Line data Source code
1 : #ifndef HEADER_fd_src_flamenco_runtime_fd_borrowed_account_h 2 : #define HEADER_fd_src_flamenco_runtime_fd_borrowed_account_h 3 : 4 : #include "fd_bank.h" 5 : #include "fd_executor_err.h" 6 : #include "sysvar/fd_sysvar_rent.h" 7 : 8 0 : #define MAX_PERMITTED_DATA_LENGTH (FD_RUNTIME_ACC_SZ_MAX) /* 10MiB */ 9 : #define MAX_PERMITTED_ACCOUNT_DATA_ALLOCS_PER_TXN (10UL<<21) /* 20MiB */ 10 : 11 : /* TODO: Not all Agave Borrowed Account API functions are implemented here */ 12 : 13 : /* TODO: check that borrow is active when calling these APIs */ 14 : 15 : struct fd_borrowed_account { 16 : ulong magic; 17 : fd_txn_account_t * acct; 18 : fd_exec_instr_ctx_t const * instr_ctx; 19 : 20 : /* index_in_instruction will be USHORT_MAX for borrowed program accounts because 21 : they are not stored in the list of instruction accounts in the instruction context */ 22 : ushort index_in_instruction; 23 : }; 24 : typedef struct fd_borrowed_account fd_borrowed_account_t; 25 : 26 0 : #define FD_BORROWED_ACCOUNT_MAGIC (0xFDB07703ACC736C0UL) /* FD BORROW ACCT MGC version 0 */ 27 : /* prevents borrowed accounts from going out of scope without releasing a borrow */ 28 0 : #define fd_guarded_borrowed_account_t __attribute__((cleanup(fd_borrowed_account_destroy))) fd_borrowed_account_t 29 : 30 : FD_PROTOTYPES_BEGIN 31 : 32 : /* Constructor */ 33 : 34 : static inline void 35 : fd_borrowed_account_init( fd_borrowed_account_t * borrowed_acct, 36 : fd_txn_account_t * acct, 37 : fd_exec_instr_ctx_t const * instr_ctx, 38 0 : ushort index_in_instruction ) { 39 0 : borrowed_acct->acct = acct; 40 0 : borrowed_acct->instr_ctx = instr_ctx; 41 0 : borrowed_acct->index_in_instruction = index_in_instruction; 42 : 43 0 : FD_COMPILER_MFENCE(); 44 0 : borrowed_acct->magic = FD_BORROWED_ACCOUNT_MAGIC; 45 0 : FD_COMPILER_MFENCE(); 46 0 : } 47 : 48 : /* Drop mirrors the behavior of rust's std::mem::drop on mutable borrows. 49 : Releases the acquired write on the borrowed account object. */ 50 : 51 : static inline void 52 0 : fd_borrowed_account_drop( fd_borrowed_account_t * borrowed_acct ) { 53 0 : fd_txn_account_drop( borrowed_acct->acct ); 54 0 : } 55 : 56 : /* Destructor */ 57 : 58 : static inline void 59 0 : fd_borrowed_account_destroy( fd_borrowed_account_t * borrowed_acct ) { 60 0 : if( FD_LIKELY( borrowed_acct->magic == FD_BORROWED_ACCOUNT_MAGIC ) ) { 61 0 : fd_borrowed_account_drop( borrowed_acct ); 62 0 : } 63 : 64 0 : FD_COMPILER_MFENCE(); 65 0 : FD_VOLATILE( borrowed_acct->magic ) = 0UL; 66 0 : FD_COMPILER_MFENCE(); 67 : 68 0 : borrowed_acct = NULL; 69 0 : } 70 : 71 : /* Getters */ 72 : 73 : /* fd_borrowed_account_get_data mirrors Agave function 74 : solana_sdk::transaction_context::BorrowedAccount::get_data. 75 : 76 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L817 */ 77 : 78 : static inline uchar const * 79 0 : fd_borrowed_account_get_data( fd_borrowed_account_t const * borrowed_acct ) { 80 0 : return fd_txn_account_get_data( borrowed_acct->acct ); 81 0 : } 82 : 83 : static inline ulong 84 0 : fd_borrowed_account_get_data_len( fd_borrowed_account_t const * borrowed_acct ) { 85 0 : return fd_txn_account_get_data_len( borrowed_acct->acct ); 86 0 : } 87 : 88 : /* fd_borrowed_account_get_data_mut mirrors Agave function 89 : solana_sdk::transaction_context::BorrowedAccount::get_data_mut. 90 : 91 : Returns a writable slice of the account data (transaction wide). 92 : Acquires a writable handle. This function assumes that the relevant 93 : borrowed has already acquired exclusive write access. 94 : 95 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L823 */ 96 : 97 : int 98 : fd_borrowed_account_get_data_mut( fd_borrowed_account_t * borrowed_acct, 99 : uchar * * data_out, 100 : ulong * dlen_out ); 101 : 102 : static inline fd_pubkey_t const * 103 0 : fd_borrowed_account_get_owner( fd_borrowed_account_t const * borrowed_acct ) { 104 0 : return fd_txn_account_get_owner( borrowed_acct->acct ); 105 0 : } 106 : 107 : /* fd_borrowed_account_get_lamports mirrors Agave function 108 : solana_sdk::transaction_context::BorrowedAccount::get_lamports. 109 : 110 : Returns current number of lamports in account. Well behaved if meta 111 : is NULL. 112 : 113 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L767 */ 114 : 115 : static inline ulong 116 0 : fd_borrowed_account_get_lamports( fd_borrowed_account_t const * borrowed_acct ) { 117 0 : return fd_txn_account_get_lamports( borrowed_acct->acct ); 118 0 : } 119 : 120 : /* fd_borrowed_account_get_rent_epoch mirrors Agave function 121 : solana_sdk::transaction_context::BorrowedAccount::get_rent_epoch. 122 : 123 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1034 */ 124 : 125 : static inline ulong 126 0 : fd_borrowed_account_get_rent_epoch( fd_borrowed_account_t const * borrowed_acct ) { 127 0 : return fd_txn_account_get_rent_epoch( borrowed_acct->acct ); 128 0 : } 129 : 130 : static inline fd_account_meta_t const * 131 0 : fd_borrowed_account_get_acc_meta( fd_borrowed_account_t const * borrowed_acct ) { 132 0 : return fd_txn_account_get_meta( borrowed_acct->acct ); 133 0 : } 134 : 135 : /* Setters */ 136 : 137 : /* fd_borrowed_account_set_owner mirrors Agave function 138 : solana_sdk::transaction_context::BorrowedAccount::set_owner. 139 : 140 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L739 */ 141 : 142 : int 143 : fd_borrowed_account_set_owner( fd_borrowed_account_t * borrowed_acct, 144 : fd_pubkey_t const * owner ); 145 : 146 : /* fd_borrowed_account_set_lamports mirrors Agave function 147 : solana_sdk::transaction_context::BorrowedAccount::set_lamports. 148 : 149 : Runs through a sequence of permission checks, then sets the account 150 : balance. Does not update global capitalization. On success, returns 151 : 0 and updates meta->lamports. On failure, returns an 152 : FD_EXECUTOR_INSTR_ERR_{...} code. Acquires a writable handle. 153 : 154 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L773 */ 155 : 156 : int 157 : fd_borrowed_account_set_lamports( fd_borrowed_account_t * borrowed_acct, 158 : ulong lamports ); 159 : 160 : /* fd_borrowed_account_set_data_from_slice mirrors Agave function 161 : solana_sdk::transaction_context::BorrowedAccount::set_data_from_slice. 162 : 163 : In the firedancer client, it also mirrors the Agave function 164 : solana_sdk::transaction_context::BorrowedAccount::set_data. 165 : Assumes that destination account already has enough space to fit 166 : data. Acquires a writable handle. 167 : 168 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L864 */ 169 : 170 : int 171 : fd_borrowed_account_set_data_from_slice( fd_borrowed_account_t * borrowed_acct, 172 : uchar const * data, 173 : ulong data_sz ); 174 : 175 : /* fd_borrowed_account_set_data_length mirrors Agave function 176 : solana_sdk::transaction_context::BorrowedAccount::set_data_length. 177 : 178 : Acquires a writable handle. Returns 0 on success. 179 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L882 */ 180 : 181 : int 182 : fd_borrowed_account_set_data_length( fd_borrowed_account_t * borrowed_acct, 183 : ulong new_len ); 184 : 185 : /* fd_borrowed_account_set_executable mirrors Agave function 186 : solana_sdk::transaction_context::BorrowedAccount::set_executable. 187 : 188 : Returns FD_EXECUTOR_INSTR_SUCCESS if the set is successful. 189 : 190 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L10015 */ 191 : 192 : int 193 : fd_borrowed_account_set_executable( fd_borrowed_account_t * borrowed_acct, 194 : int is_executable ); 195 : 196 : /* Operators */ 197 : 198 : /* fd_borrowed_account_checked_add_lamports mirros Agave function 199 : solana_sdk::transaction_context::BorrowedAccount::checked_add_lamports. 200 : 201 : Does not update global capitalization. Returns 0 on 202 : success or an FD_EXECUTOR_INSTR_ERR_{...} code on failure. 203 : Gracefully handles underflow. 204 : 205 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L797 */ 206 : 207 : static inline int 208 : fd_borrowed_account_checked_add_lamports( fd_borrowed_account_t * borrowed_acct, 209 0 : ulong lamports ) { 210 0 : ulong balance_post = 0UL; 211 0 : int err = fd_ulong_checked_add( fd_txn_account_get_lamports( borrowed_acct->acct ), 212 0 : lamports, 213 0 : &balance_post ); 214 0 : if( FD_UNLIKELY( err ) ) { 215 0 : return FD_EXECUTOR_INSTR_ERR_ARITHMETIC_OVERFLOW; 216 0 : } 217 : 218 0 : return fd_borrowed_account_set_lamports( borrowed_acct, balance_post ); 219 0 : } 220 : 221 : /* fd_borrowed_account_checked_sub_lamports mirrors Agave function 222 : solana_sdk::transaction_context::BorrowedAccount::checked_sub_lamports. 223 : 224 : Does not update global capitalization. Returns 0 on 225 : success or an FD_EXECUTOR_INSTR_ERR_{...} code on failure. 226 : Gracefully handles underflow. 227 : 228 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L807 */ 229 : 230 : static inline int 231 : fd_borrowed_account_checked_sub_lamports( fd_borrowed_account_t * borrowed_acct, 232 0 : ulong lamports ) { 233 0 : ulong balance_post = 0UL; 234 0 : int err = fd_ulong_checked_sub( fd_txn_account_get_lamports( borrowed_acct->acct ), 235 0 : lamports, 236 0 : &balance_post ); 237 0 : if( FD_UNLIKELY( err ) ) { 238 0 : return FD_EXECUTOR_INSTR_ERR_ARITHMETIC_OVERFLOW; 239 0 : } 240 : 241 0 : return fd_borrowed_account_set_lamports( borrowed_acct, balance_post ); 242 0 : } 243 : 244 : /* fd_borrowed_account_update_acounts_resize_delta mirrors Agave function 245 : solana_sdk::transaction_context:BorrowedAccount::update_accounts_resize_delta. 246 : 247 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1123 */ 248 : 249 : int 250 : fd_borrowed_account_update_accounts_resize_delta( fd_borrowed_account_t * borrowed_acct, 251 : ulong new_len, 252 : int * err ); 253 : 254 : /* Accessors */ 255 : 256 : /* fd_borrowed_account_is_rent_exempt_at_data_length mirrors Agave function 257 : solana_sdk::transaction_context::BorrowedAccount::is_rent_exempt_at_data_length. 258 : 259 : Returns 1 if an account is rent exempt at it's current data length. 260 : 261 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L987 */ 262 : 263 : static inline int 264 0 : fd_borrowed_account_is_rent_exempt_at_data_length( fd_borrowed_account_t const * borrowed_acct ) { 265 0 : fd_txn_account_t * acct = borrowed_acct->acct; 266 0 : if( FD_UNLIKELY( !fd_txn_account_get_meta( acct ) ) ) FD_LOG_ERR(( "account is not setup" )); 267 0 : 268 0 : /* TODO: Add an is_exempt rent API to better match Agave and clean up code 269 0 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L990 */ 270 0 : fd_rent_t const * rent = fd_bank_rent_query( borrowed_acct->instr_ctx->txn_ctx->bank ); 271 0 : ulong min_balance = fd_rent_exempt_minimum_balance( rent, fd_txn_account_get_data_len( acct ) ); 272 0 : return fd_txn_account_get_lamports( acct )>=min_balance; 273 0 : } 274 : 275 : /* fd_borrowed_account_is_executable mirrors Agave function 276 : solana_sdk::transaction_context::BorrowedAccount::is_executable. 277 : 278 : Returns 1 if the given account has the 279 : executable flag set. Otherwise, returns 0. 280 : 281 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L995 */ 282 : 283 : FD_FN_PURE static inline int 284 0 : fd_borrowed_account_is_executable( fd_borrowed_account_t const * borrowed_acct ) { 285 0 : return fd_txn_account_is_executable( borrowed_acct->acct ); 286 0 : } 287 : 288 : /* fd_borrowed_account_is_executable_internal is a private function for deprecating the `is_executable` flag. 289 : It returns true if the `remove_accounts_executable_flag_checks` feature is inactive AND fd_account_is_executable 290 : return true. This is newly used in account modification logic to eventually allow "executable" accounts to be 291 : modified. 292 : 293 : https://github.com/anza-xyz/agave/blob/89872fdb074e6658646b2b57a299984f0059cc84/sdk/transaction-context/src/lib.rs#L1052-L1060 */ 294 : 295 : FD_FN_PURE static inline int 296 0 : fd_borrowed_account_is_executable_internal( fd_borrowed_account_t const * borrowed_acct ) { 297 0 : return !FD_FEATURE_ACTIVE( borrowed_acct->instr_ctx->txn_ctx->slot, &borrowed_acct->instr_ctx->txn_ctx->features, remove_accounts_executable_flag_checks ) && 298 0 : fd_borrowed_account_is_executable( borrowed_acct ); 299 0 : } 300 : 301 : FD_FN_PURE static inline int 302 0 : fd_borrowed_account_is_mutable( fd_borrowed_account_t const * borrowed_acct ) { 303 0 : return fd_txn_account_is_mutable( borrowed_acct->acct ); 304 0 : } 305 : 306 : /* fd_borrowed_account_is_signer mirrors the Agave function 307 : solana_sdk::transaction_context::BorrowedAccount::is_signer. 308 : Returns 1 if the account is a signer or is writable and 0 otherwise. 309 : 310 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1039 */ 311 : 312 : static inline int 313 0 : fd_borrowed_account_is_signer( fd_borrowed_account_t const * borrowed_acct ) { 314 0 : fd_exec_instr_ctx_t const * instr_ctx = borrowed_acct->instr_ctx; 315 0 : fd_instr_info_t const * instr = instr_ctx->instr; 316 : 317 0 : if( FD_UNLIKELY( borrowed_acct->index_in_instruction>=instr_ctx->instr->acct_cnt ) ) { 318 0 : return 0; 319 0 : } 320 : 321 0 : return fd_instr_acc_is_signer_idx( instr, borrowed_acct->index_in_instruction ); 322 0 : } 323 : 324 : /* fd_borrowed_account_is_writer mirrors the Agave function 325 : solana_sdk::transaction_context::BorrowedAccount::is_writer. 326 : Returns 1 if the account is a signer or is writable and 0 otherwise. 327 : 328 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1052 */ 329 : 330 : static inline int 331 0 : fd_borrowed_account_is_writable( fd_borrowed_account_t const * borrowed_acct ) { 332 0 : fd_exec_instr_ctx_t const * instr_ctx = borrowed_acct->instr_ctx; 333 0 : fd_instr_info_t const * instr = instr_ctx->instr; 334 : 335 0 : if( FD_UNLIKELY( borrowed_acct->index_in_instruction>=instr_ctx->instr->acct_cnt ) ) { 336 0 : return 0; 337 0 : } 338 : 339 0 : return fd_instr_acc_is_writable_idx( instr, borrowed_acct->index_in_instruction ); 340 0 : } 341 : 342 : /* fd_borrowed_account_is_owned_by_current_program mirrors Agave's 343 : solana_sdk::transaction_context::BorrowedAccount::is_owned_by_current_program. 344 : 345 : Returns 1 if the given 346 : account is owned by the program invoked in the current instruction. 347 : Otherwise, returns 0. 348 : 349 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1065 */ 350 : 351 : FD_FN_PURE static inline int 352 0 : fd_borrowed_account_is_owned_by_current_program( fd_borrowed_account_t const * borrowed_acct ) { 353 0 : fd_pubkey_t const * program_id_pubkey = NULL; 354 0 : int err = fd_exec_instr_ctx_get_last_program_key( borrowed_acct->instr_ctx, &program_id_pubkey ); 355 0 : if( FD_UNLIKELY( err ) ) { 356 0 : return 0; 357 0 : } 358 : 359 0 : return !memcmp( program_id_pubkey->key, 360 0 : fd_txn_account_get_owner( borrowed_acct->acct ), sizeof(fd_pubkey_t) ); 361 0 : } 362 : 363 : /* fd_borrowed_account_can_data_be changed mirrors Agave function 364 : solana_sdk::transaction_context::BorrowedAccount::can_data_be_changed. 365 : 366 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1074 */ 367 : 368 : static inline int 369 : fd_borrowed_account_can_data_be_changed( fd_borrowed_account_t const * borrowed_acct, 370 0 : int * err ) { 371 : /* Only non-executable accounts data can be changed 372 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1076 */ 373 0 : if( FD_UNLIKELY( fd_borrowed_account_is_executable_internal( borrowed_acct ) ) ) { 374 0 : *err = FD_EXECUTOR_INSTR_ERR_EXECUTABLE_DATA_MODIFIED; 375 0 : return 0; 376 0 : } 377 : 378 : /* And only if the account is writable 379 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1080 */ 380 0 : if( FD_UNLIKELY( !fd_borrowed_account_is_writable( borrowed_acct ) ) ) { 381 0 : *err = FD_EXECUTOR_INSTR_ERR_READONLY_DATA_MODIFIED; 382 0 : return 0; 383 0 : } 384 : 385 : /* And only if we are the owner 386 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1084 */ 387 0 : if( FD_UNLIKELY( !fd_borrowed_account_is_owned_by_current_program( borrowed_acct ) ) ) { 388 0 : *err = FD_EXECUTOR_INSTR_ERR_EXTERNAL_DATA_MODIFIED; 389 0 : return 0; 390 0 : } 391 : 392 0 : *err = FD_EXECUTOR_INSTR_SUCCESS; 393 0 : return 1; 394 0 : } 395 : 396 : /* fd_borrowed_account_can_data_be_resized mirrors Agave function 397 : solana_sdk::transaction_context::BorrowedAccount::can_data_be_resized 398 : 399 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1092 */ 400 : 401 : static inline int 402 : fd_borrowed_account_can_data_be_resized( fd_borrowed_account_t const * borrowed_acct, 403 : ulong new_length, 404 0 : int * err ) { 405 0 : fd_txn_account_t * acct = borrowed_acct->acct; 406 : 407 : /* Only the owner can change the length of the data 408 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1095 */ 409 0 : if( FD_UNLIKELY( (fd_txn_account_get_data_len( acct )!=new_length) & 410 0 : (!fd_borrowed_account_is_owned_by_current_program( borrowed_acct )) ) ) { 411 0 : *err = FD_EXECUTOR_INSTR_ERR_ACC_DATA_SIZE_CHANGED; 412 0 : return 0; 413 0 : } 414 : 415 : /* The new length can not exceed the maximum permitted length 416 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1099 */ 417 0 : if( FD_UNLIKELY( new_length>MAX_PERMITTED_DATA_LENGTH ) ) { 418 0 : *err = FD_EXECUTOR_INSTR_ERR_INVALID_REALLOC; 419 0 : return 0; 420 0 : } 421 : 422 : /* The resize can not exceed the per-transaction maximum 423 : https://github.com/anza-xyz/agave/blob/v2.1.14/sdk/src/transaction_context.rs#L1104-L1108 */ 424 0 : ulong length_delta = fd_ulong_sat_sub( new_length, fd_txn_account_get_data_len( acct ) ); 425 0 : ulong new_accounts_resize_delta = fd_ulong_sat_add( borrowed_acct->instr_ctx->txn_ctx->accounts_resize_delta, length_delta ); 426 0 : if( FD_UNLIKELY( new_accounts_resize_delta > MAX_PERMITTED_ACCOUNT_DATA_ALLOCS_PER_TXN ) ) { 427 0 : *err = FD_EXECUTOR_INSTR_ERR_MAX_ACCS_DATA_ALLOCS_EXCEEDED; 428 0 : return 0; 429 0 : } 430 : 431 0 : *err = FD_EXECUTOR_INSTR_SUCCESS; 432 0 : return 1; 433 0 : } 434 : 435 : FD_FN_PURE static inline int 436 0 : fd_borrowed_account_is_zeroed( fd_borrowed_account_t const * borrowed_acct ) { 437 0 : fd_txn_account_t * acct = borrowed_acct->acct; 438 : /* TODO: optimize this */ 439 0 : uchar const * data = fd_txn_account_get_data( acct ); 440 0 : for( ulong i=0UL; i<fd_txn_account_get_data_len( acct ); i++ ) { 441 0 : if( data[i] != 0 ) { 442 0 : return 0; 443 0 : } 444 0 : } 445 0 : return 1; 446 0 : } 447 : 448 : FD_PROTOTYPES_END 449 : 450 : #endif /* HEADER_fd_src_flamenco_runtime_fd_borrowed_account_h */