Line data Source code
1 : #include "../../ballet/shred/fd_shred.h"
2 : #include "fd_fec_set.h"
3 : #include "../../ballet/sha512/fd_sha512.h"
4 : #include "../../ballet/reedsol/fd_reedsol.h"
5 : #include "../metrics/fd_metrics.h"
6 : #include "fd_fec_resolver.h"
7 :
8 : typedef union {
9 : fd_ed25519_sig_t u;
10 : ulong l;
11 : } wrapped_sig_t;
12 :
13 : typedef struct __attribute__((packed)) {
14 : ulong slot;
15 : uint fec_idx;
16 : } slot_fec_pair_t;
17 :
18 : struct __attribute__((aligned(32UL))) set_ctx {
19 : /* The leader's signature of the root of the Merkle tree of the shreds
20 : in this FEC set. */
21 : wrapped_sig_t sig;
22 :
23 : union {
24 : /* When allocated, it's in a map_chain by signature and a treap
25 : by (shred, FEC set idx). When it's not allocated, it is either
26 : in the free list or the completed list. Both of those slists use
27 : free_next. */
28 : struct {
29 : uint map_next;
30 : uint map_prev;
31 : uint treap_parent;
32 : uint treap_left;
33 : uint treap_right;
34 : uint treap_prio;
35 : };
36 : struct {
37 : uint free_next;
38 : };
39 : };
40 :
41 : ulong slot;
42 : uint fec_set_idx;
43 :
44 : uchar data_variant;
45 : uchar parity_variant;
46 :
47 : ulong total_rx_shred_cnt;
48 :
49 : fd_fec_set_t * set;
50 :
51 : fd_bmtree_node_t root;
52 : /* If this FEC set has resigned shreds, this is our signature of the
53 : root of the Merkle tree */
54 : wrapped_sig_t retransmitter_sig;
55 :
56 : union {
57 : fd_bmtree_commit_t tree[1];
58 : uchar _footprint[ FD_BMTREE_COMMIT_FOOTPRINT( FD_SHRED_MERKLE_LAYER_CNT ) ] __attribute__((aligned(FD_BMTREE_COMMIT_ALIGN)));
59 : };
60 : };
61 : typedef struct set_ctx set_ctx_t;
62 :
63 : #define MAP_NAME ctx_map
64 513 : #define MAP_KEY sig
65 : #define MAP_KEY_T wrapped_sig_t
66 16929 : #define MAP_IDX_T uint
67 3987 : #define MAP_NEXT map_next
68 2436 : #define MAP_PREV map_prev
69 252 : #define MAP_ELE_T set_ctx_t
70 8814 : #define MAP_KEY_EQ(k0,k1) (!memcmp( (k0)->u, (k1)->u, FD_ED25519_SIG_SZ ))
71 8829 : #define MAP_KEY_HASH(key,s) (fd_ulong_hash( (key)->l ^ (s) ))
72 : #define MAP_OPTIMIZE_RANDOM_ACCESS_REMOVAL 1
73 : #include "../../util/tmpl/fd_map_chain.c"
74 :
75 :
76 : #define SLIST_NAME ctx_list
77 : #define SLIST_ELE_T set_ctx_t
78 486 : #define SLIST_IDX_T uint
79 1107 : #define SLIST_NEXT free_next
80 : #include "../../util/tmpl/fd_slist.c"
81 :
82 :
83 : static inline int
84 : slot_fec_pair_compare( slot_fec_pair_t const * q,
85 48 : set_ctx_t const * e ) {
86 : /* It seems like
87 : return (int)( q->slot!=e->slot ?
88 : q->slot - e->slot :
89 : q->fec_idx - e->fec_set_idx );
90 : should work, but I am concerned about overflow since this is all
91 : attacker controlled input. */
92 48 : if( FD_LIKELY( q->slot !=e->slot ) ) return fd_int_if( q->slot <e->slot, -1, 1 );
93 48 : if( FD_LIKELY( q->fec_idx!=e->fec_set_idx ) ) return fd_int_if( q->fec_idx<e->fec_set_idx, -1, 1 );
94 0 : return 0;
95 48 : }
96 :
97 : #define TREAP_NAME ctx_treap
98 : #define TREAP_T set_ctx_t
99 1083 : #define TREAP_IDX_T uint
100 582 : #define TREAP_PARENT treap_parent
101 588 : #define TREAP_LEFT treap_left
102 618 : #define TREAP_RIGHT treap_right
103 483 : #define TREAP_PRIO treap_prio
104 69 : #define TREAP_LT(e0,e1) (((e0)->slot < (e1)->slot) | ( ((e0)->slot==(e1)->slot) & ((e0)->fec_set_idx < (e1)->fec_set_idx)))
105 : #define TREAP_QUERY_T slot_fec_pair_t const *
106 48 : #define TREAP_CMP(q,e) slot_fec_pair_compare( (q), (e) )
107 : #include "../../util/tmpl/fd_treap.c"
108 :
109 :
110 :
111 : /* Once we're done with a FEC set, it goes into a map_chain and heap,
112 : both keyed by (slot, FEC set idx). */
113 :
114 : struct done_ele {
115 : slot_fec_pair_t key;
116 : uint heap_left; /* also used by pool when not allocated */
117 : uint heap_right;
118 : uint map_next;
119 : uint map_prev;
120 : /* In order to save space in the done_map and make this struct 32
121 : bytes, we store a 32 bit validator-specific hash of the shred
122 : signature. If a malicious leader equivocates and produces two FEC
123 : sets which have the same hash for us, a task which takes a decent
124 : but doable amount of effort, the only impact is that we would
125 : reject the shreds with SHRED_IGNORED instead of SHRED_EQUIOC, which
126 : is not a big deal. It's documented that SHRED_EQUIVOC detection is
127 : on a best-effort basis. */
128 : uint sig_hash;
129 : };
130 : typedef struct done_ele done_ele_t;
131 :
132 : #define MAP_NAME done_map
133 300 : #define MAP_KEY key
134 : #define MAP_KEY_T slot_fec_pair_t
135 2268 : #define MAP_IDX_T uint
136 1161 : #define MAP_NEXT map_next
137 642 : #define MAP_PREV map_prev
138 141 : #define MAP_ELE_T done_ele_t
139 1080 : #define MAP_KEY_EQ(k0,k1) ( ((k0)->slot==(k1)->slot) & ((k0)->fec_idx==(k1)->fec_idx) )
140 1308 : #define MAP_KEY_HASH(key,s) ((fd_ulong_hash( (key)->slot ^ (s) ) ^ fd_uint_hash( (key)->fec_idx ^ (uint)(s>>19) )))
141 : #define MAP_OPTIMIZE_RANDOM_ACCESS_REMOVAL 1
142 : #include "../../util/tmpl/fd_map_chain.c"
143 :
144 : #define HEAP_NAME done_heap
145 360 : #define HEAP_IDX_T uint
146 774 : #define HEAP_LEFT heap_left
147 774 : #define HEAP_RIGHT heap_right
148 : #define HEAP_T done_ele_t
149 414 : #define HEAP_LT(e0,e1) (((e0)->key.slot < (e1)->key.slot) | \
150 414 : ( ((e0)->key.slot==(e1)->key.slot) & ((e0)->key.fec_idx < (e1)->key.fec_idx)))
151 : #include "../../util/tmpl/fd_heap.c"
152 :
153 : #define POOL_NAME done_pool
154 87 : #define POOL_T done_ele_t
155 : #define POOL_IDX_T uint
156 465 : #define POOL_NEXT heap_left
157 : #include "../../util/tmpl/fd_pool.c"
158 :
159 : struct __attribute__((aligned(FD_FEC_RESOLVER_ALIGN))) fd_fec_resolver {
160 : /* depth stores the number of FEC sets this resolver can track
161 : simultaneously. done_depth stores the depth of the done tcache,
162 : i.e. the number of done FEC set keys that this resolver remembers.
163 : partial_depth stores the minimum size of the free FEC set list.
164 : completed_depth stores the size of the completed FEC set list. */
165 : ulong depth;
166 : ulong partial_depth;
167 : ulong complete_depth;
168 : ulong done_depth;
169 :
170 : /* expected_shred_version: discard all shreds with a shred version
171 : other than the specified value */
172 : ushort expected_shred_version;
173 :
174 : /* ctx_pool: A flat array (not an fd_pool) of the set_ctx_t
175 : structures used to back ctx_map, ctx_treap, and the ctx
176 : freelists. */
177 : set_ctx_t * ctx_pool;
178 :
179 : /* ctx_map: A map (using fd_map_chain) from signatures to
180 : the context object with its relevant data for in progress FEC sets.
181 : This map contains at most `depth` elements at any time. */
182 : ctx_map_t * ctx_map;
183 :
184 : /* ctx_treap: A treap (using fd_treap) of the context objects for in
185 : progress FEC sets. They are sorted by (slot, FEC index) from
186 : smallest to largest. In the case of equivocation, multiple
187 : elements with the same key may be present, with no particular
188 : ordering between them. */
189 : ctx_treap_t ctx_treap[1];
190 :
191 : /* free_list and complete_list are slists (using fd_slist)
192 : of FEC set contexts that are not in ctx_map. See the long comment
193 : in the header for why there are two. In order to satisfy the
194 : invariants, technically we only need to store the FEC set memory,
195 : not the full context, but it's not that big of a difference
196 : (especially if partial_depth and complete_depth are small), and it
197 : simplifies memory management.
198 :
199 : Invariant: at every entry and exit to fd_fec_resolver_add_shred:
200 : - free_list has between partial_depth and partial_depth+depth
201 : elements.
202 : - complete_list has complete_depth elements
203 : (all these counts are inclusive). */
204 : ctx_list_t free_list[1];
205 : ctx_list_t complete_list[1];
206 :
207 : /* free_list_cnt: The number of items in free_list. */
208 : ulong free_list_cnt;
209 :
210 : /* done_pool: A pool (this time using fd_pool) of the done_ele_t
211 : elements that back done_map and done_heap. Invariant: each element
212 : is either (i) released and in the pool, or (ii) in both the
213 : done_map and done_heap. */
214 : done_ele_t * done_pool;
215 :
216 : /* done_map: A map (using fd_map_chain) mapping (slot, fec_idx) to an
217 : element of done_pool. Even in the presence of equivocation, a
218 : specific (slot, fec_idx) tuple occurs at most once in the map,
219 : and it's arbitrary which version is represented by sig_hash. In
220 : the presence of equivocation, the right shreds are probably being
221 : delivered using repair, which will bypass reading the sig_hash
222 : field, so it doesn't really matter. */
223 : done_map_t * done_map;
224 :
225 : /* done_heap: A min heap (using fd_heap) based on (slot, fec_idx) used
226 : to stop tracking done elements older than slot_old, and for
227 : eviction in the unlikely case that we run out of elements in the
228 : done_map. */
229 : done_heap_t done_heap[1];
230 :
231 : /* signer is used to sign shreds that require a retransmitter
232 : signature. sign_ctx is provided as the first argument to the
233 : function. */
234 : fd_fec_resolver_sign_fn * signer;
235 : void * sign_ctx;
236 :
237 : /* max_shred_idx is the exclusive upper bound for shred indices. We
238 : need to reject any shred with an index >= max_shred_idx, but we
239 : also want to reject anything that is part of an FEC set where the
240 : highest index of a shred in the FEC set will be >= max_shred_idx.
241 : */
242 : ulong max_shred_idx;
243 :
244 : /* slot_old: slot_old is the lowest slot for which shreds will be
245 : accepted. That is any shred with slot<slot_old is rejected by
246 : add_shred with INGORED. slot_old can only increase. */
247 : ulong slot_old;
248 :
249 : /* seed: done_map uses seed to compute a 32-bute hash of the FEC set's
250 : signature. */
251 : ulong seed;
252 :
253 : /* sha512 and reedsol are used for calculations while adding a shred.
254 : Their state outside a call to add_shred is indeterminate. */
255 : fd_sha512_t sha512[1];
256 : fd_reedsol_t reedsol[1];
257 :
258 : /* The footprint for the objects follows the struct and is in the same
259 : order as the pointers, namely:
260 : ctx_pool
261 : ctx_map
262 : done_pool
263 : done_map */
264 : };
265 :
266 : typedef struct fd_fec_resolver fd_fec_resolver_t;
267 :
268 : FD_FN_PURE ulong
269 : fd_fec_resolver_footprint( ulong depth,
270 : ulong partial_depth,
271 : ulong complete_depth,
272 3 : ulong done_depth ) {
273 3 : if( FD_UNLIKELY( (depth==0UL) | (partial_depth==0UL) | (complete_depth==0UL) | (done_depth==0UL) ) ) return 0UL;
274 3 : if( FD_UNLIKELY( (depth>UINT_MAX) | (partial_depth>UINT_MAX) | (complete_depth>UINT_MAX) ) ) return 0UL;
275 :
276 3 : ulong depth_sum = depth + partial_depth + complete_depth;
277 3 : if( FD_UNLIKELY( depth_sum>=UINT_MAX ) ) return 0UL;
278 :
279 3 : ulong ctx_chain_cnt = ctx_map_chain_cnt_est ( depth );
280 3 : ulong done_chain_cnt = done_map_chain_cnt_est( done_depth );
281 :
282 3 : ulong layout = FD_LAYOUT_INIT;
283 3 : layout = FD_LAYOUT_APPEND( layout, FD_FEC_RESOLVER_ALIGN, sizeof(fd_fec_resolver_t) );
284 3 : layout = FD_LAYOUT_APPEND( layout, alignof(set_ctx_t), sizeof(set_ctx_t)*depth_sum );
285 3 : layout = FD_LAYOUT_APPEND( layout, ctx_map_align(), ctx_map_footprint ( ctx_chain_cnt ) );
286 3 : layout = FD_LAYOUT_APPEND( layout, done_pool_align(), done_pool_footprint( done_depth ) );
287 3 : layout = FD_LAYOUT_APPEND( layout, done_map_align(), done_map_footprint ( done_chain_cnt ) );
288 :
289 3 : return FD_LAYOUT_FINI( layout, FD_FEC_RESOLVER_ALIGN );
290 3 : }
291 :
292 0 : FD_FN_CONST ulong fd_fec_resolver_align( void ) { return FD_FEC_RESOLVER_ALIGN; }
293 :
294 :
295 : void *
296 : fd_fec_resolver_new( void * shmem,
297 : fd_fec_resolver_sign_fn * signer,
298 : void * sign_ctx,
299 : ulong depth,
300 : ulong partial_depth,
301 : ulong complete_depth,
302 : ulong done_depth,
303 : fd_fec_set_t * sets,
304 : ulong max_shred_idx,
305 33 : ulong seed ) {
306 33 : if( FD_UNLIKELY( (depth==0UL) | (partial_depth==0UL) | (complete_depth==0UL) | (done_depth==0UL) ) ) return NULL;
307 33 : if( FD_UNLIKELY( (depth>UINT_MAX) | (partial_depth>UINT_MAX) | (complete_depth>UINT_MAX) ) ) return NULL;
308 :
309 33 : ulong depth_sum = depth + partial_depth + complete_depth;
310 33 : if( FD_UNLIKELY( depth_sum>=UINT_MAX ) ) return NULL;
311 :
312 33 : ulong ctx_chain_cnt = ctx_map_chain_cnt_est ( depth );
313 33 : ulong done_chain_cnt = done_map_chain_cnt_est( done_depth );
314 :
315 : /* round( 2^64 * ... */
316 33 : ulong seed0 = fd_ulong_hash( seed + 7640891576956012809UL ); /* sqrt(2)-1 */
317 33 : ulong seed1 = fd_ulong_hash( seed + 13503953896175478587UL ); /* sqrt(3)-1 */
318 33 : ulong seed2 = fd_ulong_hash( seed + 4354685564936845356UL ); /* sqrt(5)-2 */
319 33 : ulong seed3 = fd_ulong_hash( seed + 11912009170470909682UL ); /* sqrt(7)-2 */
320 :
321 33 : FD_SCRATCH_ALLOC_INIT( l, shmem );
322 33 : void * self = FD_SCRATCH_ALLOC_APPEND( l, FD_FEC_RESOLVER_ALIGN, sizeof(fd_fec_resolver_t) );
323 33 : void * _ctx_pool = FD_SCRATCH_ALLOC_APPEND( l, alignof(set_ctx_t), sizeof(set_ctx_t)*depth_sum );
324 33 : void * _ctx_map = FD_SCRATCH_ALLOC_APPEND( l, ctx_map_align(), ctx_map_footprint ( ctx_chain_cnt ) );
325 33 : void * _done_pool = FD_SCRATCH_ALLOC_APPEND( l, done_pool_align(), done_pool_footprint( done_depth ) );
326 33 : void * _done_map = FD_SCRATCH_ALLOC_APPEND( l, done_map_align(), done_map_footprint ( done_chain_cnt ) );
327 33 : FD_SCRATCH_ALLOC_FINI( l, FD_FEC_RESOLVER_ALIGN );
328 :
329 33 : fd_fec_resolver_t * resolver = (fd_fec_resolver_t *)self;
330 33 : void * _ctx_treap = resolver->ctx_treap;
331 33 : void * _free_list = resolver->free_list;
332 33 : void * _complete_list = resolver->complete_list;
333 33 : void * _done_heap = resolver->done_heap;
334 :
335 33 : if( FD_UNLIKELY( !ctx_map_new ( _ctx_map, ctx_chain_cnt, seed0 ) ) ) { FD_LOG_WARNING(( "ctx_map_new fail" )); return NULL; }
336 33 : if( FD_UNLIKELY( !ctx_treap_new( _ctx_treap, depth_sum ) ) ) { FD_LOG_WARNING(( "ctx_treap_new fail" )); return NULL; }
337 33 : if( FD_UNLIKELY( !ctx_list_new ( _free_list ) ) ) { FD_LOG_WARNING(( "ctx_list_new fail" )); return NULL; }
338 33 : if( FD_UNLIKELY( !ctx_list_new ( _complete_list ) ) ) { FD_LOG_WARNING(( "ctx_list_new fail" )); return NULL; }
339 33 : if( FD_UNLIKELY( !done_pool_new( _done_pool, done_depth ) ) ) { FD_LOG_WARNING(( "done_pool_new fail" )); return NULL; }
340 33 : if( FD_UNLIKELY( !done_map_new ( _done_map, done_chain_cnt, seed1 ) ) ) { FD_LOG_WARNING(( "done_map_new fail" )); return NULL; }
341 33 : if( FD_UNLIKELY( !done_heap_new( _done_heap, done_depth ) ) ) { FD_LOG_WARNING(( "done_heap_new fail" )); return NULL; }
342 :
343 33 : set_ctx_t * ctx_pool = (set_ctx_t *)_ctx_pool;
344 33 : fd_memset( ctx_pool, '\0', sizeof(set_ctx_t)*depth_sum );
345 186 : for( ulong i=0UL; i<depth_sum; i++ ) ctx_pool[i].set = sets + i;
346 33 : ctx_treap_seed( ctx_pool, depth_sum, seed2 );
347 :
348 : /* Initialize all the lists */
349 33 : ctx_list_t * free_list = ctx_list_join( _free_list ); FD_TEST( free_list ==resolver->free_list );
350 33 : ctx_list_t * complete_list = ctx_list_join( _complete_list ); FD_TEST( complete_list==resolver->complete_list );
351 :
352 141 : for( ulong i=0UL; i<depth+partial_depth; i++ ) { ctx_list_idx_push_tail( free_list, i, ctx_pool ); }
353 78 : for( ulong i=depth+partial_depth; i<depth_sum; i++ ) { ctx_list_idx_push_tail( complete_list, i, ctx_pool ); }
354 33 : ctx_list_leave( complete_list );
355 33 : ctx_list_leave( free_list );
356 :
357 33 : fd_sha512_new( resolver->sha512 );
358 :
359 33 : resolver->depth = depth;
360 33 : resolver->partial_depth = partial_depth;
361 33 : resolver->complete_depth = complete_depth;
362 33 : resolver->done_depth = done_depth;
363 33 : resolver->expected_shred_version = 0;
364 33 : resolver->free_list_cnt = depth+partial_depth;
365 33 : resolver->signer = signer;
366 33 : resolver->sign_ctx = sign_ctx;
367 33 : resolver->max_shred_idx = max_shred_idx;
368 33 : resolver->slot_old = 0UL;
369 33 : resolver->seed = seed3;
370 33 : return shmem;
371 33 : }
372 :
373 : fd_fec_resolver_t *
374 33 : fd_fec_resolver_join( void * shmem ) {
375 33 : fd_fec_resolver_t * resolver = (fd_fec_resolver_t *)shmem;
376 33 : ulong depth = resolver->depth;
377 33 : ulong partial_depth = resolver->partial_depth;
378 33 : ulong complete_depth = resolver->complete_depth;
379 33 : ulong done_depth = resolver->done_depth;
380 :
381 33 : ulong depth_sum = depth + partial_depth + complete_depth;
382 33 : if( FD_UNLIKELY( depth_sum>=UINT_MAX ) ) return NULL;
383 :
384 33 : ulong ctx_chain_cnt = ctx_map_chain_cnt_est ( depth );
385 33 : ulong done_chain_cnt = done_map_chain_cnt_est( done_depth );
386 :
387 33 : FD_SCRATCH_ALLOC_INIT( l, shmem );
388 33 : /* self */ FD_SCRATCH_ALLOC_APPEND( l, FD_FEC_RESOLVER_ALIGN, sizeof(fd_fec_resolver_t) );
389 33 : void * _ctx_pool = FD_SCRATCH_ALLOC_APPEND( l, alignof(set_ctx_t), sizeof(set_ctx_t)*depth_sum );
390 33 : void * _ctx_map = FD_SCRATCH_ALLOC_APPEND( l, ctx_map_align(), ctx_map_footprint ( ctx_chain_cnt ) );
391 33 : void * _done_pool = FD_SCRATCH_ALLOC_APPEND( l, done_pool_align(), done_pool_footprint( done_depth ) );
392 33 : void * _done_map = FD_SCRATCH_ALLOC_APPEND( l, done_map_align(), done_map_footprint ( done_chain_cnt ) );
393 33 : FD_SCRATCH_ALLOC_FINI( l, FD_FEC_RESOLVER_ALIGN );
394 :
395 33 : resolver->ctx_pool = (set_ctx_t *)_ctx_pool;
396 33 : resolver->ctx_map = ctx_map_join ( _ctx_map ); if( FD_UNLIKELY( !resolver->ctx_map ) ) return NULL;
397 33 : resolver->done_pool = done_pool_join( _done_pool ); if( FD_UNLIKELY( !resolver->done_pool ) ) return NULL;
398 33 : resolver->done_map = done_map_join ( _done_map ); if( FD_UNLIKELY( !resolver->done_map ) ) return NULL;
399 33 : if( FD_UNLIKELY( ctx_treap_join( resolver->ctx_treap )!= resolver->ctx_treap ) ) return NULL;
400 33 : if( FD_UNLIKELY( ctx_list_join ( resolver->free_list )!= resolver->free_list ) ) return NULL;
401 33 : if( FD_UNLIKELY( ctx_list_join ( resolver->complete_list )!= resolver->complete_list ) ) return NULL;
402 33 : if( FD_UNLIKELY( done_heap_join( resolver->done_heap )!= resolver->done_heap ) ) return NULL;
403 33 : if( FD_UNLIKELY( fd_sha512_join( resolver->sha512 )!= resolver->sha512 ) ) return NULL;
404 :
405 33 : return resolver;
406 33 : }
407 :
408 : void
409 : fd_fec_resolver_set_shred_version( fd_fec_resolver_t * resolver,
410 33 : ushort expected_shred_version ) {
411 33 : resolver->expected_shred_version = expected_shred_version;
412 33 : }
413 :
414 : void
415 : fd_fec_resolver_advance_slot_old( fd_fec_resolver_t * resolver,
416 3 : ulong slot_old ) {
417 3 : if( FD_UNLIKELY( slot_old <= resolver->slot_old ) ) return;
418 3 : resolver->slot_old = slot_old;
419 :
420 : /* Remove from done map */
421 3 : done_heap_t * done_heap = resolver->done_heap;
422 3 : done_map_t * done_map = resolver->done_map;
423 3 : done_ele_t * done_pool = resolver->done_pool;
424 :
425 6 : while( done_heap_ele_cnt( done_heap ) ) {
426 3 : done_ele_t * min_ele = done_heap_ele_peek_min( done_heap, done_pool );
427 3 : if( FD_UNLIKELY( min_ele->key.slot>=slot_old ) ) break;
428 3 : done_map_ele_remove_fast( done_map, min_ele, done_pool );
429 3 : done_heap_idx_remove_min( done_heap, done_pool );
430 3 : done_pool_ele_release ( done_pool, min_ele );
431 3 : }
432 :
433 : /* Remove from in progress map */
434 3 : ctx_map_t * ctx_map = resolver->ctx_map;
435 3 : ctx_treap_t * ctx_treap = resolver->ctx_treap;
436 3 : set_ctx_t * ctx_pool = resolver->ctx_pool;
437 3 : ctx_list_t * free_list = resolver->free_list;
438 :
439 3 : ctx_treap_fwd_iter_t next;
440 6 : for( ctx_treap_fwd_iter_t iter=ctx_treap_fwd_iter_init( ctx_treap, ctx_pool ); !ctx_treap_fwd_iter_done( iter ); iter=next ) {
441 3 : next = ctx_treap_fwd_iter_next( iter, ctx_pool );
442 3 : set_ctx_t * min_ele = ctx_treap_fwd_iter_ele( iter, ctx_pool );
443 3 : if( FD_UNLIKELY( min_ele->slot>=slot_old ) ) break;
444 :
445 3 : ctx_treap_ele_remove ( ctx_treap, min_ele, ctx_pool );
446 3 : ctx_map_ele_remove_fast( ctx_map, min_ele, ctx_pool );
447 3 : ctx_list_ele_push_head ( free_list, min_ele, ctx_pool );
448 3 : resolver->free_list_cnt++;
449 3 : }
450 :
451 3 : }
452 :
453 :
454 : int
455 : fd_fec_resolver_add_shred( fd_fec_resolver_t * resolver,
456 : fd_shred_t const * shred,
457 : ulong shred_sz,
458 : int is_repair,
459 : uchar const * leader_pubkey,
460 : fd_fec_set_t const * * out_fec_set,
461 : fd_shred_t const * * out_shred,
462 : fd_bmtree_node_t * out_merkle_root,
463 8439 : fd_fec_resolver_spilled_t * out_spilled ) {
464 : /* Unpack variables */
465 8439 : ulong partial_depth = resolver->partial_depth;
466 :
467 8439 : ctx_list_t * free_list = resolver->free_list;
468 8439 : ctx_list_t * complete_list = resolver->complete_list;
469 8439 : ctx_map_t * ctx_map = resolver->ctx_map;
470 8439 : ctx_treap_t * ctx_treap = resolver->ctx_treap;
471 8439 : set_ctx_t * ctx_pool = resolver->ctx_pool;
472 8439 : done_map_t * done_map = resolver->done_map;
473 8439 : done_ele_t * done_pool = resolver->done_pool;
474 8439 : done_heap_t * done_heap = resolver->done_heap;
475 :
476 8439 : fd_reedsol_t * reedsol = resolver->reedsol;
477 8439 : fd_sha512_t * sha512 = resolver->sha512;
478 :
479 : /* Invariants:
480 : * each set_ctx_t is in exactly one of ctx_map, freelist, or
481 : complete_list */
482 :
483 : /* Is this shred for a slot we've already rooted or otherwise don't
484 : care about? */
485 8439 : if( FD_UNLIKELY( shred->slot<resolver->slot_old ) ) return FD_FEC_RESOLVER_SHRED_IGNORED;
486 :
487 : /* Do a bunch of quick validity checks */
488 8337 : if( FD_UNLIKELY( shred->version!=resolver->expected_shred_version ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
489 8334 : if( FD_UNLIKELY( shred_sz<fd_shred_sz( shred ) ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
490 8334 : if( FD_UNLIKELY( shred->idx>=resolver->max_shred_idx ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
491 8322 : if( FD_UNLIKELY( shred->fec_set_idx>resolver->max_shred_idx-FD_FEC_SHRED_CNT ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
492 :
493 8319 : uchar variant = shred->variant;
494 8319 : uchar shred_type = fd_shred_type( variant );
495 :
496 8319 : int is_data_shred = fd_shred_is_data( shred_type );
497 :
498 8319 : if( !is_data_shred ) { /* Roughly 50/50 branch */
499 4350 : if( FD_UNLIKELY( (shred->code.data_cnt!=FD_FEC_SHRED_CNT) | (shred->code.code_cnt!=FD_FEC_SHRED_CNT) ) )
500 3 : return FD_FEC_RESOLVER_SHRED_REJECTED;
501 4347 : if( FD_UNLIKELY( shred->code.idx>=FD_FEC_SHRED_CNT ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
502 4347 : }
503 :
504 8316 : if( FD_UNLIKELY( (shred_type==FD_SHRED_TYPE_LEGACY_DATA) | (shred_type==FD_SHRED_TYPE_LEGACY_CODE) ) ) {
505 : /* Reject any legacy shreds */
506 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
507 0 : }
508 :
509 :
510 8316 : wrapped_sig_t const * w_sig = (wrapped_sig_t const *)shred->signature;
511 :
512 : /* Is this FEC set in progress? */
513 8316 : set_ctx_t * ctx = ctx_map_ele_query( ctx_map, w_sig, NULL, ctx_pool );
514 :
515 : /* If it's not in progress and it's repair, we will allocate a context
516 : for it, assuming all the other checks pass. If it's from Turbine,
517 : we'll be a little more sceptical about it: if we've already seen a
518 : FEC set for that same (slot, FEC set idx) pair, then we won't take
519 : it. */
520 8316 : if( FD_UNLIKELY( (ctx==NULL) & (!is_repair) ) ) {
521 : /* Most likely, it's just done. */
522 789 : slot_fec_pair_t slot_fec_pair[1] = {{ .slot = shred->slot, .fec_idx = shred->fec_set_idx }};
523 789 : done_ele_t * done_ele = done_map_ele_query( done_map, slot_fec_pair, NULL, done_pool );
524 789 : if( FD_LIKELY( done_ele ) ) {
525 552 : ulong sig_hash = fd_hash( resolver->seed, w_sig, sizeof(wrapped_sig_t) );
526 552 : return fd_int_if( (uint)sig_hash==done_ele->sig_hash, FD_FEC_RESOLVER_SHRED_IGNORED, FD_FEC_RESOLVER_SHRED_EQUIVOC );
527 552 : }
528 :
529 : /* If it's not done, then check for the unlikely case we have it
530 : in progress with a different signature. */
531 237 : if( FD_UNLIKELY( ctx_treap_ele_query_const( ctx_treap, slot_fec_pair, ctx_pool ) ) ) return FD_FEC_RESOLVER_SHRED_EQUIVOC;
532 237 : }
533 :
534 : /* If we've made it here, then we'll keep this shred as long as
535 : it is valid. */
536 :
537 7764 : fd_bmtree_node_t leaf[1];
538 :
539 : /* For the purposes of the shred header, tree_depth means the number
540 : of nodes, counting the leaf but excluding the root. For bmtree,
541 : depth means the number of layers, which counts both. */
542 7764 : ulong tree_depth = fd_shred_merkle_cnt( variant ); /* In [0, 15] */
543 7764 : ulong reedsol_protected_sz = 1115UL + FD_SHRED_DATA_HEADER_SZ - FD_SHRED_SIGNATURE_SZ - FD_SHRED_MERKLE_NODE_SZ*tree_depth
544 7764 : - FD_SHRED_MERKLE_ROOT_SZ*fd_shred_is_chained ( shred_type )
545 7764 : - FD_SHRED_SIGNATURE_SZ *fd_shred_is_resigned( shred_type); /* In [743, 1139] conservatively*/
546 7764 : ulong data_merkle_protected_sz = reedsol_protected_sz + FD_SHRED_MERKLE_ROOT_SZ*fd_shred_is_chained( shred_type );
547 7764 : ulong parity_merkle_protected_sz = reedsol_protected_sz + FD_SHRED_MERKLE_ROOT_SZ*fd_shred_is_chained( shred_type )
548 7764 : + FD_SHRED_CODE_HEADER_SZ - FD_ED25519_SIG_SZ;
549 7764 : ulong merkle_protected_sz = fd_ulong_if( is_data_shred, data_merkle_protected_sz, parity_merkle_protected_sz );
550 :
551 7764 : fd_bmtree_hash_leaf( leaf, (uchar const *)shred + sizeof(fd_ed25519_sig_t), merkle_protected_sz, FD_BMTREE_LONG_PREFIX_SZ );
552 :
553 : /* in_type_idx is between [0, code.data_cnt) or [0, code.code_cnt),
554 : where data_cnt <= FD_FEC_SHRED_CNT and code_cnt <= FD_FEC_SHRED_CNT
555 : On the other hand, shred_idx, goes from [0, code.data_cnt +
556 : code.code_cnt), with all the data shreds having
557 : shred_idx < code.data_cnt and all the parity shreds having
558 : shred_idx >= code.data_cnt. */
559 7764 : ulong in_type_idx = fd_ulong_if( is_data_shred, shred->idx - shred->fec_set_idx, shred->code.idx );
560 7764 : ulong shred_idx = fd_ulong_if( is_data_shred, in_type_idx, in_type_idx + shred->code.data_cnt );
561 :
562 7764 : if( FD_UNLIKELY( ( shred->fec_set_idx % FD_FEC_SHRED_CNT ) != 0UL ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
563 7671 : if( FD_UNLIKELY( in_type_idx >= FD_FEC_SHRED_CNT ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
564 7671 : if( is_data_shred ) {
565 : /* if it has data complete, it must be the last one in the FEC. */
566 3660 : if( FD_UNLIKELY( (shred->data.flags & FD_SHRED_DATA_FLAG_SLOT_COMPLETE) && ((1UL+shred->idx) % FD_FEC_SHRED_CNT) ) )
567 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
568 3660 : }
569 :
570 : /* This, combined with the check on shred->code.data_cnt implies that
571 : shred_idx is in [0, 2*FD_FEC_SHRED_CNT). */
572 :
573 7671 : if( FD_UNLIKELY( tree_depth>FD_SHRED_MERKLE_LAYER_CNT-1UL ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
574 7671 : if( FD_UNLIKELY( fd_bmtree_depth( shred_idx+1UL ) > tree_depth+1UL ) ) return FD_FEC_RESOLVER_SHRED_REJECTED;
575 :
576 7671 : if( FD_UNLIKELY( !ctx ) ) { /* This is the first shred in the FEC set */
577 :
578 264 : if( FD_UNLIKELY( resolver->free_list_cnt<=partial_depth ) ) {
579 : /* Packet loss is really high and we have a lot of in-progress FEC
580 : sets that we haven't been able to finish. Evict the context
581 : with the highest (slot, FEC idx). This is the one that is the
582 : farthest away from what we're currently replaying, which means
583 : we have the longest time to request it via repair if we
584 : actually need it. This also handles the case where a leader
585 : sends some shreds from their slots that are far in the future
586 : in this epoch. */
587 30 : set_ctx_t * victim_ctx = ctx_treap_rev_iter_ele( ctx_treap_rev_iter_init( ctx_treap, ctx_pool ), ctx_pool );
588 :
589 30 : if( FD_LIKELY( out_spilled ) ) {
590 6 : out_spilled->slot = victim_ctx->slot;
591 6 : out_spilled->fec_set_idx = victim_ctx->fec_set_idx;
592 6 : *out_spilled->merkle_root = victim_ctx->root;
593 6 : }
594 :
595 30 : fd_fec_set_t * set = victim_ctx->set;
596 :
597 : /* TODO: remove this log */
598 30 : FD_LOG_INFO(( "Spilled from fec_resolver in-progress map %lu %u, data_shreds_rcvd %x, parity_shreds_rcvd %x", victim_ctx->slot, victim_ctx->fec_set_idx, set->data_shred_rcvd, set->parity_shred_rcvd ));
599 :
600 : /* Remove from treap and map, then add to free_list */
601 30 : ctx_treap_ele_remove ( ctx_treap, victim_ctx, ctx_pool );
602 30 : ctx_map_ele_remove_fast( ctx_map, victim_ctx, ctx_pool );
603 :
604 30 : ctx_list_ele_push_tail ( free_list, victim_ctx, ctx_pool );
605 30 : resolver->free_list_cnt++;
606 :
607 30 : FD_MCNT_INC( SHRED, FEC_SET_SPILLED, 1UL );
608 30 : }
609 : /* Now we know |free_list|>partial_depth */
610 :
611 264 : ctx = ctx_list_ele_pop_head( free_list, ctx_pool );
612 264 : resolver->free_list_cnt--;
613 :
614 : /* Now we need to derive the root of the Merkle tree and verify the
615 : signature to prevent a DOS attack just by sending lots of invalid
616 : shreds. */
617 264 : fd_bmtree_commit_t * tree;
618 264 : tree = fd_bmtree_commit_init( ctx->_footprint, FD_SHRED_MERKLE_NODE_SZ, FD_BMTREE_LONG_PREFIX_SZ, FD_SHRED_MERKLE_LAYER_CNT );
619 264 : FD_TEST( tree==ctx->tree );
620 :
621 264 : fd_bmtree_node_t _root[1];
622 264 : fd_shred_merkle_t const * proof = fd_shred_merkle_nodes( shred );
623 264 : int rv = fd_bmtree_commitp_insert_with_proof( tree, shred_idx, leaf, (uchar const *)proof, tree_depth, _root );
624 264 : if( FD_UNLIKELY( !rv ) ) {
625 0 : ctx_list_ele_push_head( free_list, ctx, ctx_pool );
626 0 : resolver->free_list_cnt++;
627 0 : FD_MCNT_INC( SHRED, SHRED_REJECTED_INITIAL, 1UL );
628 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
629 0 : }
630 :
631 264 : if( FD_UNLIKELY( FD_ED25519_SUCCESS != fd_ed25519_verify( _root->hash, 32UL, shred->signature, leader_pubkey, sha512 ) ) ) {
632 0 : ctx_list_ele_push_head( free_list, ctx, ctx_pool );
633 0 : resolver->free_list_cnt++;
634 0 : FD_MCNT_INC( SHRED, SHRED_REJECTED_INITIAL, 1UL );
635 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
636 0 : }
637 :
638 : /* This seems like a legitimate FEC set, so we populate the rest of
639 : the fields, then add it to the map and treap. */
640 264 : ctx->sig = *w_sig;
641 264 : ctx->slot = shred->slot;
642 264 : ctx->fec_set_idx = shred->fec_set_idx;
643 264 : ctx->data_variant = fd_uchar_if( is_data_shred, variant, fd_shred_variant( fd_shred_swap_type( shred_type ), (uchar)tree_depth ) );
644 264 : ctx->parity_variant = fd_uchar_if( !is_data_shred, variant, fd_shred_variant( fd_shred_swap_type( shred_type ), (uchar)tree_depth ) );
645 264 : ctx->total_rx_shred_cnt = 0UL;
646 264 : ctx->root = *_root;
647 :
648 264 : if( FD_UNLIKELY( fd_shred_is_resigned( shred_type ) & !!(resolver->signer) ) ) {
649 3 : resolver->signer( resolver->sign_ctx, ctx->retransmitter_sig.u, _root->hash );
650 261 : } else {
651 261 : fd_memset( ctx->retransmitter_sig.u, 0, 64UL );
652 261 : }
653 :
654 : /* Reset the FEC set */
655 264 : ctx->set->data_shred_rcvd = 0U;
656 264 : ctx->set->parity_shred_rcvd = 0U;
657 :
658 264 : ctx_map_ele_insert ( ctx_map, ctx, ctx_pool );
659 264 : ctx_treap_ele_insert( ctx_treap, ctx, ctx_pool );
660 :
661 : /* Copy the merkle root into the output arg. */
662 264 : if( FD_LIKELY( out_merkle_root ) ) memcpy( out_merkle_root, ctx->root.hash, sizeof(fd_bmtree_node_t) );
663 :
664 7407 : } else {
665 : /* This is not the first shred in the set */
666 :
667 : /* First ensure that all the shreds in the FEC set have consistent
668 : variants. They all must have the same tree_depth and the same
669 : chained/not chained, resigned/not resigned bits. */
670 7407 : if( FD_UNLIKELY( variant!=fd_uchar_if( is_data_shred, ctx->data_variant, ctx->parity_variant ) ) ) {
671 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
672 0 : }
673 :
674 7407 : fd_shred_merkle_t const * proof = fd_shred_merkle_nodes( shred );
675 7407 : int rv = fd_bmtree_commitp_insert_with_proof( ctx->tree, shred_idx, leaf, (uchar const *)proof, tree_depth, out_merkle_root );
676 7407 : if( !rv ) return FD_FEC_RESOLVER_SHRED_REJECTED;
677 :
678 : /* Check to make sure this is not a duplicate */
679 7398 : int shred_dup = !!(fd_uint_if( is_data_shred, ctx->set->data_shred_rcvd, ctx->set->parity_shred_rcvd ) & (1U << in_type_idx));
680 7398 : if( FD_UNLIKELY( shred_dup ) ) return FD_FEC_RESOLVER_SHRED_DUPLICATE;
681 7398 : }
682 :
683 : /* At this point, the shred has passed Merkle validation and is new.
684 : We also know that ctx is a pointer to the set_ctx_t where this
685 : shred belongs. */
686 :
687 : /* Copy the shred to memory the FEC resolver owns */
688 7413 : uchar * dst = is_data_shred ? ctx->set->data_shreds[ in_type_idx ].b : ctx->set->parity_shreds[ in_type_idx ].b;
689 7413 : fd_memcpy( dst, shred, fd_shred_sz( shred ) );
690 :
691 : /* If the shred needs a retransmitter signature, set it */
692 7413 : if( FD_UNLIKELY( fd_shred_is_resigned( shred_type ) ) ) {
693 672 : memcpy( dst + fd_shred_retransmitter_sig_off( (fd_shred_t *)dst ), ctx->retransmitter_sig.u, 64UL );
694 672 : }
695 :
696 7413 : ctx->set->data_shred_rcvd |= (uint)(!!is_data_shred)<<in_type_idx;
697 7413 : ctx->set->parity_shred_rcvd |= (uint)( !is_data_shred)<<in_type_idx;
698 7413 : ctx->total_rx_shred_cnt++;
699 :
700 7413 : *out_shred = (fd_shred_t const *)dst;
701 :
702 : /* Do we have enough to begin reconstruction? */
703 7413 : if( FD_LIKELY( ctx->total_rx_shred_cnt < FD_FEC_SHRED_CNT ) ) return FD_FEC_RESOLVER_SHRED_OKAY;
704 :
705 : /* At this point, the FEC set is either valid or permanently invalid,
706 : so we can consider it done either way. */
707 :
708 219 : done_ele_t * done = NULL;
709 219 : if( FD_UNLIKELY( !done_pool_free( done_pool ) ) ) {
710 : /* Done map is full, so we'll forget about the oldest slot */
711 138 : ulong worst_idx = done_heap_idx_peek_min( done_heap );
712 138 : FD_TEST( worst_idx!=done_heap_idx_null() ); /* Done pool can't be empty and full at the same time */
713 138 : done_heap_idx_remove_min( done_heap, done_pool );
714 138 : done_map_idx_remove_fast( done_map, worst_idx, done_pool );
715 138 : done_pool_idx_release( done_pool, worst_idx );
716 : /* Now it's not empty */
717 138 : }
718 :
719 : /* If it's already in the done map, we don't need to re-insert it.
720 : It's not very clear what we should do if the sig_hashes differ, but
721 : this can only happen the second insert was a repair shred, and in
722 : that case, it gets bypassed anyway, so it doesn't really matter.
723 : We'll just keep the existing value in that case. */
724 219 : slot_fec_pair_t done_key[1] = {{ .slot = ctx->slot, .fec_idx = ctx->fec_set_idx }};
725 219 : if( FD_LIKELY( !done_map_ele_query( done_map, done_key, NULL, done_pool ) ) ) {
726 219 : done = done_pool_ele_acquire( done_pool );
727 :
728 219 : done->key.slot = ctx->slot;
729 219 : done->key.fec_idx = ctx->fec_set_idx;
730 219 : done->sig_hash = (uint)fd_hash( resolver->seed, w_sig, sizeof(wrapped_sig_t) );
731 :
732 219 : done_heap_ele_insert( done_heap, done, done_pool );
733 219 : done_map_ele_insert ( done_map, done, done_pool );
734 219 : }
735 :
736 :
737 219 : ctx_map_ele_remove_fast( ctx_map, ctx, ctx_pool );
738 219 : ctx_treap_ele_remove ( ctx_treap, ctx, ctx_pool );
739 : /* At this point, ctx is not in any of the data structures, so we need
740 : to be sure to add it to one of the lists before exiting. */
741 :
742 219 : fd_fec_set_t * set = ctx->set;
743 219 : fd_bmtree_commit_t * tree = ctx->tree;
744 :
745 219 : reedsol = fd_reedsol_recover_init( (void*)reedsol, reedsol_protected_sz );
746 7227 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) {
747 7008 : uchar * rs_payload = set->data_shreds[ i ].b + sizeof(fd_ed25519_sig_t);
748 7008 : if( set->data_shred_rcvd&(1U<<i) ) fd_reedsol_recover_add_rcvd_shred ( reedsol, 1, rs_payload );
749 3615 : else fd_reedsol_recover_add_erased_shred( reedsol, 1, rs_payload );
750 7008 : }
751 7227 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) {
752 7008 : uchar * rs_payload = set->parity_shreds[ i ].b + FD_SHRED_CODE_HEADER_SZ;
753 7008 : if( set->parity_shred_rcvd&(1U<<i) ) fd_reedsol_recover_add_rcvd_shred ( reedsol, 0, rs_payload );
754 3393 : else fd_reedsol_recover_add_erased_shred( reedsol, 0, rs_payload );
755 7008 : }
756 :
757 219 : if( FD_UNLIKELY( FD_REEDSOL_SUCCESS != fd_reedsol_recover_fini( reedsol ) ) ) {
758 : /* A few lines up, we already checked to make sure it wasn't the
759 : insufficient case, so it must be the inconsistent case. That
760 : means the leader signed a shred with invalid Reed-Solomon FEC
761 : set. This shouldn't happen in practice, but we need to handle it
762 : for the malicious leader case. This should probably be a
763 : slash-able offense. */
764 0 : ctx_list_ele_push_tail( free_list, ctx, ctx_pool );
765 0 : resolver->free_list_cnt++;
766 0 : FD_MCNT_INC( SHRED, FEC_REJECTED_FATAL, 1UL );
767 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
768 0 : }
769 :
770 219 : uchar const * chained_root = fd_ptr_if( fd_shred_is_chained( shred_type ), (uchar *)shred+fd_shred_chain_off( variant ), NULL );
771 :
772 : /* Iterate over recovered shreds, add them to the Merkle tree,
773 : populate headers and signatures. */
774 7227 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) {
775 7008 : if( !(set->data_shred_rcvd&(1U<<i)) ) {
776 3615 : fd_memcpy( set->data_shreds[i].b, shred, sizeof(fd_ed25519_sig_t) );
777 3615 : if( FD_LIKELY( fd_shred_is_chained( shred_type ) ) ) {
778 3615 : fd_memcpy( set->data_shreds[i].b+fd_shred_chain_off( ctx->data_variant ), chained_root, FD_SHRED_MERKLE_ROOT_SZ );
779 3615 : }
780 3615 : fd_bmtree_hash_leaf( leaf, set->data_shreds[i].b+sizeof(fd_ed25519_sig_t), data_merkle_protected_sz, FD_BMTREE_LONG_PREFIX_SZ );
781 3615 : if( FD_UNLIKELY( !fd_bmtree_commitp_insert_with_proof( tree, i, leaf, NULL, 0, NULL ) ) ) {
782 0 : ctx_list_ele_push_tail( free_list, ctx, ctx_pool );
783 0 : resolver->free_list_cnt++;
784 0 : FD_MCNT_INC( SHRED, FEC_REJECTED_FATAL, 1UL );
785 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
786 0 : }
787 3615 : }
788 7008 : }
789 :
790 7227 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) {
791 7008 : if( !(set->parity_shred_rcvd&(1U<<i)) ) {
792 3393 : fd_shred_t * p_shred = set->parity_shreds[i].s; /* We can't parse because we haven't populated the header */
793 3393 : fd_memcpy( p_shred->signature, shred->signature, sizeof(fd_ed25519_sig_t) );
794 3393 : p_shred->variant = ctx->parity_variant;
795 3393 : p_shred->slot = shred->slot;
796 3393 : p_shred->idx = (uint)(i + ctx->fec_set_idx);
797 3393 : p_shred->version = shred->version;
798 3393 : p_shred->fec_set_idx = (uint)ctx->fec_set_idx;
799 3393 : p_shred->code.data_cnt = (ushort)FD_FEC_SHRED_CNT;
800 3393 : p_shred->code.code_cnt = (ushort)FD_FEC_SHRED_CNT;
801 3393 : p_shred->code.idx = (ushort)i;
802 :
803 3393 : if( FD_LIKELY( fd_shred_is_chained( shred_type ) ) ) {
804 3393 : fd_memcpy( set->parity_shreds[i].b+fd_shred_chain_off( ctx->parity_variant ), chained_root, FD_SHRED_MERKLE_ROOT_SZ );
805 3393 : }
806 :
807 3393 : fd_bmtree_hash_leaf( leaf, set->parity_shreds[i].b+sizeof(fd_ed25519_sig_t), parity_merkle_protected_sz, FD_BMTREE_LONG_PREFIX_SZ );
808 3393 : if( FD_UNLIKELY( !fd_bmtree_commitp_insert_with_proof( tree, FD_FEC_SHRED_CNT + i, leaf, NULL, 0, NULL ) ) ) {
809 0 : ctx_list_ele_push_tail( free_list, ctx, ctx_pool );
810 0 : resolver->free_list_cnt++;
811 0 : FD_MCNT_INC( SHRED, FEC_REJECTED_FATAL, 1UL );
812 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
813 0 : }
814 3393 : }
815 7008 : }
816 :
817 : /* Check that the whole Merkle tree is consistent. */
818 219 : if( FD_UNLIKELY( !fd_bmtree_commitp_fini( tree, FD_FEC_SHRED_CNT + FD_FEC_SHRED_CNT ) ) ) {
819 0 : ctx_list_ele_push_tail( free_list, ctx, ctx_pool );
820 0 : resolver->free_list_cnt++;
821 0 : FD_MCNT_INC( SHRED, FEC_REJECTED_FATAL, 1UL );
822 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
823 0 : }
824 :
825 : /* Check that all the fields that are supposed to be consistent across
826 : an FEC set actually are. */
827 219 : fd_shred_t const * base_data_shred = fd_shred_parse( set->data_shreds [ 0 ].b, FD_SHRED_MIN_SZ );
828 219 : fd_shred_t const * base_parity_shred = fd_shred_parse( set->parity_shreds[ 0 ].b, FD_SHRED_MAX_SZ );
829 219 : int reject = (!base_data_shred) | (!base_parity_shred);
830 :
831 7008 : for( ulong i=1UL; (!reject) & (i<FD_FEC_SHRED_CNT); i++ ) {
832 : /* Technically, we only need to re-parse the ones we recovered with
833 : Reedsol, but parsing is pretty cheap and the rest of the
834 : validation we need to do on all of them. */
835 6789 : fd_shred_t const * parsed = fd_shred_parse( set->data_shreds[ i ].b, FD_SHRED_MIN_SZ );
836 6789 : if( FD_UNLIKELY( !parsed ) ) { reject = 1; break; }
837 6789 : reject |= parsed->variant != base_data_shred->variant;
838 6789 : reject |= parsed->slot != base_data_shred->slot;
839 6789 : reject |= parsed->version != base_data_shred->version;
840 6789 : reject |= parsed->fec_set_idx != base_data_shred->fec_set_idx;
841 6789 : reject |= parsed->data.parent_off != base_data_shred->data.parent_off;
842 :
843 6789 : reject |= fd_shred_is_chained( fd_shred_type( parsed->variant ) ) &&
844 6789 : !fd_memeq( (uchar *)parsed +fd_shred_chain_off( parsed->variant ),
845 6789 : (uchar *)base_data_shred+fd_shred_chain_off( base_data_shred->variant ), FD_SHRED_MERKLE_ROOT_SZ );
846 6789 : }
847 :
848 7227 : for( ulong i=0UL; (!reject) & (i<FD_FEC_SHRED_CNT); i++ ) {
849 7008 : fd_shred_t const * parsed = fd_shred_parse( set->parity_shreds[ i ].b, FD_SHRED_MAX_SZ );
850 7008 : if( FD_UNLIKELY( !parsed ) ) { reject = 1; break; }
851 7008 : reject |= fd_shred_type( parsed->variant ) != fd_shred_swap_type( fd_shred_type( base_data_shred->variant ) );
852 7008 : reject |= fd_shred_merkle_cnt( parsed->variant ) != fd_shred_merkle_cnt( base_data_shred->variant );
853 7008 : reject |= parsed->slot != base_data_shred->slot;
854 7008 : reject |= parsed->version != base_data_shred->version;
855 7008 : reject |= parsed->fec_set_idx != base_data_shred->fec_set_idx;
856 7008 : reject |= parsed->code.data_cnt != base_parity_shred->code.data_cnt;
857 7008 : reject |= parsed->code.code_cnt != base_parity_shred->code.code_cnt;
858 7008 : reject |= parsed->code.idx != (ushort)i;
859 :
860 7008 : reject |= fd_shred_is_chained( fd_shred_type( parsed->variant ) ) &&
861 7008 : !fd_memeq( (uchar *)parsed +fd_shred_chain_off( parsed->variant ),
862 7008 : (uchar *)base_data_shred+fd_shred_chain_off( base_data_shred->variant ), FD_SHRED_MERKLE_ROOT_SZ );
863 7008 : }
864 219 : if( FD_UNLIKELY( reject ) ) {
865 0 : ctx_list_ele_push_tail( free_list, ctx, ctx_pool );
866 0 : resolver->free_list_cnt++;
867 0 : FD_MCNT_INC( SHRED, FEC_REJECTED_FATAL, 1UL );
868 0 : return FD_FEC_RESOLVER_SHRED_REJECTED;
869 0 : }
870 :
871 : /* Populate missing Merkle proofs */
872 7227 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) if( !( set->data_shred_rcvd&(1U<<i) ) )
873 3615 : fd_bmtree_get_proof( tree, set->data_shreds[i].b + fd_shred_merkle_off( set->data_shreds[i].s ), i );
874 :
875 7227 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) if( !( set->parity_shred_rcvd&(1U<<i) ) )
876 3393 : fd_bmtree_get_proof( tree, set->parity_shreds[i].b + fd_shred_merkle_off( set->parity_shreds[i].s ), FD_FEC_SHRED_CNT+i );
877 :
878 : /* Set the retransmitter signature for shreds that need one */
879 219 : if( FD_UNLIKELY( fd_shred_is_resigned( shred_type ) ) ) {
880 693 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) if( !( set->data_shred_rcvd&(1U<<i) ) )
881 372 : memcpy( set->data_shreds[i].b + fd_shred_retransmitter_sig_off( set->data_shreds[i].s ), ctx->retransmitter_sig.u, 64UL );
882 :
883 693 : for( ulong i=0UL; i<FD_FEC_SHRED_CNT; i++ ) if( !( set->parity_shred_rcvd&(1U<<i) ) )
884 300 : memcpy( set->parity_shreds[i].b + fd_shred_retransmitter_sig_off( set->parity_shreds[i].s ), ctx->retransmitter_sig.u, 64UL );
885 21 : }
886 :
887 : /* Finally... A valid FEC set. Forward it along. */
888 219 : ctx_list_ele_push_tail( complete_list, ctx, ctx_pool );
889 219 : ctx_list_idx_push_tail( free_list, ctx_list_idx_pop_head( complete_list, ctx_pool ), ctx_pool );
890 219 : resolver->free_list_cnt++;
891 :
892 219 : *out_fec_set = set;
893 :
894 219 : return FD_FEC_RESOLVER_SHRED_COMPLETES;
895 219 : }
896 :
897 :
898 21 : void * fd_fec_resolver_leave( fd_fec_resolver_t * resolver ) {
899 21 : fd_sha512_leave( resolver->sha512 );
900 21 : done_heap_leave( resolver->done_heap );
901 21 : ctx_list_leave ( resolver->complete_list );
902 21 : ctx_list_leave ( resolver->free_list );
903 21 : ctx_treap_leave( resolver->ctx_treap );
904 21 : done_map_leave ( resolver->done_map );
905 21 : done_pool_leave( resolver->done_pool );
906 21 : ctx_map_leave ( resolver->ctx_map );
907 :
908 21 : return (void *)resolver;
909 21 : }
910 :
911 21 : void * fd_fec_resolver_delete( void * shmem ) {
912 21 : fd_fec_resolver_t * resolver = (fd_fec_resolver_t *)shmem;
913 21 : ulong depth = resolver->depth;
914 21 : ulong partial_depth = resolver->partial_depth;
915 21 : ulong complete_depth = resolver->complete_depth;
916 21 : ulong done_depth = resolver->done_depth;
917 :
918 21 : ulong depth_sum = depth + partial_depth + complete_depth;
919 21 : ulong ctx_chain_cnt = ctx_map_chain_cnt_est ( depth );
920 21 : ulong done_chain_cnt = done_map_chain_cnt_est( done_depth );
921 :
922 21 : FD_SCRATCH_ALLOC_INIT( l, shmem );
923 21 : /* self */ FD_SCRATCH_ALLOC_APPEND( l, FD_FEC_RESOLVER_ALIGN, sizeof(fd_fec_resolver_t) );
924 21 : /* _ctx_pool */ FD_SCRATCH_ALLOC_APPEND( l, alignof(set_ctx_t), sizeof(set_ctx_t)*depth_sum );
925 21 : void * _ctx_map = FD_SCRATCH_ALLOC_APPEND( l, ctx_map_align(), ctx_map_footprint ( ctx_chain_cnt ) );
926 21 : void * _done_pool = FD_SCRATCH_ALLOC_APPEND( l, done_pool_align(), done_pool_footprint( done_depth ) );
927 21 : void * _done_map = FD_SCRATCH_ALLOC_APPEND( l, done_map_align(), done_map_footprint ( done_chain_cnt ) );
928 21 : FD_SCRATCH_ALLOC_FINI( l, FD_FEC_RESOLVER_ALIGN );
929 :
930 21 : fd_sha512_delete( resolver->sha512 );
931 21 : done_heap_delete( resolver->done_heap );
932 21 : done_map_delete ( _done_map );
933 21 : done_pool_delete( _done_pool );
934 21 : ctx_list_delete ( resolver->complete_list );
935 21 : ctx_list_delete ( resolver->free_list );
936 21 : ctx_treap_delete( resolver->ctx_treap );
937 21 : ctx_map_delete ( _ctx_map );
938 :
939 21 : return shmem;
940 21 : }
|
