Line data Source code
1 : #include <linux/limits.h>
2 : #define _GNU_SOURCE
3 : #include "fd_genesi_tile.h"
4 : #include "fd_genesis_client.h"
5 : #include "../../disco/topo/fd_topo.h"
6 : #include "../../ballet/sha256/fd_sha256.h"
7 : #include "../../flamenco/runtime/fd_genesis_parse.h"
8 : #include "../../flamenco/accdb/fd_accdb_admin.h"
9 : #include "../../flamenco/accdb/fd_accdb_impl_v1.h"
10 : #include "../../flamenco/runtime/fd_hashes.h"
11 : #include "../../util/archive/fd_tar.h"
12 :
13 : #include <stdio.h>
14 : #include <errno.h>
15 : #include <fcntl.h>
16 : #include <sys/poll.h>
17 : #include <sys/socket.h>
18 : #include <sys/stat.h>
19 : #include <sys/syscall.h>
20 : #include <unistd.h>
21 : #include <netinet/in.h>
22 : #include <linux/fs.h>
23 : #if FD_HAS_BZIP2
24 : #include <bzlib.h>
25 : #endif
26 :
27 : #include "generated/fd_genesi_tile_seccomp.h"
28 :
29 : static void *
30 : bz2_malloc( void * opaque,
31 : int items,
32 0 : int size ) {
33 0 : fd_alloc_t * alloc = (fd_alloc_t *)opaque;
34 :
35 0 : void * result = fd_alloc_malloc( alloc, alignof(max_align_t), (ulong)(items*size) );
36 0 : if( FD_UNLIKELY( !result ) ) return NULL;
37 0 : return result;
38 0 : }
39 :
40 : static void
41 : bz2_free( void * opaque,
42 0 : void * addr ) {
43 0 : fd_alloc_t * alloc = (fd_alloc_t *)opaque;
44 :
45 0 : if( FD_UNLIKELY( !addr ) ) return;
46 0 : fd_alloc_free( alloc, addr );
47 0 : }
48 :
49 : struct fd_genesi_tile {
50 : fd_accdb_admin_t accdb_admin[1];
51 : fd_accdb_user_t accdb[1];
52 :
53 : uchar genesis_hash[ 32UL ];
54 :
55 : fd_genesis_client_t * client;
56 :
57 : fd_lthash_value_t lthash[1];
58 :
59 : int local_genesis;
60 : int bootstrap;
61 : int shutdown;
62 :
63 : int has_expected_genesis_hash;
64 : uchar expected_genesis_hash[ 32UL ];
65 : ushort expected_shred_version;
66 :
67 : uchar genesis[ FD_GENESIS_MAX_MESSAGE_SIZE ] __attribute__((aligned(alignof(fd_genesis_t)))); /* 10 MiB buffer for decoded genesis */
68 : uchar buffer[ FD_GENESIS_MAX_MESSAGE_SIZE ]; /* 10 MiB buffer for reading genesis file */
69 :
70 : char genesis_path[ PATH_MAX ];
71 :
72 : int in_fd;
73 : int out_fd;
74 : int out_dir_fd;
75 :
76 : fd_wksp_t * out_mem;
77 : ulong out_chunk0;
78 : ulong out_wmark;
79 : ulong out_chunk;
80 :
81 : fd_alloc_t * bz2_alloc;
82 : };
83 :
84 : typedef struct fd_genesi_tile fd_genesi_tile_t;
85 :
86 : FD_FN_CONST static inline ulong
87 0 : scratch_align( void ) {
88 0 : return alignof( fd_genesi_tile_t );
89 0 : }
90 :
91 : FD_FN_PURE static inline ulong
92 0 : scratch_footprint( fd_topo_tile_t const * tile ) {
93 0 : (void)tile;
94 :
95 0 : ulong l = FD_LAYOUT_INIT;
96 0 : l = FD_LAYOUT_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
97 0 : l = FD_LAYOUT_APPEND( l, fd_genesis_client_align(), fd_genesis_client_footprint() );
98 0 : l = FD_LAYOUT_APPEND( l, fd_alloc_align(), fd_alloc_footprint() );
99 0 : return FD_LAYOUT_FINI( l, scratch_align() );
100 0 : }
101 :
102 : FD_FN_CONST static inline ulong
103 0 : loose_footprint( fd_topo_tile_t const * tile ) {
104 0 : (void)tile;
105 : /* Leftover space for bzip2 allocations */
106 0 : return 1UL<<26; /* 64 MiB */
107 0 : }
108 :
109 : static inline int
110 0 : should_shutdown( fd_genesi_tile_t * ctx ) {
111 0 : return ctx->shutdown;
112 0 : }
113 :
114 : static void
115 0 : initialize_accdb( fd_genesi_tile_t * ctx ) {
116 : /* Insert accounts at root */
117 0 : fd_funk_txn_xid_t root_xid; fd_funk_txn_xid_set_root( &root_xid );
118 :
119 0 : fd_genesis_t * genesis = fd_type_pun( ctx->genesis );
120 :
121 0 : fd_funk_t * funk = fd_accdb_user_v1_funk( ctx->accdb );
122 0 : for( ulong i=0UL; i<genesis->accounts_len; i++ ) {
123 0 : fd_genesis_account_t * account = fd_type_pun( (uchar *)genesis + genesis->accounts_off[ i ] );
124 :
125 : /* FIXME: use accdb API */
126 0 : fd_funk_rec_prepare_t prepare[1];
127 0 : fd_funk_rec_key_t key[1]; memcpy( key->uc, account->pubkey, sizeof(fd_pubkey_t) );
128 0 : fd_funk_rec_t * rec = fd_funk_rec_prepare( funk, &root_xid, key, prepare, NULL );
129 0 : FD_TEST( rec );
130 0 : fd_account_meta_t * meta = fd_funk_val_truncate( rec, funk->alloc, funk->wksp, 16UL, sizeof(fd_account_meta_t)+account->meta.dlen, NULL );
131 0 : FD_TEST( meta );
132 0 : void * data = (void *)( meta+1 );
133 0 : fd_memcpy( meta->owner, account->meta.owner, sizeof(fd_pubkey_t) );
134 0 : meta->lamports = account->meta.lamports;
135 0 : meta->slot = 0UL;
136 0 : meta->executable = !!account->meta.executable;
137 0 : meta->dlen = (uint)account->meta.dlen;
138 0 : fd_memcpy( data, account->data, account->meta.dlen );
139 0 : fd_funk_rec_publish( funk, prepare );
140 :
141 0 : fd_lthash_value_t new_hash[1];
142 0 : fd_hashes_account_lthash( fd_type_pun( account->pubkey ), meta, data, new_hash );
143 0 : fd_lthash_add( ctx->lthash, new_hash );
144 0 : }
145 0 : }
146 :
147 : static inline void
148 : verify_cluster_type( fd_genesis_t const * genesis,
149 : uchar const * genesis_hash,
150 0 : char const * genesis_path ) {
151 :
152 0 : uchar mainnet_hash[ 32 ];
153 0 : FD_TEST( fd_base58_decode_32( "5eykt4UsFv8P8NJdTREpY1vzqKqZKvdpKuc147dw2N9d", mainnet_hash ) );
154 :
155 0 : uchar testnet_hash[ 32 ];
156 0 : FD_TEST( fd_base58_decode_32( "4uhcVJyU9pJkvQyS88uRDiswHXSCkY3zQawwpjk2NsNY", testnet_hash ) );
157 :
158 0 : uchar devnet_hash[ 32 ];
159 0 : FD_TEST( fd_base58_decode_32( "EtWTRABZaYq6iMfeYKouRu166VU2xqa1wcaWoxPkrZBG", devnet_hash ) );
160 :
161 0 : switch( genesis->cluster_type ) {
162 0 : case FD_GENESIS_TYPE_MAINNET: {
163 0 : if( FD_UNLIKELY( memcmp( genesis_hash, mainnet_hash, 32UL ) ) ) {
164 0 : FD_BASE58_ENCODE_32_BYTES( genesis_hash, genesis_hash_b58 );
165 0 : FD_LOG_ERR(( "genesis file `%s` has cluster type MAINNET but unexpected genesis hash `%s`",
166 0 : genesis_path, genesis_hash_b58 ));
167 0 : }
168 0 : break;
169 0 : }
170 0 : case FD_GENESIS_TYPE_TESTNET: {
171 0 : if( FD_UNLIKELY( memcmp( genesis_hash, testnet_hash, 32UL ) ) ) {
172 0 : FD_BASE58_ENCODE_32_BYTES( genesis_hash, genesis_hash_b58 );
173 0 : FD_LOG_ERR(( "genesis file `%s` has cluster type TESTNET but unexpected genesis hash `%s`",
174 0 : genesis_path, genesis_hash_b58 ));
175 0 : }
176 0 : break;
177 0 : }
178 0 : case FD_GENESIS_TYPE_DEVNET: {
179 0 : if( FD_UNLIKELY( memcmp( genesis_hash, devnet_hash, 32UL ) ) ) {
180 0 : FD_BASE58_ENCODE_32_BYTES( genesis_hash, genesis_hash_b58 );
181 0 : FD_LOG_ERR(( "genesis file `%s` has cluster type DEVNET but unexpected genesis hash `%s`",
182 0 : genesis_path, genesis_hash_b58 ));
183 0 : }
184 0 : break;
185 0 : }
186 0 : default:
187 0 : break;
188 0 : }
189 0 : }
190 :
191 : static void
192 : after_credit( fd_genesi_tile_t * ctx,
193 : fd_stem_context_t * stem,
194 : int * opt_poll_in,
195 0 : int * charge_busy ) {
196 0 : (void)opt_poll_in;
197 :
198 0 : if( FD_UNLIKELY( ctx->shutdown ) ) return;
199 :
200 0 : if( FD_LIKELY( ctx->local_genesis ) ) {
201 0 : FD_TEST( -1!=ctx->in_fd );
202 :
203 0 : fd_genesis_t * genesis = fd_type_pun( ctx->genesis );
204 :
205 0 : uchar * dst = fd_chunk_to_laddr( ctx->out_mem, ctx->out_chunk );
206 0 : if( FD_UNLIKELY( ctx->bootstrap ) ) {
207 0 : fd_memcpy( dst, &ctx->lthash->bytes, sizeof(fd_lthash_value_t) );
208 0 : fd_memcpy( dst+sizeof(fd_lthash_value_t), &ctx->genesis_hash, sizeof(fd_hash_t) );
209 0 : fd_memcpy( dst+sizeof(fd_lthash_value_t)+sizeof(fd_hash_t), ctx->genesis, genesis->total_sz );
210 :
211 0 : fd_stem_publish( stem, 0UL, GENESI_SIG_BOOTSTRAP_COMPLETED, ctx->out_chunk, 0UL, 0UL, 0UL, 0UL );
212 0 : ctx->out_chunk = fd_dcache_compact_next( ctx->out_chunk, genesis->total_sz+sizeof(fd_hash_t)+sizeof(fd_lthash_value_t), ctx->out_chunk0, ctx->out_wmark );
213 0 : } else {
214 0 : fd_memcpy( dst, ctx->genesis_hash, sizeof(fd_hash_t) );
215 0 : fd_stem_publish( stem, 0UL, GENESI_SIG_GENESIS_HASH, ctx->out_chunk, sizeof(fd_hash_t), 0UL, 0UL, 0UL );
216 0 : ctx->out_chunk = fd_dcache_compact_next( ctx->out_chunk, sizeof(fd_hash_t), ctx->out_chunk0, ctx->out_wmark );
217 0 : }
218 :
219 0 : *charge_busy = 1;
220 0 : FD_LOG_NOTICE(( "loaded local genesis.bin from file `%s`", ctx->genesis_path ));
221 :
222 0 : ctx->shutdown = 1;
223 0 : } else {
224 0 : uchar * buffer;
225 0 : ulong buffer_sz;
226 0 : fd_ip4_port_t peer;
227 0 : int result = fd_genesis_client_poll( ctx->client, &peer, &buffer, &buffer_sz, charge_busy );
228 0 : if( FD_UNLIKELY( -1==result ) ) FD_LOG_ERR(( "failed to retrieve genesis.bin from any configured gossip entrypoints" ));
229 0 : if( FD_LIKELY( 1==result ) ) return;
230 :
231 0 : uchar * decompressed = ctx->buffer;
232 0 : ulong actual_decompressed_sz = 0UL;
233 0 : # if FD_HAS_BZIP2
234 0 : bz_stream bzstrm = {0};
235 0 : bzstrm.bzalloc = bz2_malloc;
236 0 : bzstrm.bzfree = bz2_free;
237 0 : bzstrm.opaque = ctx->bz2_alloc;
238 0 : int bzerr = BZ2_bzDecompressInit( &bzstrm, 0, 0 );
239 0 : if( FD_UNLIKELY( BZ_OK!=bzerr ) ) FD_LOG_ERR(( "BZ2_bzDecompressInit() failed (%d)", bzerr ));
240 :
241 0 : ulong decompressed_sz = FD_GENESIS_MAX_MESSAGE_SIZE;
242 :
243 0 : bzstrm.next_in = (char *)buffer;
244 0 : bzstrm.avail_in = (uint)buffer_sz;
245 0 : bzstrm.next_out = (char *)decompressed;
246 0 : bzstrm.avail_out = (uint)decompressed_sz;
247 0 : bzerr = BZ2_bzDecompress( &bzstrm );
248 0 : if( FD_UNLIKELY( BZ_STREAM_END!=bzerr ) ) FD_LOG_ERR(( "BZ2_bzDecompress() failed (%d)", bzerr ));
249 :
250 0 : actual_decompressed_sz = decompressed_sz - (ulong)bzstrm.avail_out;
251 : # else
252 : FD_LOG_ERR(( "This build does not include bzip2, which is required to boot from genesis.\n"
253 : "To install bzip2, re-run ./deps.sh +dev, make distclean, and make -j" ));
254 : # endif
255 :
256 0 : FD_TEST( actual_decompressed_sz>=512UL );
257 :
258 0 : fd_tar_meta_t const * meta = (fd_tar_meta_t const *)decompressed;
259 0 : FD_TEST( !strcmp( meta->name, "genesis.bin" ) );
260 0 : FD_TEST( actual_decompressed_sz>=512UL+fd_tar_meta_get_size( meta ) );
261 :
262 0 : uchar hash[ 32UL ];
263 0 : fd_sha256_hash( decompressed+512UL, fd_tar_meta_get_size( meta ), hash );
264 :
265 : /* Can't verify expected_shred_version here because it needs to be
266 : mixed in with hard_forks from the snapshot. Replay tile will
267 : combine them and do this verification. */
268 :
269 0 : if( FD_LIKELY( ctx->has_expected_genesis_hash && memcmp( hash, ctx->expected_genesis_hash, 32UL ) ) ) {
270 0 : FD_BASE58_ENCODE_32_BYTES( ctx->expected_genesis_hash, expected_genesis_hash_b58 );
271 0 : FD_BASE58_ENCODE_32_BYTES( hash, hash_b58 );
272 0 : FD_LOG_ERR(( "An expected genesis hash of `%s` has been set in your configuration file at [consensus.expected_genesis_hash] "
273 0 : "but the genesis hash derived from the peer at `http://" FD_IP4_ADDR_FMT ":%hu` has unexpected hash `%s`",
274 0 : expected_genesis_hash_b58, FD_IP4_ADDR_FMT_ARGS( peer.addr ), fd_ushort_bswap( peer.port ), hash_b58 ));
275 0 : }
276 :
277 0 : FD_TEST( !ctx->bootstrap );
278 0 : ulong size = fd_tar_meta_get_size( meta );
279 :
280 0 : fd_genesis_t * genesis = fd_genesis_parse( ctx->genesis, decompressed+512UL, size );
281 0 : if( FD_UNLIKELY( !genesis ) ) {
282 0 : FD_LOG_ERR(( "unable to decode downloaded solana genesis file due to violated hardcoded limits" ));
283 0 : }
284 :
285 0 : verify_cluster_type( genesis, hash, ctx->genesis_path );
286 :
287 0 : uchar * dst = fd_chunk_to_laddr( ctx->out_mem, ctx->out_chunk );
288 0 : fd_memcpy( dst, hash, sizeof(fd_hash_t) );
289 0 : FD_BASE58_ENCODE_32_BYTES( dst, dst_b58 );
290 0 : FD_LOG_WARNING(( "Genesis hash from peer: %s", dst_b58 ));
291 0 : fd_stem_publish( stem, 0UL, GENESI_SIG_GENESIS_HASH, ctx->out_chunk, 32UL, 0UL, 0UL, 0UL );
292 0 : ctx->out_chunk = fd_dcache_compact_next( ctx->out_chunk, sizeof(fd_hash_t), ctx->out_chunk0, ctx->out_wmark );
293 :
294 0 : ulong bytes_written = 0UL;
295 0 : while( bytes_written<fd_tar_meta_get_size( meta ) ) {
296 0 : long result = write( ctx->out_fd, decompressed+512UL+bytes_written, fd_tar_meta_get_size( meta )-bytes_written );
297 0 : if( FD_UNLIKELY( -1==result ) ) FD_LOG_ERR(( "write() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
298 0 : bytes_written += (ulong)result;
299 0 : }
300 :
301 0 : char basename[ PATH_MAX ];
302 0 : const char * last_slash = strrchr( ctx->genesis_path, '/' );
303 0 : if( FD_LIKELY( last_slash ) ) FD_TEST( fd_cstr_printf_check( basename, PATH_MAX, NULL, "%s", last_slash+1UL ) );
304 0 : else FD_TEST( fd_cstr_printf_check( basename, PATH_MAX, NULL, "%s", ctx->genesis_path ) );
305 :
306 0 : char basename_partial[ PATH_MAX ];
307 0 : FD_TEST( fd_cstr_printf_check( basename_partial, PATH_MAX, NULL, "%s.partial", basename ) );
308 :
309 0 : int err = renameat2( ctx->out_dir_fd, basename_partial, ctx->out_dir_fd, basename, RENAME_NOREPLACE );
310 0 : if( FD_UNLIKELY( -1==err ) ) FD_LOG_ERR(( "renameat2() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
311 :
312 0 : FD_LOG_NOTICE(( "retrieved genesis `%s` from peer at http://" FD_IP4_ADDR_FMT ":%hu/genesis.tar.bz2",
313 0 : ctx->genesis_path, FD_IP4_ADDR_FMT_ARGS( peer.addr ), peer.port ));
314 :
315 0 : ctx->shutdown = 1;
316 0 : }
317 0 : }
318 :
319 : static void
320 : process_local_genesis( fd_genesi_tile_t * ctx,
321 0 : char const * genesis_path ) {
322 0 : struct stat st;
323 0 : int err = fstat( ctx->in_fd, &st );
324 0 : if( FD_UNLIKELY( -1==err ) ) FD_LOG_ERR(( "stat() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
325 :
326 0 : ulong size = (ulong)st.st_size;
327 :
328 0 : if( FD_UNLIKELY( size>sizeof(ctx->buffer) ) ) FD_LOG_ERR(( "genesis file `%s` too large (%lu bytes, max %lu)", genesis_path, size, (ulong)sizeof(ctx->buffer) ));
329 :
330 0 : ulong bytes_read = 0UL;
331 0 : while( bytes_read<size ) {
332 0 : long result = read( ctx->in_fd, ctx->buffer+bytes_read, size-bytes_read );
333 0 : if( FD_UNLIKELY( -1==result ) ) FD_LOG_ERR(( "read() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
334 0 : if( FD_UNLIKELY( !result ) ) FD_LOG_ERR(( "read() returned 0 before reading full file" ));
335 0 : bytes_read += (ulong)result;
336 0 : }
337 :
338 0 : FD_TEST( bytes_read==size );
339 :
340 0 : if( FD_UNLIKELY( -1==close( ctx->in_fd ) ) ) FD_LOG_ERR(( "close() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
341 :
342 0 : fd_genesis_t * genesis = fd_genesis_parse( ctx->genesis, ctx->buffer, size );
343 0 : if( FD_UNLIKELY( !genesis ) ) {
344 0 : FD_LOG_ERR(( "unable to decode solana genesis from local file due to violated hardcoded limits" ));
345 0 : }
346 :
347 0 : union {
348 0 : uchar c[ 32 ];
349 0 : ushort s[ 16 ];
350 0 : } hash;
351 0 : fd_sha256_hash( ctx->buffer, size, hash.c );
352 :
353 0 : verify_cluster_type( genesis, hash.c, genesis_path );
354 :
355 0 : fd_memcpy( ctx->genesis_hash, hash.c, 32UL );
356 :
357 0 : if( FD_UNLIKELY( ctx->bootstrap && ctx->expected_shred_version ) ) {
358 0 : ushort xor = 0;
359 0 : for( ulong i=0UL; i<16UL; i++ ) xor ^= hash.s[ i ];
360 :
361 0 : xor = fd_ushort_bswap( xor );
362 0 : xor = fd_ushort_if( xor<USHORT_MAX, (ushort)(xor + 1), USHORT_MAX );
363 :
364 0 : FD_TEST( xor );
365 :
366 0 : if( FD_UNLIKELY( xor!=ctx->expected_shred_version ) ) {
367 0 : FD_LOG_ERR(( "This node is bootstrapping the cluster as it has no gossip entrypoints provided, but "
368 0 : "a [consensus.expected_shred_version] of %hu is provided which does not match the shred "
369 0 : "version of %hu computed from the genesis.bin file at `%s`",
370 0 : ctx->expected_shred_version, xor, genesis_path ));
371 0 : }
372 0 : }
373 :
374 0 : if( FD_LIKELY( ctx->has_expected_genesis_hash && memcmp( ctx->genesis_hash, ctx->expected_genesis_hash, 32UL ) ) ) {
375 0 : FD_BASE58_ENCODE_32_BYTES( ctx->expected_genesis_hash, expected_genesis_hash_b58 );
376 0 : FD_BASE58_ENCODE_32_BYTES( ctx->genesis_hash, genesis_hash_b58 );
377 0 : FD_LOG_ERR(( "An expected genesis hash of `%s` has been set in your configuration file at [consensus.expected_genesis_hash] "
378 0 : "but the genesis hash derived from the genesis file at `%s` has unexpected hash (expected `%s`)", expected_genesis_hash_b58, genesis_path, genesis_hash_b58 ));
379 0 : }
380 0 : }
381 :
382 : static void
383 : privileged_init( fd_topo_t * topo,
384 0 : fd_topo_tile_t * tile ) {
385 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
386 :
387 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
388 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
389 0 : fd_genesis_client_t * _client = FD_SCRATCH_ALLOC_APPEND( l, fd_genesis_client_align(), fd_genesis_client_footprint() );
390 :
391 0 : ctx->local_genesis = 1;
392 0 : ctx->in_fd = open( tile->genesi.genesis_path, O_RDONLY|O_CLOEXEC );
393 0 : if( FD_UNLIKELY( -1==ctx->in_fd ) ) {
394 0 : if( FD_LIKELY( errno==ENOENT ) ) {
395 0 : FD_LOG_INFO(( "no local genesis.bin file found at `%s`", tile->genesi.genesis_path ));
396 :
397 0 : if( FD_UNLIKELY( !tile->genesi.entrypoints_cnt ) ) {
398 0 : FD_LOG_ERR(( "This node is bootstrapping the cluster as it has no gossip entrypoints provided, but "
399 0 : "the genesis.bin file at `%s` does not exist. Please provide a valid genesis.bin "
400 0 : "file by running genesis, or join an existing cluster.",
401 0 : tile->genesi.genesis_path ));
402 0 : } else {
403 0 : if( FD_UNLIKELY( !tile->genesi.allow_download ) ) {
404 0 : FD_LOG_ERR(( "There is no genesis.bin file at `%s` and automatic downloading is disabled as "
405 0 : "genesis_download is false in your configuration file. Please either provide a valid "
406 0 : "genesis.bin file locally, or allow donwloading from a gossip entrypoint.",
407 0 : tile->genesi.genesis_path ));
408 0 : } else {
409 0 : char basename[ PATH_MAX ];
410 0 : strncpy( basename, tile->genesi.genesis_path, PATH_MAX );
411 0 : char * last_slash = strrchr( basename, '/' );
412 0 : if( FD_LIKELY( last_slash ) ) *last_slash = '\0';
413 :
414 0 : ctx->out_dir_fd = open( basename, O_RDONLY|O_CLOEXEC|O_DIRECTORY );
415 0 : if( FD_UNLIKELY( -1==ctx->out_dir_fd ) ) FD_LOG_ERR(( "open() failed for genesis dir `%s` (%i-%s)", basename, errno, fd_io_strerror( errno ) ));
416 :
417 : /* Switch to non-root uid/gid for file creation. Permissions checks
418 : are still done as root. */
419 0 : gid_t gid = getgid();
420 0 : uid_t uid = getuid();
421 0 : if( FD_LIKELY( !gid && -1==syscall( __NR_setresgid, -1, tile->genesi.target_gid, -1 ) ) ) FD_LOG_ERR(( "setresgid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
422 0 : if( FD_LIKELY( !uid && -1==syscall( __NR_setresuid, -1, tile->genesi.target_uid, -1 ) ) ) FD_LOG_ERR(( "setresuid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
423 :
424 0 : char partialname[ PATH_MAX ];
425 0 : FD_TEST( fd_cstr_printf_check( partialname, PATH_MAX, NULL, "%s.partial", tile->genesi.genesis_path ) );
426 0 : ctx->out_fd = openat( ctx->out_dir_fd, "genesis.bin.partial", O_CREAT|O_WRONLY|O_CLOEXEC|O_TRUNC, S_IRUSR|S_IWUSR );
427 0 : if( FD_UNLIKELY( -1==ctx->out_fd ) ) FD_LOG_ERR(( "openat() failed for genesis file `%s` (%i-%s)", partialname, errno, fd_io_strerror( errno ) ));
428 :
429 0 : if( FD_UNLIKELY( -1==syscall( __NR_setresuid, -1, uid, -1 ) ) ) FD_LOG_ERR(( "setresuid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
430 0 : if( FD_UNLIKELY( -1==syscall( __NR_setresgid, -1, gid, -1 ) ) ) FD_LOG_ERR(( "setresgid() failed (%i-%s)", errno, fd_io_strerror( errno ) ));
431 :
432 0 : ctx->local_genesis = 0;
433 0 : ctx->client = fd_genesis_client_join( fd_genesis_client_new( _client ) );
434 0 : FD_TEST( ctx->client );
435 0 : fd_genesis_client_init( ctx->client, tile->genesi.entrypoints, tile->genesi.entrypoints_cnt );
436 0 : }
437 0 : }
438 0 : } else {
439 0 : FD_LOG_ERR(( "could not open genesis.bin file at `%s` (%i-%s)", tile->genesi.genesis_path, errno, fd_io_strerror( errno ) ));
440 0 : }
441 0 : }
442 0 : }
443 :
444 : static void
445 : unprivileged_init( fd_topo_t * topo,
446 0 : fd_topo_tile_t * tile ) {
447 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
448 :
449 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
450 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
451 0 : FD_SCRATCH_ALLOC_APPEND( l, fd_genesis_client_align(), fd_genesis_client_footprint() );
452 0 : void * _alloc = FD_SCRATCH_ALLOC_APPEND( l, fd_alloc_align(), fd_alloc_footprint() );
453 :
454 0 : FD_TEST( fd_accdb_admin_join ( ctx->accdb_admin, fd_topo_obj_laddr( topo, tile->genesi.funk_obj_id ) ) );
455 0 : FD_TEST( fd_accdb_user_v1_init( ctx->accdb, fd_topo_obj_laddr( topo, tile->genesi.funk_obj_id ) ) );
456 :
457 0 : fd_lthash_zero( ctx->lthash );
458 :
459 0 : ctx->shutdown = 0;
460 0 : ctx->bootstrap = !tile->genesi.entrypoints_cnt;
461 0 : ctx->expected_shred_version = tile->genesi.expected_shred_version;
462 0 : ctx->has_expected_genesis_hash = tile->genesi.has_expected_genesis_hash;
463 0 : fd_memcpy( ctx->expected_genesis_hash, tile->genesi.expected_genesis_hash, 32UL );
464 0 : if( FD_LIKELY( -1!=ctx->in_fd ) ) {
465 0 : process_local_genesis( ctx, tile->genesi.genesis_path );
466 0 : if( FD_UNLIKELY( ctx->bootstrap ) ) initialize_accdb( ctx );
467 0 : }
468 :
469 0 : FD_TEST( fd_cstr_printf_check( ctx->genesis_path, PATH_MAX, NULL, "%s", tile->genesi.genesis_path ) );
470 :
471 0 : ctx->out_mem = topo->workspaces[ topo->objs[ topo->links[ tile->out_link_id[ 0 ] ].dcache_obj_id ].wksp_id ].wksp;
472 0 : ctx->out_chunk0 = fd_dcache_compact_chunk0( ctx->out_mem, topo->links[ tile->out_link_id[ 0 ] ].dcache );
473 0 : ctx->out_wmark = fd_dcache_compact_wmark ( ctx->out_mem, topo->links[ tile->out_link_id[ 0 ] ].dcache, topo->links[ tile->out_link_id[ 0 ] ].mtu );
474 0 : ctx->out_chunk = ctx->out_chunk0;
475 :
476 0 : ctx->bz2_alloc = fd_alloc_join( fd_alloc_new( _alloc, 1UL ), 1UL );
477 0 : FD_TEST( ctx->bz2_alloc );
478 :
479 0 : ulong scratch_top = FD_SCRATCH_ALLOC_FINI( l, 1UL );
480 0 : if( FD_UNLIKELY( scratch_top > (ulong)scratch + scratch_footprint( tile ) ) )
481 0 : FD_LOG_ERR(( "scratch overflow %lu %lu %lu", scratch_top - (ulong)scratch - scratch_footprint( tile ), scratch_top, (ulong)scratch + scratch_footprint( tile ) ));
482 0 : }
483 :
484 : static ulong
485 : rlimit_file_cnt( fd_topo_t const * topo FD_PARAM_UNUSED,
486 0 : fd_topo_tile_t const * tile ) {
487 0 : return 1UL + /* stderr */
488 0 : 1UL + /* logfile */
489 0 : 1UL + /* genesis file */
490 0 : 1UL + /* genesis dir */
491 0 : tile->genesi.entrypoints_cnt; /* for the client */
492 0 : }
493 :
494 : static ulong
495 : populate_allowed_seccomp( fd_topo_t const * topo,
496 : fd_topo_tile_t const * tile,
497 : ulong out_cnt,
498 0 : struct sock_filter * out ) {
499 :
500 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
501 :
502 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
503 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
504 :
505 0 : uint in_fd, out_fd, out_dir_fd;
506 0 : if( FD_LIKELY( -1!=ctx->in_fd ) ) {
507 0 : in_fd = (uint)ctx->in_fd;
508 0 : out_fd = (uint)-1;
509 0 : out_dir_fd = (uint)-1;
510 0 : } else {
511 0 : in_fd = (uint)-1;
512 0 : out_fd = (uint)ctx->out_fd;
513 0 : out_dir_fd = (uint)ctx->out_dir_fd;
514 0 : }
515 :
516 0 : populate_sock_filter_policy_fd_genesi_tile( out_cnt, out, (uint)fd_log_private_logfile_fd(), in_fd, out_fd, out_dir_fd );
517 0 : return sock_filter_policy_fd_genesi_tile_instr_cnt;
518 0 : }
519 :
520 : static ulong
521 : populate_allowed_fds( fd_topo_t const * topo,
522 : fd_topo_tile_t const * tile,
523 : ulong out_fds_cnt,
524 0 : int * out_fds ) {
525 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
526 :
527 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
528 0 : fd_genesi_tile_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_genesi_tile_t ), sizeof( fd_genesi_tile_t ) );
529 :
530 0 : if( FD_UNLIKELY( out_fds_cnt<tile->genesi.entrypoints_cnt+5UL ) ) FD_LOG_ERR(( "out_fds_cnt %lu", out_fds_cnt ));
531 :
532 0 : ulong out_cnt = 0UL;
533 0 : out_fds[ out_cnt++ ] = 2; /* stderr */
534 0 : if( FD_LIKELY( -1!=fd_log_private_logfile_fd() ) )
535 0 : out_fds[ out_cnt++ ] = fd_log_private_logfile_fd(); /* logfile */
536 :
537 0 : if( FD_UNLIKELY( -1==ctx->in_fd ) ) {
538 0 : FD_TEST( -1!=ctx->out_dir_fd );
539 0 : FD_TEST( -1!=ctx->out_fd );
540 0 : out_fds[ out_cnt++ ] = ctx->out_dir_fd;
541 0 : out_fds[ out_cnt++ ] = ctx->out_fd;
542 :
543 0 : for( ulong i=0UL; i<tile->genesi.entrypoints_cnt; i++ ) {
544 0 : int fd = fd_genesis_client_get_pollfds( ctx->client )[ i ].fd;
545 0 : if( FD_LIKELY( -1!=fd ) ) out_fds[ out_cnt++ ] = fd;
546 0 : }
547 0 : } else {
548 0 : FD_TEST( -1!=ctx->in_fd );
549 0 : out_fds[ out_cnt++ ] = ctx->in_fd;
550 0 : }
551 :
552 0 : return out_cnt;
553 0 : }
554 :
555 0 : #define STEM_BURST (1UL)
556 :
557 0 : #define STEM_CALLBACK_CONTEXT_TYPE fd_genesi_tile_t
558 0 : #define STEM_CALLBACK_CONTEXT_ALIGN alignof(fd_genesi_tile_t)
559 :
560 0 : #define STEM_CALLBACK_AFTER_CREDIT after_credit
561 : #define STEM_CALLBACK_SHOULD_SHUTDOWN should_shutdown
562 :
563 : #include "../../disco/stem/fd_stem.c"
564 :
565 : fd_topo_run_tile_t fd_tile_genesi = {
566 : .name = "genesi",
567 : .rlimit_file_cnt_fn = rlimit_file_cnt,
568 : .allow_connect = 1,
569 : .allow_renameat = 1,
570 : .populate_allowed_seccomp = populate_allowed_seccomp,
571 : .populate_allowed_fds = populate_allowed_fds,
572 : .loose_footprint = loose_footprint,
573 : .scratch_align = scratch_align,
574 : .scratch_footprint = scratch_footprint,
575 : .privileged_init = privileged_init,
576 : .unprivileged_init = unprivileged_init,
577 : .run = stem_run,
578 : };
|
