Keypair::new();
config.signers = vec![&keypair, &upgrade_authority];
config.command = CliCommand::Program(ProgramCliCommand::Deploy {
program_location: Some(pathbuf.to_str().unwrap().to_string()),
program_signer_index: None,
program_pubkey: None,
buffer_signer_index: None,
buffer_pubkey: Some(buffer_keypair.pubkey()),
allow_excessive_balance: false,
upgrade_authority_signer_index: 1,
is_final: true,
max_len: None,
});
process_command(&config).unwrap_err();
// Attempt to deploy matched authority
config.signers = vec![&keypair, &buffer_authority];
config.command = CliCommand::Program(ProgramCliCommand::Deploy {
program_location: Some(pathbuf.to_str().unwrap().to_string()),
program_signer_index: None,
program_pubkey: None,
buffer_signer_index: None,
buffer_pubkey: Some(buffer_keypair.pubkey()),
allow_excessive_balance: false,
upgrade_authority_signer_index: 1,
is_final: true,
max_len: None,
});
process_command(&config).unwrap();
server.close().unwrap(); server.close().unwrap();
remove_dir_all(ledger_path).unwrap(); remove_dir_all(ledger_path).unwrap();
} }

203
programs/bpf/tests/programs.rs
View File

@ -140,7 +140,13 @@ fn upgrade_bpf_program(
}); });
let mut elf = Vec::new(); let mut elf = Vec::new();
file.read_to_end(&mut elf).unwrap(); file.read_to_end(&mut elf).unwrap();
load_buffer_account(bank_client, payer_keypair, &buffer_keypair, &elf); load_buffer_account(
bank_client,
payer_keypair,
&buffer_keypair,
authority_keypair,
&elf,
);
upgrade_program( upgrade_program(
bank_client, bank_client,
payer_keypair, payer_keypair,
@ -1499,6 +1505,93 @@ fn test_program_bpf_upgrade() {
); );
} }
#[cfg(feature = "bpf_rust")]
#[test]
fn test_program_bpf_upgrade_and_invoke_in_same_tx() {
solana_logger::setup();
let GenesisConfigInfo {
genesis_config,
mint_keypair,
..
} = create_genesis_config(50);
let mut bank = Bank::new(&genesis_config);
let (name, id, entrypoint) = solana_bpf_loader_upgradeable_program!();
bank.add_builtin(&name, id, entrypoint);
let bank = Arc::new(bank);
let bank_client = BankClient::new_shared(&bank);
// Deploy upgrade program
let buffer_keypair = Keypair::new();
let program_keypair = Keypair::new();
let program_id = program_keypair.pubkey();
let authority_keypair = Keypair::new();
load_upgradeable_bpf_program(
&bank_client,
&mint_keypair,
&buffer_keypair,
&program_keypair,
&authority_keypair,
"noop",
);
let invoke_instruction = Instruction::new(
program_id,
&[0],
vec![
AccountMeta::new(program_id.clone(), false),
AccountMeta::new(clock::id(), false),
AccountMeta::new(fees::id(), false),
],
);
// Call upgradeable program
let result =
bank_client.send_and_confirm_instruction(&mint_keypair, invoke_instruction.clone());
assert!(result.is_ok());
// Prepare for upgrade
let buffer_keypair = Keypair::new();
let path = create_bpf_path("panic");
let mut file = File::open(&path).unwrap_or_else(|err| {
panic!("Failed to open {}: {}", path.display(), err);
});
let mut elf = Vec::new();
file.read_to_end(&mut elf).unwrap();
load_buffer_account(
&bank_client,
&mint_keypair,
&buffer_keypair,
&authority_keypair,
&elf,
);
// Invoke, then upgrade the program, and then invoke again in same tx
let message = Message::new(
&[
invoke_instruction.clone(),
bpf_loader_upgradeable::upgrade(
&program_id,
&buffer_keypair.pubkey(),
&authority_keypair.pubkey(),
&mint_keypair.pubkey(),
),
invoke_instruction,
],
Some(&mint_keypair.pubkey()),
);
let tx = Transaction::new(
&[&mint_keypair, &authority_keypair],
message.clone(),
bank.last_blockhash(),
);
let (result, _) = process_transaction_and_record_inner(&bank, tx);
assert_eq!(
result.unwrap_err(),
TransactionError::InstructionError(2, InstructionError::ProgramFailedToComplete)
);
}
#[cfg(feature = "bpf_rust")] #[cfg(feature = "bpf_rust")]
#[test] #[test]
fn test_program_bpf_invoke_upgradeable_via_cpi() { fn test_program_bpf_invoke_upgradeable_via_cpi() {
@ -1710,7 +1803,13 @@ fn test_program_bpf_upgrade_via_cpi() {
let mut elf = Vec::new(); let mut elf = Vec::new();
file.read_to_end(&mut elf).unwrap(); file.read_to_end(&mut elf).unwrap();
let buffer_keypair = Keypair::new(); let buffer_keypair = Keypair::new();
load_buffer_account(&bank_client, &mint_keypair, &buffer_keypair, &elf); load_buffer_account(
&bank_client,
&mint_keypair,
&buffer_keypair,
&authority_keypair,
&elf,
);
// Upgrade program via CPI // Upgrade program via CPI
let mut upgrade_instruction = bpf_loader_upgradeable::upgrade( let mut upgrade_instruction = bpf_loader_upgradeable::upgrade(
@ -1737,6 +1836,98 @@ fn test_program_bpf_upgrade_via_cpi() {
); );
} }
#[cfg(feature = "bpf_rust")]
#[test]
fn test_program_bpf_upgrade_self_via_cpi() {
solana_logger::setup();
let GenesisConfigInfo {
genesis_config,
mint_keypair,
..
} = create_genesis_config(50);
let mut bank = Bank::new(&genesis_config);
let (name, id, entrypoint) = solana_bpf_loader_program!();
bank.add_builtin(&name, id, entrypoint);
let (name, id, entrypoint) = solana_bpf_loader_upgradeable_program!();
bank.add_builtin(&name, id, entrypoint);
let bank = Arc::new(bank);
let bank_client = BankClient::new_shared(&bank);
let noop_program_id = load_bpf_program(&bank_client, &bpf_loader::id(), &mint_keypair, "noop");
// Deploy upgradeable program
let buffer_keypair = Keypair::new();
let program_keypair = Keypair::new();
let program_id = program_keypair.pubkey();
let authority_keypair = Keypair::new();
load_upgradeable_bpf_program(
&bank_client,
&mint_keypair,
&buffer_keypair,
&program_keypair,
&authority_keypair,
"solana_bpf_rust_invoke_and_return",
);
let mut invoke_instruction = Instruction::new(
program_id,
&[0],
vec![
AccountMeta::new(noop_program_id, false),
AccountMeta::new(noop_program_id, false),
AccountMeta::new(clock::id(), false),
AccountMeta::new(fees::id(), false),
],
);
// Call the upgraded program
invoke_instruction.data[0] += 1;
let result =
bank_client.send_and_confirm_instruction(&mint_keypair, invoke_instruction.clone());
assert!(result.is_ok());
// Prepare for upgrade
let buffer_keypair = Keypair::new();
let path = create_bpf_path("panic");
let mut file = File::open(&path).unwrap_or_else(|err| {
panic!("Failed to open {}: {}", path.display(), err);
});
let mut elf = Vec::new();
file.read_to_end(&mut elf).unwrap();
load_buffer_account(
&bank_client,
&mint_keypair,
&buffer_keypair,
&authority_keypair,
&elf,
);
// Invoke, then upgrade the program, and then invoke again in same tx
let message = Message::new(
&[
invoke_instruction.clone(),
bpf_loader_upgradeable::upgrade(
&program_id,
&buffer_keypair.pubkey(),
&authority_keypair.pubkey(),
&mint_keypair.pubkey(),
),
invoke_instruction,
],
Some(&mint_keypair.pubkey()),
);
let tx = Transaction::new(
&[&mint_keypair, &authority_keypair],
message.clone(),
bank.last_blockhash(),
);
let (result, _) = process_transaction_and_record_inner(&bank, tx);
assert_eq!(
result.unwrap_err(),
TransactionError::InstructionError(2, InstructionError::ProgramFailedToComplete)
);
}
#[cfg(feature = "bpf_rust")] #[cfg(feature = "bpf_rust")]
#[test] #[test]
fn test_program_upgradeable_locks() { fn test_program_upgradeable_locks() {
@ -1774,7 +1965,13 @@ fn test_program_upgradeable_locks() {
}); });
let mut elf = Vec::new(); let mut elf = Vec::new();
file.read_to_end(&mut elf).unwrap(); file.read_to_end(&mut elf).unwrap();
load_buffer_account(&bank_client, &mint_keypair, buffer_keypair, &elf); load_buffer_account(
&bank_client,
&mint_keypair,
buffer_keypair,
&payer_keypair,
&elf,
);
bank_client bank_client
.send_and_confirm_instruction( .send_and_confirm_instruction(

682
programs/bpf_loader/src/lib.rs
View File

File diff suppressed because it is too large Load Diff

10
runtime/src/bank.rs
View File

@ -4583,8 +4583,8 @@ impl Bank {
self.rent_collector.rent.burn_percent = 50; // 50% rent burn self.rent_collector.rent.burn_percent = 50; // 50% rent burn
} }
if new_feature_activations.contains(&feature_set::spl_token_v2_self_transfer_fix::id()) { if new_feature_activations.contains(&feature_set::spl_token_v2_multisig_fix::id()) {
self.apply_spl_token_v2_self_transfer_fix(); self.apply_spl_token_v2_multisig_fix();
} }
// Remove me after a while around v1.6 // Remove me after a while around v1.6
if !self.no_stake_rewrite.load(Relaxed) if !self.no_stake_rewrite.load(Relaxed)
@ -4676,7 +4676,7 @@ impl Bank {
} }
} }
fn apply_spl_token_v2_self_transfer_fix(&mut self) { fn apply_spl_token_v2_multisig_fix(&mut self) {
if let Some(mut account) = self.get_account(&inline_spl_token_v2_0::id()) { if let Some(mut account) = self.get_account(&inline_spl_token_v2_0::id()) {
self.capitalization.fetch_sub(account.lamports, Relaxed); self.capitalization.fetch_sub(account.lamports, Relaxed);
account.lamports = 0; account.lamports = 0;
@ -10840,7 +10840,7 @@ pub(crate) mod tests {
} }
#[test] #[test]
fn test_spl_token_v2_self_transfer_fix() { fn test_spl_token_v2_multisig_fix() {
let (genesis_config, _mint_keypair) = create_genesis_config(0); let (genesis_config, _mint_keypair) = create_genesis_config(0);
let mut bank = Bank::new(&genesis_config); let mut bank = Bank::new(&genesis_config);
@ -10855,7 +10855,7 @@ pub(crate) mod tests {
assert_eq!(bank.get_balance(&inline_spl_token_v2_0::id()), 100); assert_eq!(bank.get_balance(&inline_spl_token_v2_0::id()), 100);
let original_capitalization = bank.capitalization(); let original_capitalization = bank.capitalization();
bank.apply_spl_token_v2_self_transfer_fix(); bank.apply_spl_token_v2_multisig_fix();
// Account is now empty, and the account lamports were burnt // Account is now empty, and the account lamports were burnt
assert_eq!(bank.get_balance(&inline_spl_token_v2_0::id()), 0); assert_eq!(bank.get_balance(&inline_spl_token_v2_0::id()), 0);

23
runtime/src/loader_utils.rs
View File

@ -58,9 +58,11 @@ pub fn load_buffer_account<T: Client>(
bank_client: &T, bank_client: &T,
from_keypair: &Keypair, from_keypair: &Keypair,
buffer_keypair: &Keypair, buffer_keypair: &Keypair,
buffer_authority_keypair: &Keypair,
program: &[u8], program: &[u8],
) { ) {
let buffer_pubkey = buffer_keypair.pubkey(); let buffer_pubkey = buffer_keypair.pubkey();
let buffer_authority_pubkey = buffer_authority_keypair.pubkey();
bank_client bank_client
.send_and_confirm_message( .send_and_confirm_message(
@ -69,7 +71,7 @@ pub fn load_buffer_account<T: Client>(
&bpf_loader_upgradeable::create_buffer( &bpf_loader_upgradeable::create_buffer(
&from_keypair.pubkey(), &from_keypair.pubkey(),
&buffer_pubkey, &buffer_pubkey,
Some(&buffer_pubkey), &buffer_authority_pubkey,
1.max( 1.max(
bank_client bank_client
.get_minimum_balance_for_rent_exemption(program.len()) .get_minimum_balance_for_rent_exemption(program.len())
@ -89,14 +91,14 @@ pub fn load_buffer_account<T: Client>(
let message = Message::new( let message = Message::new(
&[bpf_loader_upgradeable::write( &[bpf_loader_upgradeable::write(
&buffer_pubkey, &buffer_pubkey,
None, &buffer_authority_pubkey,
offset, offset,
chunk.to_vec(), chunk.to_vec(),
)], )],
Some(&from_keypair.pubkey()), Some(&from_keypair.pubkey()),
); );
bank_client bank_client
.send_and_confirm_message(&[from_keypair, &buffer_keypair], message) .send_and_confirm_message(&[from_keypair, &buffer_authority_keypair], message)
.unwrap(); .unwrap();
offset += chunk_size as u32; offset += chunk_size as u32;
} }
@ -113,14 +115,20 @@ pub fn load_upgradeable_program<T: Client>(
let program_pubkey = executable_keypair.pubkey(); let program_pubkey = executable_keypair.pubkey();
let authority_pubkey = authority_keypair.pubkey(); let authority_pubkey = authority_keypair.pubkey();
load_buffer_account(bank_client, &from_keypair, buffer_keypair, &program); load_buffer_account(
bank_client,
&from_keypair,
buffer_keypair,
authority_keypair,
&program,
);
let message = Message::new( let message = Message::new(
&bpf_loader_upgradeable::deploy_with_max_program_len( &bpf_loader_upgradeable::deploy_with_max_program_len(
&from_keypair.pubkey(), &from_keypair.pubkey(),
&program_pubkey, &program_pubkey,
&buffer_keypair.pubkey(), &buffer_keypair.pubkey(),
Some(&authority_pubkey), &authority_pubkey,
1.max( 1.max(
bank_client bank_client
.get_minimum_balance_for_rent_exemption( .get_minimum_balance_for_rent_exemption(
@ -134,7 +142,10 @@ pub fn load_upgradeable_program<T: Client>(
Some(&from_keypair.pubkey()), Some(&from_keypair.pubkey()),
); );
bank_client bank_client
.send_and_confirm_message(&[from_keypair, &executable_keypair], message) .send_and_confirm_message(
&[from_keypair, &executable_keypair, &authority_keypair],
message,
)
.unwrap(); .unwrap();
} }

73
sdk/program/src/bpf_loader_upgradeable.rs
View File

@ -87,14 +87,10 @@ impl UpgradeableLoaderState {
pub fn create_buffer( pub fn create_buffer(
payer_address: &Pubkey, payer_address: &Pubkey,
buffer_address: &Pubkey, buffer_address: &Pubkey,
authority_address: Option<&Pubkey>, authority_address: &Pubkey,
lamports: u64, lamports: u64,
program_len: usize, program_len: usize,
) -> Result<Vec<Instruction>, InstructionError> { ) -> Result<Vec<Instruction>, InstructionError> {
let mut metas = vec![AccountMeta::new(*buffer_address, false)];
if let Some(authority_address) = authority_address {
metas.push(AccountMeta::new(*authority_address, false));
}
Ok(vec![ Ok(vec![
system_instruction::create_account( system_instruction::create_account(
payer_address, payer_address,
@ -103,7 +99,14 @@ pub fn create_buffer(
UpgradeableLoaderState::buffer_len(program_len)? as u64, UpgradeableLoaderState::buffer_len(program_len)? as u64,
&id(), &id(),
), ),
Instruction::new(id(), &UpgradeableLoaderInstruction::InitializeBuffer, metas), Instruction::new(
id(),
&UpgradeableLoaderInstruction::InitializeBuffer,
vec![
AccountMeta::new(*buffer_address, false),
AccountMeta::new_readonly(*authority_address, false),
],
),
]) ])
} }
@ -111,21 +114,17 @@ pub fn create_buffer(
/// buffer account. /// buffer account.
pub fn write( pub fn write(
buffer_address: &Pubkey, buffer_address: &Pubkey,
authority_address: Option<&Pubkey>, authority_address: &Pubkey,
offset: u32, offset: u32,
bytes: Vec<u8>, bytes: Vec<u8>,
) -> Instruction { ) -> Instruction {
let mut metas = vec![
AccountMeta::new(*buffer_address, false),
AccountMeta::new(*buffer_address, true),
];
if let Some(authority_address) = authority_address {
metas[1] = AccountMeta::new(*authority_address, true);
}
Instruction::new( Instruction::new(
id(), id(),
&UpgradeableLoaderInstruction::Write { offset, bytes }, &UpgradeableLoaderInstruction::Write { offset, bytes },
metas, vec![
AccountMeta::new(*buffer_address, false),
AccountMeta::new_readonly(*authority_address, true),
],
) )
} }
@ -136,23 +135,11 @@ pub fn deploy_with_max_program_len(
payer_address: &Pubkey, payer_address: &Pubkey,
program_address: &Pubkey, program_address: &Pubkey,
buffer_address: &Pubkey, buffer_address: &Pubkey,
upgrade_authority_address: Option<&Pubkey>, upgrade_authority_address: &Pubkey,
program_lamports: u64, program_lamports: u64,
max_data_len: usize, max_data_len: usize,
) -> Result<Vec<Instruction>, InstructionError> { ) -> Result<Vec<Instruction>, InstructionError> {
let (programdata_address, _) = Pubkey::find_program_address(&[program_address.as_ref()], &id()); let (programdata_address, _) = Pubkey::find_program_address(&[program_address.as_ref()], &id());
let mut metas = vec![
AccountMeta::new(*payer_address, true),
AccountMeta::new(programdata_address, false),
AccountMeta::new(*program_address, false),
AccountMeta::new(*buffer_address, false),
AccountMeta::new_readonly(sysvar::rent::id(), false),
AccountMeta::new_readonly(sysvar::clock::id(), false),
AccountMeta::new_readonly(crate::system_program::id(), false),
];
if let Some(address) = upgrade_authority_address {
metas.push(AccountMeta::new_readonly(*address, false));
}
Ok(vec![ Ok(vec![
system_instruction::create_account( system_instruction::create_account(
payer_address, payer_address,
@ -164,7 +151,16 @@ pub fn deploy_with_max_program_len(
Instruction::new( Instruction::new(
id(), id(),
&UpgradeableLoaderInstruction::DeployWithMaxDataLen { max_data_len }, &UpgradeableLoaderInstruction::DeployWithMaxDataLen { max_data_len },
metas, vec![
AccountMeta::new(*payer_address, true),
AccountMeta::new(programdata_address, false),
AccountMeta::new(*program_address, false),
AccountMeta::new(*buffer_address, false),
AccountMeta::new_readonly(sysvar::rent::id(), false),
AccountMeta::new_readonly(sysvar::clock::id(), false),
AccountMeta::new_readonly(crate::system_program::id(), false),
AccountMeta::new_readonly(*upgrade_authority_address, true),
],
), ),
]) ])
} }
@ -200,16 +196,17 @@ pub fn is_upgrade_instruction(instruction_data: &[u8]) -> bool {
pub fn set_buffer_authority( pub fn set_buffer_authority(
buffer_address: &Pubkey, buffer_address: &Pubkey,
current_authority_address: &Pubkey, current_authority_address: &Pubkey,
new_authority_address: Option<&Pubkey>, new_authority_address: &Pubkey,
) -> Instruction { ) -> Instruction {
let mut metas = vec![ Instruction::new(
AccountMeta::new(*buffer_address, false), id(),
AccountMeta::new_readonly(*current_authority_address, true), &UpgradeableLoaderInstruction::SetAuthority,
]; vec![
if let Some(address) = new_authority_address { AccountMeta::new(*buffer_address, false),
metas.push(AccountMeta::new_readonly(*address, false)); AccountMeta::new_readonly(*current_authority_address, true),
} AccountMeta::new_readonly(*new_authority_address, false),
Instruction::new(id(), &UpgradeableLoaderInstruction::SetAuthority, metas) ],
)
} }
/// Returns the instructions required to set a program's authority. /// Returns the instructions required to set a program's authority.

19
sdk/program/src/loader_upgradeable_instruction.rs
View File

@ -36,7 +36,7 @@ pub enum UpgradeableLoaderInstruction {
/// Deploy an executable program. /// Deploy an executable program.
/// ///
/// A program consists of a Program and ProgramData account pair. /// A program consists of a Program and ProgramData account pair.
/// - The Program account's address will serve as the program id any /// - The Program account's address will serve as the program id for any
/// instructions that execute this program. /// instructions that execute this program.
/// - The ProgramData account will remain mutable by the loader only and /// - The ProgramData account will remain mutable by the loader only and
/// holds the program data and authority information. The ProgramData /// holds the program data and authority information. The ProgramData
@ -54,21 +54,21 @@ pub enum UpgradeableLoaderInstruction {
/// The `DeployWithMaxDataLen` instruction does not require the ProgramData /// The `DeployWithMaxDataLen` instruction does not require the ProgramData
/// account be a signer and therefore MUST be included within the same /// account be a signer and therefore MUST be included within the same
/// Transaction as the system program's `CreateAccount` instruction that /// Transaction as the system program's `CreateAccount` instruction that
/// creates the Program account. Otherwise another party may initialize /// creates the Program account. Otherwise another party may initialize the
/// the account. /// account.
/// ///
/// # Account references /// # Account references
/// 0. [Signer] The payer account that will pay to create the ProgramData /// 0. [signer] The payer account that will pay to create the ProgramData
/// account. /// account.
/// 1. [writable] The uninitialized ProgramData account. /// 1. [writable] The uninitialized ProgramData account.
/// 2. [writable] The uninitialized Program account. /// 2. [writable] The uninitialized Program account.
/// 3. [writable] The Buffer account where the program data has been /// 3. [writable] The Buffer account where the program data has been
/// written. /// written. The buffer account's authority must match the program's
/// authority
/// 4. [] Rent sysvar. /// 4. [] Rent sysvar.
/// 5. [] Clock sysvar. /// 5. [] Clock sysvar.
/// 6. [] System program (`solana_sdk::system_program::id()`). /// 6. [] System program (`solana_sdk::system_program::id()`).
/// 7. [] The program's authority, optional, if omitted then the program /// 7. [signer] The program's authority
/// will no longer upgradeable.
DeployWithMaxDataLen { DeployWithMaxDataLen {
/// Maximum length that the program can be upgraded to. /// Maximum length that the program can be upgraded to.
max_data_len: usize, max_data_len: usize,
@ -81,14 +81,15 @@ pub enum UpgradeableLoaderInstruction {
/// ///
/// The Buffer account must contain sufficient lamports to fund the /// The Buffer account must contain sufficient lamports to fund the
/// ProgramData account to be rent-exempt, any additional lamports left over /// ProgramData account to be rent-exempt, any additional lamports left over
/// will be transferred to the spill, account leaving the Buffer account /// will be transferred to the spill account, leaving the Buffer account
/// balance at zero. /// balance at zero.
/// ///
/// # Account references /// # Account references
/// 0. [writable] The ProgramData account. /// 0. [writable] The ProgramData account.
/// 1. [writable] The Program account. /// 1. [writable] The Program account.
/// 2. [writable] The Buffer account where the program data has been /// 2. [writable] The Buffer account where the program data has been
/// written. /// written. The buffer account's authority must match the program's
/// authority
/// 3. [writable] The spill account. /// 3. [writable] The spill account.
/// 4. [] Rent sysvar. /// 4. [] Rent sysvar.
/// 5. [] Clock sysvar. /// 5. [] Clock sysvar.

6
sdk/src/feature_set.rs
View File

@ -162,8 +162,8 @@ pub mod prevent_upgrade_and_invoke {
solana_sdk::declare_id!("BiNjYd8jCYDgAwMqP91uwZs6skWpuHtKrZbckuKESs8N"); solana_sdk::declare_id!("BiNjYd8jCYDgAwMqP91uwZs6skWpuHtKrZbckuKESs8N");
} }
pub mod spl_token_v2_self_transfer_fix { pub mod matching_buffer_upgrade_authorities {
solana_sdk::declare_id!("BL99GYhdjjcv6ys22C9wPgn2aTVERDbPHHo4NbS3hgp7"); solana_sdk::declare_id!("B5PSjDEJvKJEUQSL7q94N7XCEoWJCYum8XfUg7yuugUU");
} }
lazy_static! { lazy_static! {
@ -205,7 +205,7 @@ lazy_static! {
(prevent_upgrade_and_invoke::id(), "Prevent upgrade and invoke in same tx batch"), (prevent_upgrade_and_invoke::id(), "Prevent upgrade and invoke in same tx batch"),
(full_inflation::candidate_example::vote::id(), "Community vote allowing candidate_example to enable full inflation"), (full_inflation::candidate_example::vote::id(), "Community vote allowing candidate_example to enable full inflation"),
(full_inflation::candidate_example::enable::id(), "Full inflation enabled by candidate_example"), (full_inflation::candidate_example::enable::id(), "Full inflation enabled by candidate_example"),
(spl_token_v2_self_transfer_fix::id(), "spl-token self-transfer fix"), (matching_buffer_upgrade_authorities::id(), "Upgradeable buffer and program authorities must match"),
/*************** ADD NEW FEATURES HERE ***************/ /*************** ADD NEW FEATURES HERE ***************/
] ]
.iter() .iter()