From 667402531fbb62c44d52cb74d3d5bafd9c962cc4 Mon Sep 17 00:00:00 2001 From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com> Date: Sun, 10 Jan 2021 06:27:27 +0000 Subject: [PATCH] Bail on all CPI errors (bp #14500) (#14506) * Bail on all CPI errors (#14500) * Bail on all CPI errors * whitespace (cherry picked from commit ec48631fc58c85a068d0a5c8c85d595a5f3fffdb) * resolve conflicts Co-authored-by: Jack May --- programs/bpf/c/src/invoke/invoke.c | 37 +++++++------- programs/bpf/c/src/invoked/instruction.h | 15 +++--- programs/bpf/c/src/invoked/invoked.c | 22 ++++---- programs/bpf/rust/invoke/src/lib.rs | 54 ++++++++------------ programs/bpf/rust/invoked/src/instruction.rs | 15 +++--- programs/bpf/rust/invoked/src/processor.rs | 22 ++++---- programs/bpf/tests/programs.rs | 31 ++++++++++- programs/bpf_loader/src/syscalls.rs | 18 ++++--- sdk/src/feature_set.rs | 15 ++++-- 9 files changed, 132 insertions(+), 97 deletions(-) diff --git a/programs/bpf/c/src/invoke/invoke.c b/programs/bpf/c/src/invoke/invoke.c index 80181c8bd1b432..276357c3a066ec 100644 --- a/programs/bpf/c/src/invoke/invoke.c +++ b/programs/bpf/c/src/invoke/invoke.c @@ -14,6 +14,7 @@ static const uint8_t TEST_CAP_SIGNERS = 7; static const uint8_t TEST_ALLOC_ACCESS_VIOLATION = 8; static const uint8_t TEST_INSTRUCTION_DATA_TOO_LARGE = 9; static const uint8_t TEST_INSTRUCTION_META_TOO_LARGE = 10; +static const uint8_t TEST_RETURN_ERROR = 11; static const int MINT_INDEX = 0; static const int ARGUMENT_INDEX = 1; @@ -112,7 +113,7 @@ extern uint64_t entrypoint(const uint8_t *input) { {accounts[INVOKED_ARGUMENT_INDEX].key, true, true}, {accounts[INVOKED_PROGRAM_INDEX].key, false, false}, {accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false}}; - uint8_t data[] = {TEST_VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5}; + uint8_t data[] = {VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -133,18 +134,6 @@ extern uint64_t entrypoint(const uint8_t *input) { sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts))); } - sol_log("Test return error"); - { - SolAccountMeta arguments[] = {{accounts[ARGUMENT_INDEX].key, true, true}}; - uint8_t data[] = {TEST_RETURN_ERROR}; - const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, - arguments, SOL_ARRAY_SIZE(arguments), - data, SOL_ARRAY_SIZE(data)}; - - sol_assert(42 == - sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts))); - } - sol_log("Test create_program_address"); { uint8_t seed1[] = {'Y', 'o', 'u', ' ', 'p', 'a', 's', 's', @@ -183,7 +172,7 @@ extern uint64_t entrypoint(const uint8_t *input) { {accounts[DERIVED_KEY1_INDEX].key, true, true}, {accounts[DERIVED_KEY2_INDEX].key, true, false}, {accounts[DERIVED_KEY3_INDEX].key, false, false}}; - uint8_t data[] = {TEST_DERIVED_SIGNERS, bump_seed2, bump_seed3}; + uint8_t data[] = {DERIVED_SIGNERS, bump_seed2, bump_seed3}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -202,7 +191,7 @@ extern uint64_t entrypoint(const uint8_t *input) { { SolAccountMeta arguments[] = { {accounts[INVOKED_ARGUMENT_INDEX].key, true, false}}; - uint8_t data[] = {TEST_VERIFY_WRITER}; + uint8_t data[] = {VERIFY_WRITER}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -222,7 +211,7 @@ extern uint64_t entrypoint(const uint8_t *input) { {accounts[INVOKED_ARGUMENT_INDEX].key, true, true}, {accounts[ARGUMENT_INDEX].key, true, true}, {accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false}}; - uint8_t data[] = {TEST_NESTED_INVOKE}; + uint8_t data[] = {NESTED_INVOKE}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -252,7 +241,7 @@ extern uint64_t entrypoint(const uint8_t *input) { sol_log("Test privilege escalation signer"); SolAccountMeta arguments[] = { {accounts[DERIVED_KEY3_INDEX].key, false, false}}; - uint8_t data[] = {TEST_VERIFY_PRIVILEGE_ESCALATION}; + uint8_t data[] = {VERIFY_PRIVILEGE_ESCALATION}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -268,7 +257,7 @@ extern uint64_t entrypoint(const uint8_t *input) { sol_log("Test privilege escalation writable"); SolAccountMeta arguments[] = { {accounts[DERIVED_KEY3_INDEX].key, false, false}}; - uint8_t data[] = {TEST_VERIFY_PRIVILEGE_ESCALATION}; + uint8_t data[] = {VERIFY_PRIVILEGE_ESCALATION}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -284,7 +273,7 @@ extern uint64_t entrypoint(const uint8_t *input) { sol_log("Test program not executable"); SolAccountMeta arguments[] = { {accounts[DERIVED_KEY3_INDEX].key, false, false}}; - uint8_t data[] = {TEST_VERIFY_PRIVILEGE_ESCALATION}; + uint8_t data[] = {VERIFY_PRIVILEGE_ESCALATION}; const SolInstruction instruction = {accounts[ARGUMENT_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -437,6 +426,16 @@ extern uint64_t entrypoint(const uint8_t *input) { break; } + case TEST_RETURN_ERROR: { + SolAccountMeta arguments[] = {{accounts[ARGUMENT_INDEX].key, true, true}}; + uint8_t data[] = {RETURN_ERROR}; + const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, + arguments, SOL_ARRAY_SIZE(arguments), + data, SOL_ARRAY_SIZE(data)}; + + sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts)); + break; + } default: sol_panic(); } diff --git a/programs/bpf/c/src/invoked/instruction.h b/programs/bpf/c/src/invoked/instruction.h index 2e4b25479e2b1d..69e0dfa1c1d944 100644 --- a/programs/bpf/c/src/invoked/instruction.h +++ b/programs/bpf/c/src/invoked/instruction.h @@ -4,10 +4,11 @@ #include -const uint8_t TEST_VERIFY_TRANSLATIONS = 0; -const uint8_t TEST_RETURN_ERROR = 1; -const uint8_t TEST_DERIVED_SIGNERS = 2; -const uint8_t TEST_VERIFY_NESTED_SIGNERS = 3; -const uint8_t TEST_VERIFY_WRITER = 4; -const uint8_t TEST_VERIFY_PRIVILEGE_ESCALATION = 5; -const uint8_t TEST_NESTED_INVOKE = 6; +const uint8_t VERIFY_TRANSLATIONS = 0; +const uint8_t RETURN_ERROR = 1; +const uint8_t DERIVED_SIGNERS = 2; +const uint8_t VERIFY_NESTED_SIGNERS = 3; +const uint8_t VERIFY_WRITER = 4; +const uint8_t VERIFY_PRIVILEGE_ESCALATION = 5; +const uint8_t NESTED_INVOKE = 6; +const uint8_t RETURN_OK = 7; diff --git a/programs/bpf/c/src/invoked/invoked.c b/programs/bpf/c/src/invoked/invoked.c index 74af1ee12cbb45..73c1a9e398fd1e 100644 --- a/programs/bpf/c/src/invoked/invoked.c +++ b/programs/bpf/c/src/invoked/invoked.c @@ -17,7 +17,7 @@ extern uint64_t entrypoint(const uint8_t *input) { } switch (params.data[0]) { - case TEST_VERIFY_TRANSLATIONS: { + case VERIFY_TRANSLATIONS: { sol_log("verify data translations"); static const int ARGUMENT_INDEX = 0; @@ -85,11 +85,15 @@ extern uint64_t entrypoint(const uint8_t *input) { accounts[INVOKED_PROGRAM_DUP_INDEX].executable); break; } - case TEST_RETURN_ERROR: { + case RETURN_OK: { + sol_log("return Ok"); + return SUCCESS; + } + case RETURN_ERROR: { sol_log("return error"); return 42; } - case TEST_DERIVED_SIGNERS: { + case DERIVED_SIGNERS: { sol_log("verify derived signers"); static const int INVOKED_PROGRAM_INDEX = 0; static const int DERIVED_KEY1_INDEX = 1; @@ -108,7 +112,7 @@ extern uint64_t entrypoint(const uint8_t *input) { {accounts[DERIVED_KEY1_INDEX].key, true, false}, {accounts[DERIVED_KEY2_INDEX].key, true, true}, {accounts[DERIVED_KEY3_INDEX].key, false, true}}; - uint8_t data[] = {TEST_VERIFY_NESTED_SIGNERS}; + uint8_t data[] = {VERIFY_NESTED_SIGNERS}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; @@ -130,7 +134,7 @@ extern uint64_t entrypoint(const uint8_t *input) { break; } - case TEST_VERIFY_NESTED_SIGNERS: { + case VERIFY_NESTED_SIGNERS: { sol_log("verify derived nested signers"); static const int DERIVED_KEY1_INDEX = 0; static const int DERIVED_KEY2_INDEX = 1; @@ -144,7 +148,7 @@ extern uint64_t entrypoint(const uint8_t *input) { break; } - case TEST_VERIFY_WRITER: { + case VERIFY_WRITER: { sol_log("verify writable"); static const int ARGUMENT_INDEX = 0; sol_assert(sol_deserialize(input, ¶ms, 1)); @@ -152,11 +156,11 @@ extern uint64_t entrypoint(const uint8_t *input) { sol_assert(accounts[ARGUMENT_INDEX].is_writable); break; } - case TEST_VERIFY_PRIVILEGE_ESCALATION: { + case VERIFY_PRIVILEGE_ESCALATION: { sol_log("Success"); break; } - case TEST_NESTED_INVOKE: { + case NESTED_INVOKE: { sol_log("invoke"); static const int INVOKED_ARGUMENT_INDEX = 0; @@ -179,7 +183,7 @@ extern uint64_t entrypoint(const uint8_t *input) { SolAccountMeta arguments[] = { {accounts[INVOKED_ARGUMENT_INDEX].key, true, true}, {accounts[ARGUMENT_INDEX].key, true, true}}; - uint8_t data[] = {TEST_NESTED_INVOKE}; + uint8_t data[] = {NESTED_INVOKE}; const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, arguments, SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(data)}; diff --git a/programs/bpf/rust/invoke/src/lib.rs b/programs/bpf/rust/invoke/src/lib.rs index b755d402632325..81613f44706c89 100644 --- a/programs/bpf/rust/invoke/src/lib.rs +++ b/programs/bpf/rust/invoke/src/lib.rs @@ -26,6 +26,7 @@ const TEST_CAP_SIGNERS: u8 = 7; const TEST_ALLOC_ACCESS_VIOLATION: u8 = 8; const TEST_INSTRUCTION_DATA_TOO_LARGE: u8 = 9; const TEST_INSTRUCTION_META_TOO_LARGE: u8 = 10; +const TEST_RETURN_ERROR: u8 = 11; // const MINT_INDEX: usize = 0; const ARGUMENT_INDEX: usize = 1; @@ -122,7 +123,7 @@ fn process_instruction( (accounts[INVOKED_PROGRAM_INDEX].key, false, false), (accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false), ], - vec![TEST_VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5], + vec![VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5], ); invoke(&instruction, accounts)?; } @@ -137,19 +138,6 @@ fn process_instruction( invoke(&instruction, accounts)?; } - msg!("Test return error"); - { - let instruction = create_instruction( - *accounts[INVOKED_PROGRAM_INDEX].key, - &[(accounts[ARGUMENT_INDEX].key, true, true)], - vec![TEST_RETURN_ERROR], - ); - assert_eq!( - invoke(&instruction, accounts), - Err(ProgramError::Custom(42)) - ); - } - msg!("Test refcell usage"); { let writable = INVOKED_ARGUMENT_INDEX; @@ -161,14 +149,11 @@ fn process_instruction( (accounts[writable].key, true, true), (accounts[readable].key, false, false), ], - vec![TEST_RETURN_ERROR, 1, 2, 3, 4, 5], + vec![RETURN_OK, 1, 2, 3, 4, 5], ); // success with this account configuration as a check - assert_eq!( - invoke(&instruction, accounts), - Err(ProgramError::Custom(42)) - ); + invoke(&instruction, accounts)?; { // writable but lamports borrow_mut'd @@ -221,18 +206,12 @@ fn process_instruction( { // readable but lamports borrow'd let _ref_mut = accounts[readable].try_borrow_lamports()?; - assert_eq!( - invoke(&instruction, accounts), - Err(ProgramError::Custom(42)) - ); + invoke(&instruction, accounts)?; } { // readable but data borrow'd let _ref_mut = accounts[readable].try_borrow_data()?; - assert_eq!( - invoke(&instruction, accounts), - Err(ProgramError::Custom(42)) - ); + invoke(&instruction, accounts)?; } } @@ -279,7 +258,7 @@ fn process_instruction( (accounts[DERIVED_KEY2_INDEX].key, true, false), (accounts[DERIVED_KEY3_INDEX].key, false, false), ], - vec![TEST_DERIVED_SIGNERS, bump_seed2, bump_seed3], + vec![DERIVED_SIGNERS, bump_seed2, bump_seed3], ); invoke_signed( &invoked_instruction, @@ -293,7 +272,7 @@ fn process_instruction( let invoked_instruction = create_instruction( *accounts[INVOKED_PROGRAM_INDEX].key, &[(accounts[ARGUMENT_INDEX].key, false, true)], - vec![TEST_VERIFY_WRITER], + vec![VERIFY_WRITER], ); invoke(&invoked_instruction, accounts)?; } @@ -314,7 +293,7 @@ fn process_instruction( (accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false), (accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false), ], - vec![TEST_NESTED_INVOKE], + vec![NESTED_INVOKE], ); invoke(&instruction, accounts)?; msg!("2nd invoke from first program"); @@ -344,7 +323,7 @@ fn process_instruction( let mut invoked_instruction = create_instruction( *accounts[INVOKED_PROGRAM_INDEX].key, &[(accounts[DERIVED_KEY3_INDEX].key, false, false)], - vec![TEST_VERIFY_PRIVILEGE_ESCALATION], + vec![VERIFY_PRIVILEGE_ESCALATION], ); invoke(&invoked_instruction, accounts)?; @@ -357,7 +336,7 @@ fn process_instruction( let mut invoked_instruction = create_instruction( *accounts[INVOKED_PROGRAM_INDEX].key, &[(accounts[DERIVED_KEY3_INDEX].key, false, false)], - vec![TEST_VERIFY_PRIVILEGE_ESCALATION], + vec![VERIFY_PRIVILEGE_ESCALATION], ); invoke(&invoked_instruction, accounts)?; @@ -371,7 +350,7 @@ fn process_instruction( let instruction = create_instruction( *accounts[ARGUMENT_INDEX].key, &[(accounts[ARGUMENT_INDEX].key, true, true)], - vec![TEST_RETURN_ERROR], + vec![RETURN_OK], ); invoke(&instruction, accounts)?; } @@ -504,6 +483,15 @@ fn process_instruction( ); invoke_signed(&instruction, &[], &[])?; } + TEST_RETURN_ERROR => { + msg!("Test return error"); + let instruction = create_instruction( + *accounts[INVOKED_PROGRAM_INDEX].key, + &[(accounts[INVOKED_ARGUMENT_INDEX].key, false, true)], + vec![RETURN_ERROR], + ); + let _ = invoke(&instruction, accounts); + } _ => panic!(), } diff --git a/programs/bpf/rust/invoked/src/instruction.rs b/programs/bpf/rust/invoked/src/instruction.rs index bba2b52835a03e..0236f08bb2f014 100644 --- a/programs/bpf/rust/invoked/src/instruction.rs +++ b/programs/bpf/rust/invoked/src/instruction.rs @@ -5,13 +5,14 @@ use solana_program::{ pubkey::Pubkey, }; -pub const TEST_VERIFY_TRANSLATIONS: u8 = 0; -pub const TEST_RETURN_ERROR: u8 = 1; -pub const TEST_DERIVED_SIGNERS: u8 = 2; -pub const TEST_VERIFY_NESTED_SIGNERS: u8 = 3; -pub const TEST_VERIFY_WRITER: u8 = 4; -pub const TEST_VERIFY_PRIVILEGE_ESCALATION: u8 = 5; -pub const TEST_NESTED_INVOKE: u8 = 6; +pub const VERIFY_TRANSLATIONS: u8 = 0; +pub const RETURN_ERROR: u8 = 1; +pub const DERIVED_SIGNERS: u8 = 2; +pub const VERIFY_NESTED_SIGNERS: u8 = 3; +pub const VERIFY_WRITER: u8 = 4; +pub const VERIFY_PRIVILEGE_ESCALATION: u8 = 5; +pub const NESTED_INVOKE: u8 = 6; +pub const RETURN_OK: u8 = 7; pub fn create_instruction( program_id: Pubkey, diff --git a/programs/bpf/rust/invoked/src/processor.rs b/programs/bpf/rust/invoked/src/processor.rs index 9d21da4d8d1fc6..77b1c9eee277c6 100644 --- a/programs/bpf/rust/invoked/src/processor.rs +++ b/programs/bpf/rust/invoked/src/processor.rs @@ -27,7 +27,7 @@ fn process_instruction( } match instruction_data[0] { - TEST_VERIFY_TRANSLATIONS => { + VERIFY_TRANSLATIONS => { msg!("verify data translations"); const ARGUMENT_INDEX: usize = 0; @@ -105,11 +105,15 @@ fn process_instruction( msg!(data[0], 0, 0, 0, 0); } } - TEST_RETURN_ERROR => { + RETURN_OK => { + msg!("Ok"); + return Ok(()); + } + RETURN_ERROR => { msg!("return error"); return Err(ProgramError::Custom(42)); } - TEST_DERIVED_SIGNERS => { + DERIVED_SIGNERS => { msg!("verify derived signers"); const INVOKED_PROGRAM_INDEX: usize = 0; const DERIVED_KEY1_INDEX: usize = 1; @@ -129,7 +133,7 @@ fn process_instruction( (accounts[DERIVED_KEY2_INDEX].key, true, true), (accounts[DERIVED_KEY3_INDEX].key, false, true), ], - vec![TEST_VERIFY_NESTED_SIGNERS], + vec![VERIFY_NESTED_SIGNERS], ); invoke_signed( &invoked_instruction, @@ -140,7 +144,7 @@ fn process_instruction( ], )?; } - TEST_VERIFY_NESTED_SIGNERS => { + VERIFY_NESTED_SIGNERS => { msg!("verify nested derived signers"); const DERIVED_KEY1_INDEX: usize = 0; const DERIVED_KEY2_INDEX: usize = 1; @@ -150,16 +154,16 @@ fn process_instruction( assert!(accounts[DERIVED_KEY2_INDEX].is_signer); assert!(accounts[DERIVED_KEY3_INDEX].is_signer); } - TEST_VERIFY_WRITER => { + VERIFY_WRITER => { msg!("verify writable"); const ARGUMENT_INDEX: usize = 0; assert!(!accounts[ARGUMENT_INDEX].is_writable); } - TEST_VERIFY_PRIVILEGE_ESCALATION => { + VERIFY_PRIVILEGE_ESCALATION => { msg!("Success"); } - TEST_NESTED_INVOKE => { + NESTED_INVOKE => { msg!("nested invoke"); const ARGUMENT_INDEX: usize = 0; @@ -178,7 +182,7 @@ fn process_instruction( (accounts[ARGUMENT_INDEX].key, true, true), (accounts[INVOKED_ARGUMENT_INDEX].key, true, true), ], - vec![TEST_NESTED_INVOKE], + vec![NESTED_INVOKE], ); invoke(&invoked_instruction, accounts)?; } else { diff --git a/programs/bpf/tests/programs.rs b/programs/bpf/tests/programs.rs index 8e9f8c6d3b9ae1..05062b7603e82c 100644 --- a/programs/bpf/tests/programs.rs +++ b/programs/bpf/tests/programs.rs @@ -523,6 +523,7 @@ fn test_program_bpf_invoke() { const TEST_ALLOC_ACCESS_VIOLATION: u8 = 8; const TEST_INSTRUCTION_DATA_TOO_LARGE: u8 = 9; const TEST_INSTRUCTION_META_TOO_LARGE: u8 = 10; + const TEST_RETURN_ERROR: u8 = 11; #[allow(dead_code)] #[derive(Debug)] @@ -638,7 +639,6 @@ fn test_program_bpf_invoke() { invoked_program_id.clone(), invoked_program_id.clone(), invoked_program_id.clone(), - invoked_program_id.clone(), ], Languages::Rust => vec![ solana_sdk::system_program::id(), @@ -655,9 +655,9 @@ fn test_program_bpf_invoke() { invoked_program_id.clone(), invoked_program_id.clone(), invoked_program_id.clone(), - invoked_program_id.clone(), ], }; + assert_eq!(invoked_programs.len(), expected_invoked_programs.len()); assert_eq!(invoked_programs, expected_invoked_programs); let no_invoked_programs: Vec = inner_instructions[1] @@ -915,6 +915,33 @@ fn test_program_bpf_invoke() { TransactionError::InstructionError(0, InstructionError::ComputationalBudgetExceeded) ); + let instruction = Instruction::new( + invoke_program_id, + &[TEST_RETURN_ERROR, bump_seed1, bump_seed2, bump_seed3], + account_metas.clone(), + ); + let message = Message::new(&[instruction], Some(&mint_pubkey)); + let tx = Transaction::new( + &[ + &mint_keypair, + &argument_keypair, + &invoked_argument_keypair, + &from_keypair, + ], + message.clone(), + bank.last_blockhash(), + ); + let (result, inner_instructions) = process_transaction_and_record_inner(&bank, tx); + let invoked_programs: Vec = inner_instructions[0] + .iter() + .map(|ix| message.account_keys[ix.program_id_index as usize].clone()) + .collect(); + assert_eq!(invoked_programs, vec![invoked_program_id.clone()]); + assert_eq!( + result.unwrap_err(), + TransactionError::InstructionError(0, InstructionError::Custom(42)) + ); + // Check final state assert_eq!(43, bank.get_balance(&derived_key1)); diff --git a/programs/bpf_loader/src/syscalls.rs b/programs/bpf_loader/src/syscalls.rs index 3e05d32ceb89ed..66fb96ead0fddc 100644 --- a/programs/bpf_loader/src/syscalls.rs +++ b/programs/bpf_loader/src/syscalls.rs @@ -16,8 +16,8 @@ use solana_sdk::{ bpf_loader_upgradeable::{self, UpgradeableLoaderState}, entrypoint::{MAX_PERMITTED_DATA_INCREASE, SUCCESS}, feature_set::{ - limit_cpi_loader_invoke, pubkey_log_syscall_enabled, ristretto_mul_syscall_enabled, - sha256_syscall_enabled, sol_log_compute_units_syscall, + abort_on_all_cpi_failures, limit_cpi_loader_invoke, pubkey_log_syscall_enabled, + ristretto_mul_syscall_enabled, sha256_syscall_enabled, sol_log_compute_units_syscall, try_find_program_address_syscall_enabled, use_loaded_program_accounts, }, hash::{Hasher, HASH_BYTES}, @@ -1406,10 +1406,16 @@ fn call<'a>( *(&mut *invoke_context), ) { Ok(()) => (), - Err(err) => match ProgramError::try_from(err) { - Ok(err) => return Ok(err.into()), - Err(err) => return Err(SyscallError::InstructionError(err).into()), - }, + Err(err) => { + if invoke_context.is_feature_active(&abort_on_all_cpi_failures::id()) { + return Err(SyscallError::InstructionError(err).into()); + } else { + match ProgramError::try_from(err) { + Ok(err) => return Ok(err.into()), + Err(err) => return Err(SyscallError::InstructionError(err).into()), + } + } + } } // Copy results back to caller diff --git a/sdk/src/feature_set.rs b/sdk/src/feature_set.rs index 525097b3c09786..c10a624bccdbb6 100644 --- a/sdk/src/feature_set.rs +++ b/sdk/src/feature_set.rs @@ -110,6 +110,10 @@ pub mod bpf_loader_upgradeable_program { solana_sdk::declare_id!("FbhK8HN9qvNHvJcoFVHAEUCNkagHvu7DTWzdnLuVQ5u4"); } +pub mod try_find_program_address_syscall_enabled { + solana_sdk::declare_id!("EMsMNadQNhCYDyGpYH5Tx6dGHxiUqKHk782PU5XaWfmi"); +} + pub mod max_cpi_instruction_size_ipv6_mtu { solana_sdk::declare_id!("5WLtuUJA5VVA1Cc28qULPfGs8anhoBev8uNqaaXeasnf"); } @@ -118,14 +122,14 @@ pub mod limit_cpi_loader_invoke { solana_sdk::declare_id!("xGbcW7EEC7zMRJ6LaJCob65EJxKryWjwM4rv8f57SRM"); } -pub mod try_find_program_address_syscall_enabled { - solana_sdk::declare_id!("EMsMNadQNhCYDyGpYH5Tx6dGHxiUqKHk782PU5XaWfmi"); -} - pub mod use_loaded_program_accounts { solana_sdk::declare_id!("FLjgLeg1PJkZimQCVa5sVFtaq6VmSDPw3NvH8iQ3nyHn"); } +pub mod abort_on_all_cpi_failures { + solana_sdk::declare_id!("ED5D5a2hQaECHaMmKpnU48GdsfafdCjkb3pgAw5RKbb2"); +} + lazy_static! { /// Map of feature identifiers to user-visible description pub static ref FEATURE_NAMES: HashMap = [ @@ -155,10 +159,11 @@ lazy_static! { (simple_capitalization::id(), "simple capitalization"), (stake_program_v3::id(), "solana_stake_program v3"), (bpf_loader_upgradeable_program::id(), "upgradeable bpf loader"), + (try_find_program_address_syscall_enabled::id(), "add try_find_program_address syscall"), (max_cpi_instruction_size_ipv6_mtu::id(), "Max cross-program invocation size 1280"), (limit_cpi_loader_invoke::id(), "Loader not authorized via CPI"), - (try_find_program_address_syscall_enabled::id(), "add try_find_program_address syscall"), (use_loaded_program_accounts::id(), "Use loaded program accounts"), + (abort_on_all_cpi_failures::id(), "Abort on all CPI failures"), /*************** ADD NEW FEATURES HERE ***************/ ] .iter()