(cherry picked from commit ccdf93e2b8)
Co-authored-by: Jack May <jack@solana.com>
This commit is contained in:
mergify[bot]
GitHub
@ -26,6 +26,7 @@ fn bench_verify_account_changes_data(bencher: &mut Bencher) {
|
||||
&post,
|
||||
&mut ExecuteDetailsTimings::default(),
|
||||
false,
|
||||
true,
|
||||
),
|
||||
Ok(())
|
||||
);
|
||||
@ -39,6 +40,7 @@ fn bench_verify_account_changes_data(bencher: &mut Bencher) {
|
||||
&post,
|
||||
&mut ExecuteDetailsTimings::default(),
|
||||
false,
|
||||
true,
|
||||
)
|
||||
.unwrap();
|
||||
});
|
||||
@ -63,6 +65,7 @@ fn bench_verify_account_changes_data(bencher: &mut Bencher) {
|
||||
&post,
|
||||
&mut ExecuteDetailsTimings::default(),
|
||||
false,
|
||||
true,
|
||||
)
|
||||
.unwrap();
|
||||
});
|
||||
|
||||
@ -8,7 +8,7 @@ use solana_sdk::{
|
||||
account::{AccountSharedData, ReadableAccount, WritableAccount},
|
||||
account_utils::StateMut,
|
||||
bpf_loader_upgradeable::{self, UpgradeableLoaderState},
|
||||
feature_set::{instructions_sysvar_enabled, FeatureSet},
|
||||
feature_set::{instructions_sysvar_enabled, updated_verify_policy, FeatureSet},
|
||||
ic_logger_msg, ic_msg,
|
||||
instruction::{CompiledInstruction, Instruction, InstructionError},
|
||||
keyed_account::{create_keyed_accounts_unified, keyed_account_at_index, KeyedAccount},
|
||||
@ -103,6 +103,7 @@ impl PreAccount {
|
||||
post: &AccountSharedData,
|
||||
timings: &mut ExecuteDetailsTimings,
|
||||
outermost_call: bool,
|
||||
updated_verify_policy: bool,
|
||||
) -> Result<(), InstructionError> {
|
||||
let pre = self.account.borrow();
|
||||
|
||||
@ -171,9 +172,14 @@ impl PreAccount {
|
||||
if !rent.is_exempt(post.lamports(), post.data().len()) {
|
||||
return Err(InstructionError::ExecutableAccountNotRentExempt);
|
||||
}
|
||||
let owner = if updated_verify_policy {
|
||||
post.owner()
|
||||
} else {
|
||||
pre.owner()
|
||||
};
|
||||
if !is_writable // line coverage used to get branch coverage
|
||||
|| pre.executable()
|
||||
|| program_id != post.owner()
|
||||
|| program_id != owner
|
||||
{
|
||||
return Err(InstructionError::ExecutableModified);
|
||||
}
|
||||
@ -401,6 +407,7 @@ impl<'a> InvokeContext for ThisInvokeContext<'a> {
|
||||
write_privileges,
|
||||
&mut self.timings,
|
||||
logger,
|
||||
self.feature_set.is_active(&updated_verify_policy::id()),
|
||||
)
|
||||
}
|
||||
fn get_caller(&self) -> Result<&Pubkey, InstructionError> {
|
||||
@ -984,6 +991,7 @@ impl MessageProcessor {
|
||||
rent: &Rent,
|
||||
timings: &mut ExecuteDetailsTimings,
|
||||
logger: Rc<RefCell<dyn Logger>>,
|
||||
updated_verify_policy: bool,
|
||||
) -> Result<(), InstructionError> {
|
||||
// Verify all executable accounts have zero outstanding refs
|
||||
Self::verify_account_references(executable_accounts)?;
|
||||
@ -1009,6 +1017,7 @@ impl MessageProcessor {
|
||||
&account,
|
||||
timings,
|
||||
true,
|
||||
updated_verify_policy,
|
||||
)
|
||||
.map_err(|err| {
|
||||
ic_logger_msg!(
|
||||
@ -1044,6 +1053,7 @@ impl MessageProcessor {
|
||||
write_privileges: &[bool],
|
||||
timings: &mut ExecuteDetailsTimings,
|
||||
logger: Rc<RefCell<dyn Logger>>,
|
||||
updated_verify_policy: bool,
|
||||
) -> Result<(), InstructionError> {
|
||||
// Verify the per-account instruction results
|
||||
let (mut pre_sum, mut post_sum) = (0_u128, 0_u128);
|
||||
@ -1062,7 +1072,15 @@ impl MessageProcessor {
|
||||
}
|
||||
let account = account.borrow();
|
||||
pre_account
|
||||
.verify(program_id, is_writable, rent, &account, timings, false)
|
||||
.verify(
|
||||
program_id,
|
||||
is_writable,
|
||||
rent,
|
||||
&account,
|
||||
timings,
|
||||
false,
|
||||
updated_verify_policy,
|
||||
)
|
||||
.map_err(|err| {
|
||||
ic_logger_msg!(logger, "failed to verify account {}: {}", key, err);
|
||||
err
|
||||
@ -1152,6 +1170,7 @@ impl MessageProcessor {
|
||||
&rent_collector.rent,
|
||||
timings,
|
||||
invoke_context.get_logger(),
|
||||
invoke_context.is_feature_active(&updated_verify_policy::id()),
|
||||
)?;
|
||||
|
||||
timings.accumulate(&invoke_context.timings);
|
||||
@ -1448,6 +1467,7 @@ mod tests {
|
||||
&self.post,
|
||||
&mut ExecuteDetailsTimings::default(),
|
||||
false,
|
||||
true,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@ -151,6 +151,10 @@ pub mod vote_stake_checked_instructions {
|
||||
solana_sdk::declare_id!("BcWknVcgvonN8sL4HE4XFuEVgfcee5MwxWPAgP6ZV89X");
|
||||
}
|
||||
|
||||
pub mod updated_verify_policy {
|
||||
solana_sdk::declare_id!("k15tVxtkgsmo7dy6iJ56N5hBCxuQAtqRgYwoTDuwbia");
|
||||
}
|
||||
|
||||
lazy_static! {
|
||||
/// Map of feature identifiers to user-visible description
|
||||
pub static ref FEATURE_NAMES: HashMap<Pubkey, &'static str> = [
|
||||
@ -188,6 +192,7 @@ lazy_static! {
|
||||
(system_transfer_zero_check::id(), "perform all checks for transfers of 0 lamports"),
|
||||
(dedupe_config_program_signers::id(), "dedupe config program signers"),
|
||||
(vote_stake_checked_instructions::id(), "vote/state program checked instructions #18345"),
|
||||
(updated_verify_policy::id(), "Update verify policy"),
|
||||
/*************** ADD NEW FEATURES HERE ***************/
|
||||
]
|
||||
.iter()
|
||||
|
||||
Reference in New Issue
Block a user