Line data Source code
1 : #include <linux/limits.h>
2 : #define _GNU_SOURCE
3 : #include "fd_genesi_tile.h"
4 : #include "fd_genesis_client.h"
5 : #include "../../disco/topo/fd_topo.h"
6 : #include "../../discof/fd_accdb_topo.h"
7 : #include "../../ballet/sha256/fd_sha256.h"
8 : #include "../../flamenco/runtime/fd_genesis_parse.h"
9 : #include "../../flamenco/accdb/fd_accdb_admin_v1.h"
10 : #include "../../flamenco/accdb/fd_accdb_sync.h"
11 : #include "../../flamenco/runtime/fd_hashes.h"
12 : #include "../../util/archive/fd_tar.h"
13 : #include "../../util/pod/fd_pod.h"
14 :
15 : #include <stdio.h>
16 : #include <errno.h>
17 : #include <fcntl.h>
18 : #include <sys/poll.h>
19 : #include <sys/socket.h>
20 : #include <sys/stat.h>
21 : #include <sys/syscall.h>
22 : #include <unistd.h>
23 : #include <netinet/in.h>
24 : #include <linux/fs.h>
25 : #if FD_HAS_BZIP2
26 : #include <bzlib.h>
27 : #endif
28 :
29 : #include "generated/fd_genesi_tile_seccomp.h"
30 :
31 : static void *
32 : bz2_malloc( void * opaque,
33 : int items,
34 0 : int size ) {
35 0 : fd_alloc_t * alloc = (fd_alloc_t *)opaque;
36 :
37 0 : void * result = fd_alloc_malloc( alloc, alignof(max_align_t), (ulong)(items*size) );
38 0 : if( FD_UNLIKELY( !result ) ) return NULL;
39 0 : return result;
40 0 : }
41 :
42 : static void
43 : bz2_free( void * opaque,
44 0 : void * addr ) {
45 0 : fd_alloc_t * alloc = (fd_alloc_t *)opaque;
46 :
47 0 : if( FD_UNLIKELY( !addr ) ) return;
48 0 : fd_alloc_free( alloc, addr );
49 0 : }
50 :
51 : struct fd_genesi_tile {
52 : fd_accdb_admin_t accdb_admin[1];
53 : fd_accdb_user_t accdb[1];
54 :
55 : uchar genesis_hash[ 32UL ];
56 :
57 : fd_genesis_client_t * client;
58 :
59 : fd_lthash_value_t lthash[1];
60 :
61 : int local_genesis;
62 : int bootstrap;
63 : int shutdown;
64 :
65 : int has_expected_genesis_hash;
66 : uchar expected_genesis_hash[ 32UL ];
67 : ushort expected_shred_version;
68 :
69 : uchar genesis[ FD_GENESIS_MAX_MESSAGE_SIZE ] __attribute__((aligned(alignof(fd_genesis_t)))); /* 10 MiB buffer for decoded genesis */
70 : uchar buffer[ FD_GENESIS_MAX_MESSAGE_SIZE ]; /* 10 MiB buffer for reading genesis file */
71 :
72 : char genesis_path[ PATH_MAX ];
73 :
74 : int in_fd;
75 : int out_fd;
76 : int out_dir_fd;
77 :
78 : fd_wksp_t * out_mem;
79 : ulong out_chunk0;
80 : ulong out_wmark;
81 : ulong out_chunk;
82 :
83 : fd_alloc_t * bz2_alloc;
84 : };
85 :
86 : typedef struct fd_genesi_tile fd_genesi_tile_t;
87 :
88 : FD_FN_CONST static inline ulong
89 0 : scratch_align( void ) {
90 0 : return alignof( fd_genesi_tile_t );
91 0 : }
92 :
93 : FD_FN_PURE static inline ulong
94 0 : scratch_footprint( fd_topo_tile_t const * tile ) {
95 0 : (void)tile;
96 :
97 0 : ulong l = FD_LAYOUT_INIT;
98 0 : l = FD_LAYOUT_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
99 0 : l = FD_LAYOUT_APPEND( l, fd_genesis_client_align(), fd_genesis_client_footprint() );
100 0 : l = FD_LAYOUT_APPEND( l, fd_alloc_align(), fd_alloc_footprint() );
101 0 : return FD_LAYOUT_FINI( l, scratch_align() );
102 0 : }
103 :
104 : FD_FN_CONST static inline ulong
105 0 : loose_footprint( fd_topo_tile_t const * tile ) {
106 0 : (void)tile;
107 : /* Leftover space for bzip2 allocations */
108 0 : return 1UL<<26; /* 64 MiB */
109 0 : }
110 :
111 : static inline int
112 0 : should_shutdown( fd_genesi_tile_t * ctx ) {
113 0 : return ctx->shutdown;
114 0 : }
115 :
116 : static void
117 0 : initialize_accdb( fd_genesi_tile_t * ctx ) {
118 : /* Insert accounts at root */
119 0 : fd_genesis_t * genesis = fd_type_pun( ctx->genesis );
120 0 : fd_accdb_user_t * accdb = ctx->accdb;
121 :
122 0 : fd_funk_txn_xid_t root_xid; fd_funk_txn_xid_set_root( &root_xid );
123 0 : fd_funk_txn_xid_t xid = { .ul={ LONG_MAX, LONG_MAX } };
124 0 : fd_accdb_attach_child( ctx->accdb_admin, &root_xid, &xid );
125 :
126 0 : for( ulong i=0UL; i<genesis->accounts_len; i++ ) {
127 0 : fd_genesis_account_t * account = fd_type_pun( (uchar *)genesis + genesis->accounts_off[ i ] );
128 :
129 0 : fd_accdb_rw_t rw[1];
130 0 : fd_accdb_open_rw( ctx->accdb, rw, &xid, account->pubkey, account->meta.dlen, FD_ACCDB_FLAG_CREATE|FD_ACCDB_FLAG_DONTZERO );
131 0 : fd_accdb_ref_owner_set ( rw, account->meta.owner );
132 0 : fd_accdb_ref_lamports_set( rw, account->meta.lamports );
133 0 : fd_accdb_ref_exec_bit_set( rw, !!account->meta.executable );
134 0 : fd_accdb_ref_data_set ( accdb, rw, account->data, account->meta.dlen );
135 :
136 0 : fd_lthash_value_t new_hash[1];
137 0 : fd_hashes_account_lthash( fd_type_pun( account->pubkey ), rw->meta, account->data, new_hash );
138 0 : fd_lthash_add( ctx->lthash, new_hash );
139 0 : fd_accdb_close_rw( ctx->accdb, rw );
140 0 : }
141 :
142 0 : fd_accdb_advance_root( ctx->accdb_admin, &xid );
143 0 : }
144 :
145 : static inline void
146 : verify_cluster_type( fd_genesis_t const * genesis,
147 : uchar const * genesis_hash,
148 0 : char const * genesis_path ) {
149 :
150 0 : uchar mainnet_hash[ 32 ];
151 0 : FD_TEST( fd_base58_decode_32( "5eykt4UsFv8P8NJdTREpY1vzqKqZKvdpKuc147dw2N9d", mainnet_hash ) );
152 :
153 0 : uchar testnet_hash[ 32 ];
154 0 : FD_TEST( fd_base58_decode_32( "4uhcVJyU9pJkvQyS88uRDiswHXSCkY3zQawwpjk2NsNY", testnet_hash ) );
155 :
156 0 : uchar devnet_hash[ 32 ];
157 0 : FD_TEST( fd_base58_decode_32( "EtWTRABZaYq6iMfeYKouRu166VU2xqa1wcaWoxPkrZBG", devnet_hash ) );
158 :
159 0 : switch( genesis->cluster_type ) {
160 0 : case FD_GENESIS_TYPE_MAINNET: {
161 0 : if( FD_UNLIKELY( memcmp( genesis_hash, mainnet_hash, 32UL ) ) ) {
162 0 : FD_BASE58_ENCODE_32_BYTES( genesis_hash, genesis_hash_b58 );
163 0 : FD_LOG_ERR(( "genesis file `%s` has cluster type MAINNET but unexpected genesis hash `%s`",
164 0 : genesis_path, genesis_hash_b58 ));
165 0 : }
166 0 : break;
167 0 : }
168 0 : case FD_GENESIS_TYPE_TESTNET: {
169 0 : if( FD_UNLIKELY( memcmp( genesis_hash, testnet_hash, 32UL ) ) ) {
170 0 : FD_BASE58_ENCODE_32_BYTES( genesis_hash, genesis_hash_b58 );
171 0 : FD_LOG_ERR(( "genesis file `%s` has cluster type TESTNET but unexpected genesis hash `%s`",
172 0 : genesis_path, genesis_hash_b58 ));
173 0 : }
174 0 : break;
175 0 : }
176 0 : case FD_GENESIS_TYPE_DEVNET: {
177 0 : if( FD_UNLIKELY( memcmp( genesis_hash, devnet_hash, 32UL ) ) ) {
178 0 : FD_BASE58_ENCODE_32_BYTES( genesis_hash, genesis_hash_b58 );
179 0 : FD_LOG_ERR(( "genesis file `%s` has cluster type DEVNET but unexpected genesis hash `%s`",
180 0 : genesis_path, genesis_hash_b58 ));
181 0 : }
182 0 : break;
183 0 : }
184 0 : default:
185 0 : break;
186 0 : }
187 0 : }
188 :
189 : static void
190 : after_credit( fd_genesi_tile_t * ctx,
191 : fd_stem_context_t * stem,
192 : int * opt_poll_in,
193 0 : int * charge_busy ) {
194 0 : (void)opt_poll_in;
195 :
196 0 : if( FD_UNLIKELY( ctx->shutdown ) ) return;
197 :
198 0 : if( FD_LIKELY( ctx->local_genesis ) ) {
199 0 : FD_TEST( -1!=ctx->in_fd );
200 :
201 0 : fd_genesis_t * genesis = fd_type_pun( ctx->genesis );
202 :
203 0 : uchar * dst = fd_chunk_to_laddr( ctx->out_mem, ctx->out_chunk );
204 0 : if( FD_UNLIKELY( ctx->bootstrap ) ) {
205 0 : fd_memcpy( dst, &ctx->lthash->bytes, sizeof(fd_lthash_value_t) );
206 0 : fd_memcpy( dst+sizeof(fd_lthash_value_t), &ctx->genesis_hash, sizeof(fd_hash_t) );
207 0 : fd_memcpy( dst+sizeof(fd_lthash_value_t)+sizeof(fd_hash_t), ctx->genesis, genesis->total_sz );
208 :
209 0 : fd_stem_publish( stem, 0UL, GENESI_SIG_BOOTSTRAP_COMPLETED, ctx->out_chunk, 0UL, 0UL, 0UL, 0UL );
210 0 : ctx->out_chunk = fd_dcache_compact_next( ctx->out_chunk, genesis->total_sz+sizeof(fd_hash_t)+sizeof(fd_lthash_value_t), ctx->out_chunk0, ctx->out_wmark );
211 0 : } else {
212 0 : fd_memcpy( dst, ctx->genesis_hash, sizeof(fd_hash_t) );
213 0 : fd_stem_publish( stem, 0UL, GENESI_SIG_GENESIS_HASH, ctx->out_chunk, sizeof(fd_hash_t), 0UL, 0UL, 0UL );
214 0 : ctx->out_chunk = fd_dcache_compact_next( ctx->out_chunk, sizeof(fd_hash_t), ctx->out_chunk0, ctx->out_wmark );
215 0 : }
216 :
217 0 : *charge_busy = 1;
218 0 : FD_LOG_NOTICE(( "loaded local genesis.bin from file `%s`", ctx->genesis_path ));
219 :
220 0 : ctx->shutdown = 1;
221 0 : } else {
222 0 : uchar * buffer;
223 0 : ulong buffer_sz;
224 0 : fd_ip4_port_t peer;
225 0 : int result = fd_genesis_client_poll( ctx->client, &peer, &buffer, &buffer_sz, charge_busy );
226 0 : if( FD_UNLIKELY( -1==result ) ) FD_LOG_ERR(( "failed to retrieve genesis.bin from any configured gossip entrypoints" ));
227 0 : if( FD_LIKELY( 1==result ) ) return;
228 :
229 0 : uchar * decompressed = ctx->buffer;
230 0 : ulong actual_decompressed_sz = 0UL;
231 0 : # if FD_HAS_BZIP2
232 0 : bz_stream bzstrm = {0};
233 0 : bzstrm.bzalloc = bz2_malloc;
234 0 : bzstrm.bzfree = bz2_free;
235 0 : bzstrm.opaque = ctx->bz2_alloc;
236 0 : int bzerr = BZ2_bzDecompressInit( &bzstrm, 0, 0 );
237 0 : if( FD_UNLIKELY( BZ_OK!=bzerr ) ) FD_LOG_ERR(( "BZ2_bzDecompressInit() failed (%d)", bzerr ));
238 :
239 0 : ulong decompressed_sz = FD_GENESIS_MAX_MESSAGE_SIZE;
240 :
241 0 : bzstrm.next_in = (char *)buffer;
242 0 : bzstrm.avail_in = (uint)buffer_sz;
243 0 : bzstrm.next_out = (char *)decompressed;
244 0 : bzstrm.avail_out = (uint)decompressed_sz;
245 0 : bzerr = BZ2_bzDecompress( &bzstrm );
246 0 : if( FD_UNLIKELY( BZ_STREAM_END!=bzerr ) ) FD_LOG_ERR(( "BZ2_bzDecompress() failed (%d)", bzerr ));
247 :
248 0 : actual_decompressed_sz = decompressed_sz - (ulong)bzstrm.avail_out;
249 : # else
250 : FD_LOG_ERR(( "This build does not include bzip2, which is required to boot from genesis.\n"
251 : "To install bzip2, re-run ./deps.sh +dev, make distclean, and make -j" ));
252 : # endif
253 :
254 0 : FD_TEST( actual_decompressed_sz>=512UL );
255 :
256 0 : fd_tar_meta_t const * meta = (fd_tar_meta_t const *)decompressed;
257 0 : FD_TEST( !strcmp( meta->name, "genesis.bin" ) );
258 0 : FD_TEST( actual_decompressed_sz>=512UL+fd_tar_meta_get_size( meta ) );
259 :
260 0 : uchar hash[ 32UL ];
261 0 : fd_sha256_hash( decompressed+512UL, fd_tar_meta_get_size( meta ), hash );
262 :
263 : /* Can't verify expected_shred_version here because it needs to be
264 : mixed in with hard_forks from the snapshot. Replay tile will
265 : combine them and do this verification. */
266 :
267 0 : if( FD_LIKELY( ctx->has_expected_genesis_hash && memcmp( hash, ctx->expected_genesis_hash, 32UL ) ) ) {
268 0 : FD_BASE58_ENCODE_32_BYTES( ctx->expected_genesis_hash, expected_genesis_hash_b58 );
269 0 : FD_BASE58_ENCODE_32_BYTES( hash, hash_b58 );
270 0 : FD_LOG_ERR(( "An expected genesis hash of `%s` has been set in your configuration file at [consensus.expected_genesis_hash] "
271 0 : "but the genesis hash derived from the peer at `http://" FD_IP4_ADDR_FMT ":%hu` has unexpected hash `%s`",
272 0 : expected_genesis_hash_b58, FD_IP4_ADDR_FMT_ARGS( peer.addr ), fd_ushort_bswap( peer.port ), hash_b58 ));
273 0 : }
274 :
275 0 : FD_TEST( !ctx->bootstrap );
276 0 : ulong size = fd_tar_meta_get_size( meta );
277 :
278 0 : fd_genesis_t * genesis = fd_genesis_parse( ctx->genesis, decompressed+512UL, size );
279 0 : if( FD_UNLIKELY( !genesis ) ) {
280 0 : FD_LOG_ERR(( "unable to decode downloaded solana genesis file due to violated hardcoded limits" ));
281 0 : }
282 :
283 0 : verify_cluster_type( genesis, hash, ctx->genesis_path );
284 :
285 0 : uchar * dst = fd_chunk_to_laddr( ctx->out_mem, ctx->out_chunk );
286 0 : fd_memcpy( dst, hash, sizeof(fd_hash_t) );
287 0 : FD_BASE58_ENCODE_32_BYTES( dst, dst_b58 );
288 0 : FD_LOG_WARNING(( "Genesis hash from peer: %s", dst_b58 ));
289 0 : fd_stem_publish( stem, 0UL, GENESI_SIG_GENESIS_HASH, ctx->out_chunk, 32UL, 0UL, 0UL, 0UL );
290 0 : ctx->out_chunk = fd_dcache_compact_next( ctx->out_chunk, sizeof(fd_hash_t), ctx->out_chunk0, ctx->out_wmark );
291 :
292 0 : ulong bytes_written = 0UL;
293 0 : while( bytes_written<fd_tar_meta_get_size( meta ) ) {
294 0 : long result = write( ctx->out_fd, decompressed+512UL+bytes_written, fd_tar_meta_get_size( meta )-bytes_written );
295 0 : if( FD_UNLIKELY( -1==result ) ) FD_LOG_ERR(( "write() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
296 0 : bytes_written += (ulong)result;
297 0 : }
298 :
299 0 : char basename[ PATH_MAX ];
300 0 : const char * last_slash = strrchr( ctx->genesis_path, '/' );
301 0 : if( FD_LIKELY( last_slash ) ) FD_TEST( fd_cstr_printf_check( basename, PATH_MAX, NULL, "%s", last_slash+1UL ) );
302 0 : else FD_TEST( fd_cstr_printf_check( basename, PATH_MAX, NULL, "%s", ctx->genesis_path ) );
303 :
304 0 : char basename_partial[ PATH_MAX ];
305 0 : FD_TEST( fd_cstr_printf_check( basename_partial, PATH_MAX, NULL, "%s.partial", basename ) );
306 :
307 0 : int err = renameat2( ctx->out_dir_fd, basename_partial, ctx->out_dir_fd, basename, RENAME_NOREPLACE );
308 0 : if( FD_UNLIKELY( -1==err ) ) FD_LOG_ERR(( "renameat2() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
309 :
310 0 : FD_LOG_NOTICE(( "retrieved genesis `%s` from peer at http://" FD_IP4_ADDR_FMT ":%hu/genesis.tar.bz2",
311 0 : ctx->genesis_path, FD_IP4_ADDR_FMT_ARGS( peer.addr ), peer.port ));
312 :
313 0 : ctx->shutdown = 1;
314 0 : }
315 0 : }
316 :
317 : static void
318 : process_local_genesis( fd_genesi_tile_t * ctx,
319 0 : char const * genesis_path ) {
320 0 : struct stat st;
321 0 : int err = fstat( ctx->in_fd, &st );
322 0 : if( FD_UNLIKELY( -1==err ) ) FD_LOG_ERR(( "stat() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
323 :
324 0 : ulong size = (ulong)st.st_size;
325 :
326 0 : if( FD_UNLIKELY( size>sizeof(ctx->buffer) ) ) FD_LOG_ERR(( "genesis file `%s` too large (%lu bytes, max %lu)", genesis_path, size, (ulong)sizeof(ctx->buffer) ));
327 :
328 0 : ulong bytes_read = 0UL;
329 0 : while( bytes_read<size ) {
330 0 : long result = read( ctx->in_fd, ctx->buffer+bytes_read, size-bytes_read );
331 0 : if( FD_UNLIKELY( -1==result ) ) FD_LOG_ERR(( "read() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
332 0 : if( FD_UNLIKELY( !result ) ) FD_LOG_ERR(( "read() returned 0 before reading full file" ));
333 0 : bytes_read += (ulong)result;
334 0 : }
335 :
336 0 : FD_TEST( bytes_read==size );
337 :
338 0 : if( FD_UNLIKELY( -1==close( ctx->in_fd ) ) ) FD_LOG_ERR(( "close() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
339 :
340 0 : fd_genesis_t * genesis = fd_genesis_parse( ctx->genesis, ctx->buffer, size );
341 0 : if( FD_UNLIKELY( !genesis ) ) {
342 0 : FD_LOG_ERR(( "unable to decode solana genesis from local file due to violated hardcoded limits" ));
343 0 : }
344 :
345 0 : union {
346 0 : uchar c[ 32 ];
347 0 : ushort s[ 16 ];
348 0 : } hash;
349 0 : fd_sha256_hash( ctx->buffer, size, hash.c );
350 :
351 0 : verify_cluster_type( genesis, hash.c, genesis_path );
352 :
353 0 : fd_memcpy( ctx->genesis_hash, hash.c, 32UL );
354 :
355 0 : if( FD_UNLIKELY( ctx->bootstrap && ctx->expected_shred_version ) ) {
356 0 : ushort xor = 0;
357 0 : for( ulong i=0UL; i<16UL; i++ ) xor ^= hash.s[ i ];
358 :
359 0 : xor = fd_ushort_bswap( xor );
360 0 : xor = fd_ushort_if( xor<USHORT_MAX, (ushort)(xor + 1), USHORT_MAX );
361 :
362 0 : FD_TEST( xor );
363 :
364 0 : if( FD_UNLIKELY( xor!=ctx->expected_shred_version ) ) {
365 0 : FD_LOG_ERR(( "This node is bootstrapping the cluster as it has no gossip entrypoints provided, but "
366 0 : "a [consensus.expected_shred_version] of %hu is provided which does not match the shred "
367 0 : "version of %hu computed from the genesis.bin file at `%s`",
368 0 : ctx->expected_shred_version, xor, genesis_path ));
369 0 : }
370 0 : }
371 :
372 0 : if( FD_LIKELY( ctx->has_expected_genesis_hash && memcmp( ctx->genesis_hash, ctx->expected_genesis_hash, 32UL ) ) ) {
373 0 : FD_BASE58_ENCODE_32_BYTES( ctx->expected_genesis_hash, expected_genesis_hash_b58 );
374 0 : FD_BASE58_ENCODE_32_BYTES( ctx->genesis_hash, genesis_hash_b58 );
375 0 : FD_LOG_ERR(( "An expected genesis hash of `%s` has been set in your configuration file at [consensus.expected_genesis_hash] "
376 0 : "but the genesis hash derived from the genesis file at `%s` has unexpected hash (expected `%s`)", expected_genesis_hash_b58, genesis_path, genesis_hash_b58 ));
377 0 : }
378 0 : }
379 :
380 : static void
381 : privileged_init( fd_topo_t * topo,
382 0 : fd_topo_tile_t * tile ) {
383 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
384 :
385 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
386 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
387 0 : fd_genesis_client_t * _client = FD_SCRATCH_ALLOC_APPEND( l, fd_genesis_client_align(), fd_genesis_client_footprint() );
388 :
389 0 : ctx->local_genesis = 1;
390 0 : ctx->in_fd = open( tile->genesi.genesis_path, O_RDONLY|O_CLOEXEC );
391 0 : if( FD_UNLIKELY( -1==ctx->in_fd ) ) {
392 0 : if( FD_LIKELY( errno==ENOENT ) ) {
393 0 : FD_LOG_INFO(( "no local genesis.bin file found at `%s`", tile->genesi.genesis_path ));
394 :
395 0 : if( FD_UNLIKELY( !tile->genesi.entrypoints_cnt ) ) {
396 0 : FD_LOG_ERR(( "This node is bootstrapping the cluster as it has no gossip entrypoints provided, but "
397 0 : "the genesis.bin file at `%s` does not exist. Please provide a valid genesis.bin "
398 0 : "file by running genesis, or join an existing cluster.",
399 0 : tile->genesi.genesis_path ));
400 0 : } else {
401 0 : if( FD_UNLIKELY( !tile->genesi.allow_download ) ) {
402 0 : FD_LOG_ERR(( "There is no genesis.bin file at `%s` and automatic downloading is disabled as "
403 0 : "genesis_download is false in your configuration file. Please either provide a valid "
404 0 : "genesis.bin file locally, or allow donwloading from a gossip entrypoint.",
405 0 : tile->genesi.genesis_path ));
406 0 : } else {
407 0 : char basename[ PATH_MAX ];
408 0 : strncpy( basename, tile->genesi.genesis_path, PATH_MAX );
409 0 : char * last_slash = strrchr( basename, '/' );
410 0 : if( FD_LIKELY( last_slash ) ) *last_slash = '\0';
411 :
412 0 : ctx->out_dir_fd = open( basename, O_RDONLY|O_CLOEXEC|O_DIRECTORY );
413 0 : if( FD_UNLIKELY( -1==ctx->out_dir_fd ) ) FD_LOG_ERR(( "open() failed for genesis dir `%s` (%i-%s)", basename, errno, fd_io_strerror( errno ) ));
414 :
415 : /* Switch to non-root uid/gid for file creation. Permissions checks
416 : are still done as root. */
417 0 : gid_t gid = getgid();
418 0 : uid_t uid = getuid();
419 0 : if( FD_LIKELY( !gid && -1==syscall( __NR_setresgid, -1, tile->genesi.target_gid, -1 ) ) ) FD_LOG_ERR(( "setresgid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
420 0 : if( FD_LIKELY( !uid && -1==syscall( __NR_setresuid, -1, tile->genesi.target_uid, -1 ) ) ) FD_LOG_ERR(( "setresuid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
421 :
422 0 : char partialname[ PATH_MAX ];
423 0 : FD_TEST( fd_cstr_printf_check( partialname, PATH_MAX, NULL, "%s.partial", tile->genesi.genesis_path ) );
424 0 : ctx->out_fd = openat( ctx->out_dir_fd, "genesis.bin.partial", O_CREAT|O_WRONLY|O_CLOEXEC|O_TRUNC, S_IRUSR|S_IWUSR );
425 0 : if( FD_UNLIKELY( -1==ctx->out_fd ) ) FD_LOG_ERR(( "openat() failed for genesis file `%s` (%i-%s)", partialname, errno, fd_io_strerror( errno ) ));
426 :
427 0 : if( FD_UNLIKELY( -1==syscall( __NR_setresuid, -1, uid, -1 ) ) ) FD_LOG_ERR(( "setresuid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
428 0 : if( FD_UNLIKELY( -1==syscall( __NR_setresgid, -1, gid, -1 ) ) ) FD_LOG_ERR(( "setresgid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
429 :
430 0 : ctx->local_genesis = 0;
431 0 : ctx->client = fd_genesis_client_join( fd_genesis_client_new( _client ) );
432 0 : FD_TEST( ctx->client );
433 0 : fd_genesis_client_init( ctx->client, tile->genesi.entrypoints, tile->genesi.entrypoints_cnt );
434 0 : }
435 0 : }
436 0 : } else {
437 0 : FD_LOG_ERR(( "could not open genesis.bin file at `%s` (%i-%s)", tile->genesi.genesis_path, errno, fd_io_strerror( errno ) ));
438 0 : }
439 0 : }
440 0 : }
441 :
442 : static void
443 : unprivileged_init( fd_topo_t * topo,
444 0 : fd_topo_tile_t * tile ) {
445 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
446 :
447 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
448 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
449 0 : FD_SCRATCH_ALLOC_APPEND( l, fd_genesis_client_align(), fd_genesis_client_footprint() );
450 0 : void * _alloc = FD_SCRATCH_ALLOC_APPEND( l, fd_alloc_align(), fd_alloc_footprint() );
451 :
452 0 : ulong funk_obj_id;
453 0 : FD_TEST( (funk_obj_id = fd_pod_query_ulong( topo->props, "funk", ULONG_MAX ) )!=ULONG_MAX );
454 0 : FD_TEST( fd_accdb_admin_v1_init( ctx->accdb_admin, fd_topo_obj_laddr( topo, funk_obj_id ) ) );
455 0 : fd_accdb_init_from_topo( ctx->accdb, topo, tile );
456 :
457 0 : fd_lthash_zero( ctx->lthash );
458 :
459 0 : ctx->shutdown = 0;
460 0 : ctx->bootstrap = !tile->genesi.entrypoints_cnt;
461 0 : ctx->expected_shred_version = tile->genesi.expected_shred_version;
462 0 : ctx->has_expected_genesis_hash = tile->genesi.has_expected_genesis_hash;
463 0 : fd_memcpy( ctx->expected_genesis_hash, tile->genesi.expected_genesis_hash, 32UL );
464 0 : if( FD_LIKELY( -1!=ctx->in_fd ) ) {
465 0 : process_local_genesis( ctx, tile->genesi.genesis_path );
466 0 : if( FD_UNLIKELY( ctx->bootstrap ) ) initialize_accdb( ctx );
467 0 : }
468 :
469 0 : FD_TEST( fd_cstr_printf_check( ctx->genesis_path, PATH_MAX, NULL, "%s", tile->genesi.genesis_path ) );
470 :
471 0 : ctx->out_mem = topo->workspaces[ topo->objs[ topo->links[ tile->out_link_id[ 0 ] ].dcache_obj_id ].wksp_id ].wksp;
472 0 : ctx->out_chunk0 = fd_dcache_compact_chunk0( ctx->out_mem, topo->links[ tile->out_link_id[ 0 ] ].dcache );
473 0 : ctx->out_wmark = fd_dcache_compact_wmark ( ctx->out_mem, topo->links[ tile->out_link_id[ 0 ] ].dcache, topo->links[ tile->out_link_id[ 0 ] ].mtu );
474 0 : ctx->out_chunk = ctx->out_chunk0;
475 :
476 0 : ctx->bz2_alloc = fd_alloc_join( fd_alloc_new( _alloc, 1UL ), 1UL );
477 0 : FD_TEST( ctx->bz2_alloc );
478 :
479 0 : ulong scratch_top = FD_SCRATCH_ALLOC_FINI( l, 1UL );
480 0 : if( FD_UNLIKELY( scratch_top > (ulong)scratch + scratch_footprint( tile ) ) )
481 0 : FD_LOG_ERR(( "scratch overflow %lu %lu %lu", scratch_top - (ulong)scratch - scratch_footprint( tile ), scratch_top, (ulong)scratch + scratch_footprint( tile ) ));
482 0 : }
483 :
484 : static ulong
485 : rlimit_file_cnt( fd_topo_t const * topo FD_PARAM_UNUSED,
486 0 : fd_topo_tile_t const * tile ) {
487 0 : return 1UL + /* stderr */
488 0 : 1UL + /* logfile */
489 0 : 1UL + /* genesis file */
490 0 : 1UL + /* genesis dir */
491 0 : tile->genesi.entrypoints_cnt; /* for the client */
492 0 : }
493 :
494 : static ulong
495 : populate_allowed_seccomp( fd_topo_t const * topo,
496 : fd_topo_tile_t const * tile,
497 : ulong out_cnt,
498 0 : struct sock_filter * out ) {
499 :
500 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
501 :
502 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
503 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
504 :
505 0 : uint in_fd, out_fd, out_dir_fd;
506 0 : if( FD_LIKELY( -1!=ctx->in_fd ) ) {
507 0 : in_fd = (uint)ctx->in_fd;
508 0 : out_fd = (uint)-1;
509 0 : out_dir_fd = (uint)-1;
510 0 : } else {
511 0 : in_fd = (uint)-1;
512 0 : out_fd = (uint)ctx->out_fd;
513 0 : out_dir_fd = (uint)ctx->out_dir_fd;
514 0 : }
515 :
516 0 : populate_sock_filter_policy_fd_genesi_tile( out_cnt, out, (uint)fd_log_private_logfile_fd(), in_fd, out_fd, out_dir_fd );
517 0 : return sock_filter_policy_fd_genesi_tile_instr_cnt;
518 0 : }
519 :
520 : static ulong
521 : populate_allowed_fds( fd_topo_t const * topo,
522 : fd_topo_tile_t const * tile,
523 : ulong out_fds_cnt,
524 0 : int * out_fds ) {
525 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
526 :
527 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
528 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
529 :
530 0 : if( FD_UNLIKELY( out_fds_cnt<tile->genesi.entrypoints_cnt+5UL ) ) FD_LOG_ERR(( "out_fds_cnt %lu", out_fds_cnt ));
531 :
532 0 : ulong out_cnt = 0UL;
533 0 : out_fds[ out_cnt++ ] = 2; /* stderr */
534 0 : if( FD_LIKELY( -1!=fd_log_private_logfile_fd() ) )
535 0 : out_fds[ out_cnt++ ] = fd_log_private_logfile_fd(); /* logfile */
536 :
537 0 : if( FD_UNLIKELY( -1==ctx->in_fd ) ) {
538 0 : FD_TEST( -1!=ctx->out_dir_fd );
539 0 : FD_TEST( -1!=ctx->out_fd );
540 0 : out_fds[ out_cnt++ ] = ctx->out_dir_fd;
541 0 : out_fds[ out_cnt++ ] = ctx->out_fd;
542 :
543 0 : for( ulong i=0UL; i<tile->genesi.entrypoints_cnt; i++ ) {
544 0 : int fd = fd_genesis_client_get_pollfds( ctx->client )[ i ].fd;
545 0 : if( FD_LIKELY( -1!=fd ) ) out_fds[ out_cnt++ ] = fd;
546 0 : }
547 0 : } else {
548 0 : FD_TEST( -1!=ctx->in_fd );
549 0 : out_fds[ out_cnt++ ] = ctx->in_fd;
550 0 : }
551 :
552 0 : return out_cnt;
553 0 : }
554 :
555 0 : #define STEM_BURST (1UL)
556 :
557 0 : #define STEM_CALLBACK_CONTEXT_TYPE fd_genesi_tile_t
558 0 : #define STEM_CALLBACK_CONTEXT_ALIGN alignof(fd_genesi_tile_t)
559 :
560 0 : #define STEM_CALLBACK_AFTER_CREDIT after_credit
561 : #define STEM_CALLBACK_SHOULD_SHUTDOWN should_shutdown
562 :
563 : #include "../../disco/stem/fd_stem.c"
564 :
565 : fd_topo_run_tile_t fd_tile_genesi = {
566 : .name = "genesi",
567 : .rlimit_file_cnt_fn = rlimit_file_cnt,
568 : .allow_connect = 1,
569 : .allow_renameat = 1,
570 : .populate_allowed_seccomp = populate_allowed_seccomp,
571 : .populate_allowed_fds = populate_allowed_fds,
572 : .loose_footprint = loose_footprint,
573 : .scratch_align = scratch_align,
574 : .scratch_footprint = scratch_footprint,
575 : .privileged_init = privileged_init,
576 : .unprivileged_init = unprivileged_init,
577 : .run = stem_run,
578 : };
|
