Line data Source code
1 : #include "fd_gossip_tile.h"
2 : #include "../../disco/topo/fd_topo.h"
3 : #include "../../disco/fd_disco_base.h"
4 : #include "../../disco/keyguard/fd_keyswitch.h"
5 : #include "../../disco/keyguard/fd_keyload.h"
6 : #include "../../disco/metrics/fd_metrics.h"
7 : #include "../../disco/shred/fd_stake_ci.h"
8 : #include "../../flamenco/gossip/fd_ping_tracker.h"
9 : #include "../../flamenco/leaders/fd_leaders_base.h"
10 : #include "../../util/net/fd_net_headers.h"
11 : #include "../../disco/net/fd_net_tile.h"
12 : #include "generated/fd_gossvf_tile_seccomp.h"
13 :
14 : #define DEBUG_PEERS (0)
15 :
16 0 : #define IN_KIND_SHRED_VERSION (0)
17 0 : #define IN_KIND_NET (1)
18 0 : #define IN_KIND_EPOCH (2)
19 0 : #define IN_KIND_PINGS (3)
20 0 : #define IN_KIND_GOSSIP (4)
21 :
22 : struct peer {
23 : fd_pubkey_t pubkey;
24 :
25 : fd_ip4_port_t gossip_addr;
26 : ushort shred_version;
27 :
28 : struct {
29 : ulong prev;
30 : ulong next;
31 : } map;
32 :
33 : struct {
34 : ulong next;
35 : } pool;
36 : };
37 :
38 : typedef struct peer peer_t;
39 :
40 : struct ping {
41 : fd_pubkey_t pubkey;
42 : fd_ip4_port_t addr;
43 :
44 : struct {
45 : ulong prev;
46 : ulong next;
47 : } map;
48 :
49 : struct {
50 : ulong next;
51 : } pool;
52 : };
53 :
54 : typedef struct ping ping_t;
55 :
56 : struct stake {
57 : fd_pubkey_t pubkey;
58 : ulong stake;
59 :
60 : struct {
61 : ulong prev;
62 : ulong next;
63 : } map;
64 :
65 : struct {
66 : ulong next;
67 : } pool;
68 : };
69 :
70 : typedef struct stake stake_t;
71 :
72 : #define POOL_NAME peer_pool
73 0 : #define POOL_T peer_t
74 : #define POOL_IDX_T ulong
75 0 : #define POOL_NEXT pool.next
76 : #include "../../util/tmpl/fd_pool.c"
77 :
78 : #define MAP_NAME peer_map
79 0 : #define MAP_KEY pubkey
80 : #define MAP_ELE_T peer_t
81 : #define MAP_KEY_T fd_pubkey_t
82 : #define MAP_PREV map.prev
83 0 : #define MAP_NEXT map.next
84 0 : #define MAP_KEY_EQ(k0,k1) fd_pubkey_eq( k0, k1 )
85 0 : #define MAP_KEY_HASH(key,seed) (seed^fd_ulong_load_8( (key)->uc ))
86 : #include "../../util/tmpl/fd_map_chain.c"
87 :
88 : #define POOL_NAME ping_pool
89 0 : #define POOL_T ping_t
90 : #define POOL_IDX_T ulong
91 0 : #define POOL_NEXT pool.next
92 : #include "../../util/tmpl/fd_pool.c"
93 :
94 : #define MAP_NAME ping_map
95 0 : #define MAP_KEY pubkey
96 : #define MAP_ELE_T ping_t
97 : #define MAP_KEY_T fd_pubkey_t
98 : #define MAP_PREV map.prev
99 0 : #define MAP_NEXT map.next
100 0 : #define MAP_KEY_EQ(k0,k1) fd_pubkey_eq( k0, k1 )
101 0 : #define MAP_KEY_HASH(key,seed) (seed^fd_ulong_load_8( (key)->uc ))
102 : #include "../../util/tmpl/fd_map_chain.c"
103 :
104 : #define POOL_NAME stake_pool
105 0 : #define POOL_T stake_t
106 : #define POOL_IDX_T ulong
107 0 : #define POOL_NEXT pool.next
108 : #include "../../util/tmpl/fd_pool.c"
109 :
110 : #define MAP_NAME stake_map
111 0 : #define MAP_KEY pubkey
112 : #define MAP_ELE_T stake_t
113 : #define MAP_KEY_T fd_pubkey_t
114 0 : #define MAP_PREV map.prev
115 0 : #define MAP_NEXT map.next
116 0 : #define MAP_KEY_EQ(k0,k1) fd_pubkey_eq( k0, k1 )
117 0 : #define MAP_KEY_HASH(key,seed) (seed^fd_ulong_load_8( (key)->uc ))
118 : #define MAP_OPTIMIZE_RANDOM_ACCESS_REMOVAL 1
119 : #include "../../util/tmpl/fd_map_chain.c"
120 :
121 : struct fd_gossvf_tile_ctx {
122 : long instance_creation_wallclock_nanos;
123 : ushort shred_version;
124 :
125 : int allow_private_address;
126 :
127 : fd_keyswitch_t * keyswitch;
128 : fd_pubkey_t identity_pubkey[1];
129 :
130 : fd_ip4_port_t entrypoints[ 16UL ];
131 : ulong entrypoints_cnt;
132 :
133 : #if DEBUG_PEERS
134 : ulong peer_cnt;
135 : ulong ping_cnt;
136 : #endif
137 :
138 : peer_t * peers;
139 : peer_map_t * peer_map;
140 :
141 : ping_t * pings;
142 : ping_map_t * ping_map;
143 :
144 : struct {
145 : ulong count;
146 : stake_t * pool;
147 : stake_map_t * map;
148 : uchar msg_buf[ FD_EPOCH_INFO_MAX_MSG_SZ ];
149 : } stake;
150 :
151 : uchar payload[ FD_NET_MTU ];
152 : fd_ip4_port_t peer;
153 :
154 : fd_gossip_ping_update_t _ping_update[1];
155 : fd_gossip_update_message_t _gossip_update[1];
156 : fd_gossip_message_t _message[1];
157 :
158 : double ticks_per_ns;
159 : long last_wallclock;
160 : long last_tickcount;
161 :
162 : ulong seed;
163 :
164 : ulong round_robin_idx;
165 : ulong round_robin_cnt;
166 :
167 : fd_sha512_t sha[ 1 ];
168 :
169 : struct {
170 : ulong depth;
171 : ulong map_cnt;
172 : ulong * sync;
173 : ulong * ring;
174 : ulong * map;
175 : } tcache;
176 :
177 : struct {
178 : int kind;
179 : ulong chunk0;
180 : ulong wmark;
181 : fd_wksp_t * mem;
182 : ulong mtu;
183 : } in[ 64UL ];
184 :
185 : fd_net_rx_bounds_t net_in_bounds[ 64UL ];
186 :
187 : struct {
188 : ulong chunk0;
189 : ulong chunk;
190 : ulong wmark;
191 : fd_wksp_t * mem;
192 : } out[ 1 ];
193 :
194 : struct {
195 : ulong message_rx[ FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_CNT ];
196 : ulong message_rx_bytes[ FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_CNT ];
197 : ulong crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_CNT ];
198 : ulong crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_CNT ];
199 : } metrics;
200 : };
201 :
202 : typedef struct fd_gossvf_tile_ctx fd_gossvf_tile_ctx_t;
203 :
204 : FD_FN_CONST static inline ulong
205 0 : scratch_align( void ) {
206 0 : return 128UL;
207 0 : }
208 :
209 : FD_FN_PURE static inline ulong
210 0 : scratch_footprint( fd_topo_tile_t const * tile ) {
211 0 : ulong l = FD_LAYOUT_INIT;
212 0 : l = FD_LAYOUT_APPEND( l, alignof( fd_gossvf_tile_ctx_t ), sizeof( fd_gossvf_tile_ctx_t ) );
213 0 : l = FD_LAYOUT_APPEND( l, peer_pool_align(), peer_pool_footprint( FD_CONTACT_INFO_TABLE_SIZE ) );
214 0 : l = FD_LAYOUT_APPEND( l, peer_map_align(), peer_map_footprint( 2UL*FD_CONTACT_INFO_TABLE_SIZE ) );
215 0 : l = FD_LAYOUT_APPEND( l, ping_pool_align(), ping_pool_footprint( FD_PING_TRACKER_MAX ) );
216 0 : l = FD_LAYOUT_APPEND( l, ping_map_align(), ping_map_footprint( 2UL*FD_PING_TRACKER_MAX ) );
217 0 : l = FD_LAYOUT_APPEND( l, stake_pool_align(), stake_pool_footprint( MAX_STAKED_LEADERS ) );
218 0 : l = FD_LAYOUT_APPEND( l, stake_map_align(), stake_map_footprint( stake_map_chain_cnt_est( MAX_STAKED_LEADERS ) ) );
219 0 : l = FD_LAYOUT_APPEND( l, fd_tcache_align(), fd_tcache_footprint( tile->gossvf.tcache_depth, 0UL ) );
220 0 : return FD_LAYOUT_FINI( l, scratch_align() );
221 0 : }
222 :
223 : static inline void
224 0 : during_housekeeping( fd_gossvf_tile_ctx_t * ctx ) {
225 0 : ctx->last_wallclock = fd_log_wallclock();
226 0 : ctx->last_tickcount = fd_tickcount();
227 :
228 0 : if( FD_UNLIKELY( fd_keyswitch_state_query( ctx->keyswitch )==FD_KEYSWITCH_STATE_SWITCH_PENDING ) ) {
229 0 : memcpy( ctx->identity_pubkey->uc, ctx->keyswitch->bytes, 32UL );
230 0 : fd_keyswitch_state( ctx->keyswitch, FD_KEYSWITCH_STATE_COMPLETED );
231 0 : }
232 0 : }
233 :
234 : static inline void
235 0 : metrics_write( fd_gossvf_tile_ctx_t * ctx ) {
236 0 : FD_MCNT_ENUM_COPY( GOSSVF, MESSAGE_RX_COUNT, ctx->metrics.message_rx );
237 0 : FD_MCNT_ENUM_COPY( GOSSVF, MESSAGE_RX_BYTES, ctx->metrics.message_rx_bytes );
238 0 : FD_MCNT_ENUM_COPY( GOSSVF, CRDS_RX_COUNT, ctx->metrics.crds_rx );
239 0 : FD_MCNT_ENUM_COPY( GOSSVF, CRDS_RX_BYTES, ctx->metrics.crds_rx_bytes );
240 0 : }
241 :
242 : static int
243 : before_frag( fd_gossvf_tile_ctx_t * ctx,
244 : ulong in_idx,
245 : ulong seq,
246 0 : ulong sig ) {
247 0 : if( FD_UNLIKELY( !ctx->shred_version && ctx->in[ in_idx ].kind!=IN_KIND_SHRED_VERSION ) ) return -1;
248 :
249 0 : switch( ctx->in[ in_idx ].kind ) {
250 0 : case IN_KIND_SHRED_VERSION: return 0;
251 0 : case IN_KIND_NET: return (seq % ctx->round_robin_cnt) != ctx->round_robin_idx;
252 0 : case IN_KIND_EPOCH: return 0;
253 0 : case IN_KIND_PINGS: return 0;
254 0 : case IN_KIND_GOSSIP: return sig!=FD_GOSSIP_UPDATE_TAG_CONTACT_INFO &&
255 0 : sig!=FD_GOSSIP_UPDATE_TAG_CONTACT_INFO_REMOVE;
256 0 : default: FD_LOG_ERR(( "unexpected in_kind %d", ctx->in[ in_idx ].kind )); return -1;
257 0 : }
258 0 : }
259 :
260 : static inline void
261 : during_frag( fd_gossvf_tile_ctx_t * ctx,
262 : ulong in_idx,
263 : ulong seq FD_PARAM_UNUSED,
264 : ulong sig,
265 : ulong chunk,
266 : ulong sz,
267 0 : ulong ctl ) {
268 0 : if( FD_UNLIKELY( chunk<ctx->in[ in_idx ].chunk0 || chunk>ctx->in[ in_idx ].wmark || sz>ctx->in[ in_idx ].mtu ) )
269 0 : FD_LOG_ERR(( "chunk %lu %lu corrupt, not in range [%lu,%lu,%lu]", chunk, sz, ctx->in[ in_idx ].chunk0, ctx->in[ in_idx ].wmark, ctx->in[ in_idx ].mtu ));
270 :
271 0 : switch( ctx->in[ in_idx ].kind ) {
272 0 : case IN_KIND_SHRED_VERSION: {
273 0 : ctx->shred_version = (ushort)sig;
274 0 : FD_TEST( ctx->shred_version );
275 0 : break;
276 0 : }
277 0 : case IN_KIND_NET: {
278 0 : uchar const * src = fd_net_rx_translate_frag( &ctx->net_in_bounds[ in_idx ], chunk, ctl, sz );
279 0 : fd_memcpy( ctx->payload, src, sz );
280 0 : break;
281 0 : }
282 0 : case IN_KIND_EPOCH: {
283 0 : fd_epoch_info_msg_t const * msg = fd_chunk_to_laddr( ctx->in[ in_idx ].mem, chunk );
284 0 : ulong msg_sz = fd_epoch_info_msg_sz( msg->staked_cnt );
285 0 : fd_memcpy( ctx->stake.msg_buf, msg, msg_sz );
286 0 : break;
287 0 : }
288 0 : case IN_KIND_PINGS: {
289 0 : fd_memcpy( ctx->_ping_update, fd_chunk_to_laddr( ctx->in[ in_idx ].mem, chunk ), sz );
290 0 : break;
291 0 : }
292 0 : case IN_KIND_GOSSIP:
293 0 : FD_TEST( sz==FD_GOSSIP_UPDATE_SZ_CONTACT_INFO || sz==FD_GOSSIP_UPDATE_SZ_CONTACT_INFO_REMOVE );
294 0 : fd_memcpy( ctx->_gossip_update, fd_chunk_to_laddr( ctx->in[ in_idx ].mem, chunk ), sz );
295 0 : break;
296 0 : default:
297 0 : FD_LOG_ERR(( "unexpected in_kind %d", ctx->in[ in_idx ].kind ));
298 0 : }
299 0 : }
300 :
301 : static inline void
302 : handle_epoch( fd_gossvf_tile_ctx_t * ctx,
303 0 : fd_epoch_info_msg_t const * msg ) {
304 0 : stake_map_reset( ctx->stake.map );
305 0 : stake_pool_reset( ctx->stake.pool );
306 :
307 0 : for( ulong i=0UL; i<msg->staked_cnt; i++ ) {
308 0 : if( FD_UNLIKELY( fd_pubkey_eq( &msg->weights[i].id_key, &FD_DUMMY_ACCOUNT_PUBKEY ) ) ) continue;
309 0 : stake_t * entry;
310 0 : if( FD_UNLIKELY( (entry = stake_map_ele_query( ctx->stake.map, &msg->weights[i].id_key, NULL, ctx->stake.pool )) ) ) {
311 0 : entry->stake += msg->weights[i].stake;
312 0 : } else {
313 0 : entry = stake_pool_ele_acquire( ctx->stake.pool );
314 0 : fd_memcpy( entry->pubkey.uc, msg->weights[i].id_key.uc, 32UL );
315 0 : entry->stake = msg->weights[i].stake;
316 0 : stake_map_ele_insert( ctx->stake.map, entry, ctx->stake.pool );
317 0 : }
318 0 : }
319 0 : ctx->stake.count = stake_pool_used( ctx->stake.pool );
320 0 : }
321 :
322 : static int
323 : verify_prune( fd_gossip_prune_t const * view,
324 0 : fd_sha512_t * sha ) {
325 0 : uchar sign_data[ FD_NET_MTU ];
326 : /* Agave serializes the prefix as a bincode length-prefixed &[u8]:
327 : 8-byte LE u64 length (=18) followed by the 18 raw prefix bytes,
328 : totaling 26 bytes for the prefix portion. */
329 0 : FD_STORE( ulong, sign_data, 18UL );
330 0 : fd_memcpy( sign_data+8UL, "\xffSOLANA_PRUNE_DATA", 18UL );
331 0 : fd_memcpy( sign_data+26UL, view->pubkey, 32UL );
332 0 : FD_STORE( ulong, sign_data+58UL, view->prunes_len );
333 0 : fd_memcpy( sign_data+66UL, view->prunes, view->prunes_len*32UL );
334 0 : fd_memcpy( sign_data+66UL+view->prunes_len*32UL, view->destination, 32UL );
335 0 : FD_STORE( ulong, sign_data+98UL+view->prunes_len*32UL, view->wallclock );
336 :
337 0 : ulong sign_data_len = 106UL+view->prunes_len*32UL;
338 0 : int err_prefix = fd_ed25519_verify( sign_data, sign_data_len, view->signature, view->pubkey, sha );
339 0 : int err_no_prefix = fd_ed25519_verify( sign_data+26UL, sign_data_len-26UL, view->signature, view->pubkey, sha );
340 :
341 0 : if( FD_LIKELY( err_prefix==FD_ED25519_SUCCESS || err_no_prefix==FD_ED25519_SUCCESS ) ) return 0;
342 0 : else return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_SIGNATURE_IDX;
343 0 : }
344 :
345 : static int
346 : verify_crds_value( fd_gossip_value_t const * value,
347 : uchar const * value_bytes,
348 : ulong value_bytes_len,
349 0 : fd_sha512_t * sha ) {
350 0 : return fd_ed25519_verify( value_bytes+64UL, /* signable data begins after signature */
351 0 : value_bytes_len-64UL, /* signable data length */
352 0 : value->signature,
353 0 : value->origin,
354 0 : sha );
355 0 : }
356 :
357 : static int
358 : verify_signatures( fd_gossvf_tile_ctx_t * ctx,
359 : fd_gossip_message_t * view,
360 : uchar const * payload,
361 : fd_sha512_t * sha,
362 0 : uchar * failed ) {
363 0 : switch( view->tag ) {
364 0 : case FD_GOSSIP_MESSAGE_PULL_REQUEST: {
365 0 : if( FD_UNLIKELY( FD_ED25519_SUCCESS!=verify_crds_value( view->pull_request->contact_info, payload+view->pull_request->contact_info->offset, view->pull_request->contact_info->length, sha ) ) ) {
366 0 : return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SIGNATURE_IDX;
367 0 : } else {
368 0 : return 0;
369 0 : }
370 0 : }
371 0 : case FD_GOSSIP_MESSAGE_PULL_RESPONSE: {
372 0 : ulong i = 0UL;
373 0 : while( i<view->pull_response->values_len ) {
374 0 : ulong dedup_tag = ctx->seed ^ fd_ulong_load_8_fast( view->pull_response->values[ i ].signature );
375 0 : int ha_dup = 0;
376 0 : FD_FN_UNUSED ulong tcache_map_idx = 0; /* ignored */
377 0 : FD_TCACHE_QUERY( ha_dup, tcache_map_idx, ctx->tcache.map, ctx->tcache.map_cnt, dedup_tag );
378 0 : if( FD_UNLIKELY( ha_dup ) ) {
379 0 : if( FD_LIKELY( !failed[ i ] ) ) {
380 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_DUPLICATE_IDX ]++;
381 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_DUPLICATE_IDX ] += view->pull_response->values[ i ].length;
382 0 : }
383 0 : view->pull_response->values_len--;
384 0 : view->pull_response->values[ i ] = view->pull_response->values[ view->pull_response->values_len ];
385 0 : failed[ i ] = failed[ view->pull_response->values_len ];
386 0 : continue;
387 0 : }
388 :
389 0 : int err = verify_crds_value( &view->pull_response->values[ i ], payload+view->pull_response->values[ i ].offset, view->pull_response->values[ i ].length, sha );
390 0 : if( FD_UNLIKELY( err!=FD_ED25519_SUCCESS ) ) {
391 0 : if( FD_LIKELY( !failed[ i ] ) ) {
392 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_SIGNATURE_IDX ]++;
393 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_SIGNATURE_IDX ] += view->pull_response->values[ i ].length;
394 0 : }
395 0 : view->pull_response->values_len--;
396 0 : view->pull_response->values[ i ] = view->pull_response->values[ view->pull_response->values_len ];
397 0 : failed[ i ] = failed[ view->pull_response->values_len ];
398 0 : continue;
399 0 : }
400 :
401 0 : i++;
402 0 : }
403 :
404 0 : if( FD_UNLIKELY( !view->pull_response->values_len ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_RESPONSE_NO_VALID_CRDS_IDX;
405 0 : return 0;
406 0 : }
407 0 : case FD_GOSSIP_MESSAGE_PUSH: {
408 0 : ulong i = 0UL;
409 0 : while( i<view->push->values_len ) {
410 0 : int err = verify_crds_value( &view->push->values[ i ], payload+view->push->values[ i ].offset, view->push->values[ i ].length, sha );
411 0 : if( FD_UNLIKELY( err!=FD_ED25519_SUCCESS ) ) {
412 0 : if( FD_LIKELY( !failed[ i ] ) ) {
413 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_SIGNATURE_IDX ]++;
414 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_SIGNATURE_IDX ] += view->push->values[ i ].length;
415 0 : }
416 0 : view->push->values_len--;
417 0 : view->push->values[ i ] = view->push->values[ view->push->values_len ];
418 0 : failed[ i ] = failed[ view->push->values_len ];
419 0 : continue;
420 0 : }
421 :
422 0 : i++;
423 0 : }
424 :
425 0 : if( FD_UNLIKELY( !view->push->values_len ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PUSH_NO_VALID_CRDS_IDX;
426 0 : return 0;
427 0 : }
428 0 : case FD_GOSSIP_MESSAGE_PRUNE: return verify_prune( view->prune, sha );
429 0 : case FD_GOSSIP_MESSAGE_PING: {
430 0 : if( FD_UNLIKELY( FD_ED25519_SUCCESS!=fd_ed25519_verify( view->ping->token, 32UL, view->ping->signature, view->ping->from, sha ) ) ) {
431 0 : return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PING_SIGNATURE_IDX;
432 0 : } else {
433 0 : return 0;
434 0 : }
435 0 : }
436 0 : case FD_GOSSIP_MESSAGE_PONG: {
437 0 : if( FD_UNLIKELY( FD_ED25519_SUCCESS!=fd_ed25519_verify( view->pong->hash, 32UL, view->pong->signature, view->pong->from, sha ) ) ) {
438 0 : return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PONG_SIGNATURE_IDX;
439 0 : } else {
440 0 : return 0;
441 0 : }
442 0 : }
443 0 : default: FD_LOG_CRIT(( "unexpected message tag %u", view->tag ));
444 0 : };
445 0 : }
446 :
447 : static inline int
448 : is_entrypoint( fd_gossvf_tile_ctx_t * ctx,
449 0 : fd_ip4_port_t addr ) {
450 0 : for( ulong i=0UL; i<ctx->entrypoints_cnt; i++ ) {
451 0 : if( FD_UNLIKELY( addr.addr==ctx->entrypoints[ i ].addr && addr.port==ctx->entrypoints[ i ].port ) ) return 1;
452 0 : }
453 0 : return 0;
454 0 : }
455 :
456 : static void
457 : filter_shred_version_crds( fd_gossvf_tile_ctx_t * ctx,
458 : uint tag,
459 : fd_gossip_value_t * values,
460 : ulong values_len,
461 0 : uchar * failed ) {
462 0 : for( ulong i=0UL; i<values_len; i++ ) {
463 0 : if( FD_UNLIKELY( failed[ i ] ) ) continue;
464 :
465 0 : int keep = 0;
466 0 : int no_origin = 0;
467 0 : if( values[ i ].tag==FD_GOSSIP_VALUE_CONTACT_INFO ) {
468 0 : keep = values[ i ].contact_info->shred_version==ctx->shred_version;
469 0 : } else {
470 0 : peer_t const * origin = peer_map_ele_query_const( ctx->peer_map, (fd_pubkey_t*)(values[ i ].origin), NULL, ctx->peers );
471 0 : no_origin = !origin;
472 0 : keep = origin && origin->shred_version==ctx->shred_version;
473 0 : }
474 :
475 0 : if( FD_UNLIKELY( !keep ) ) {
476 0 : if( FD_UNLIKELY( tag==FD_GOSSIP_MESSAGE_PULL_RESPONSE ) ) {
477 0 : if( FD_LIKELY( no_origin ) ) {
478 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_ORIGIN_NO_CONTACT_INFO_IDX ]++;
479 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_ORIGIN_NO_CONTACT_INFO_IDX ] += values[ i ].length;
480 0 : } else {
481 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_ORIGIN_SHRED_VERSION_IDX ]++;
482 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_ORIGIN_SHRED_VERSION_IDX ] += values[ i ].length;
483 0 : }
484 0 : } else {
485 0 : if( FD_LIKELY( no_origin ) ) {
486 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_ORIGIN_NO_CONTACT_INFO_IDX ]++;
487 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_ORIGIN_NO_CONTACT_INFO_IDX ] += values[ i ].length;
488 0 : } else {
489 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_ORIGIN_SHRED_VERSION_IDX ]++;
490 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_ORIGIN_SHRED_VERSION_IDX ] += values[ i ].length;
491 0 : }
492 0 : }
493 0 : failed[ i ] = FD_GOSSIP_FAILED_NO_CONTACT_INFO;
494 0 : }
495 0 : }
496 0 : }
497 :
498 : static int
499 : filter_shred_version( fd_gossvf_tile_ctx_t * ctx,
500 : fd_gossip_message_t * view,
501 0 : uchar * failed ) {
502 0 : switch( view->tag ) {
503 0 : case FD_GOSSIP_MESSAGE_PING:
504 0 : case FD_GOSSIP_MESSAGE_PONG:
505 0 : case FD_GOSSIP_MESSAGE_PRUNE:
506 0 : return 0;
507 0 : case FD_GOSSIP_MESSAGE_PUSH: {
508 0 : filter_shred_version_crds( ctx, view->tag, view->push->values, view->push->values_len, failed );
509 0 : if( FD_UNLIKELY( !view->push->values_len ) ) {
510 0 : return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PUSH_NO_VALID_CRDS_IDX;
511 0 : } else {
512 0 : return 0;
513 0 : }
514 0 : }
515 0 : case FD_GOSSIP_MESSAGE_PULL_RESPONSE: {
516 0 : filter_shred_version_crds( ctx, view->tag, view->pull_response->values, view->pull_response->values_len, failed );
517 0 : if( FD_UNLIKELY( !view->pull_response->values_len ) ) {
518 0 : return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_RESPONSE_NO_VALID_CRDS_IDX;
519 0 : } else {
520 0 : return 0;
521 0 : }
522 0 : }
523 0 : case FD_GOSSIP_MESSAGE_PULL_REQUEST:
524 0 : FD_TEST( view->pull_request->contact_info->tag==FD_GOSSIP_VALUE_CONTACT_INFO );
525 0 : if( FD_UNLIKELY( view->pull_request->contact_info->contact_info->shred_version!=ctx->shred_version ) ) {
526 0 : return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_SHRED_VERSION_IDX;
527 0 : } else {
528 0 : return 0;
529 0 : }
530 0 : default:
531 0 : FD_LOG_CRIT(( "unexpected message tag %u", view->tag ));
532 0 : }
533 0 : }
534 :
535 : static void
536 : check_duplicate_instance( fd_gossvf_tile_ctx_t * ctx,
537 0 : fd_gossip_message_t const * view ) {
538 0 : ulong values_len;
539 0 : fd_gossip_value_t const * values;
540 0 : switch( view->tag ) {
541 0 : case FD_GOSSIP_MESSAGE_PING:
542 0 : case FD_GOSSIP_MESSAGE_PONG:
543 0 : case FD_GOSSIP_MESSAGE_PRUNE:
544 0 : case FD_GOSSIP_MESSAGE_PULL_REQUEST:
545 0 : return;
546 0 : case FD_GOSSIP_MESSAGE_PUSH:
547 0 : values = view->push->values;
548 0 : values_len = view->push->values_len;
549 0 : break;
550 0 : case FD_GOSSIP_MESSAGE_PULL_RESPONSE:
551 0 : values = view->pull_response->values;
552 0 : values_len = view->pull_response->values_len;
553 0 : break;
554 0 : default:
555 0 : FD_LOG_CRIT(( "unexpected message tag %u", view->tag ));
556 0 : }
557 :
558 0 : for( ulong i=0UL; i<values_len; i++ ) {
559 0 : fd_gossip_value_t const * value = &values[ i ];
560 0 : if( FD_UNLIKELY( value->tag!=FD_GOSSIP_VALUE_CONTACT_INFO ) ) continue;
561 :
562 0 : if( FD_LIKELY( ctx->instance_creation_wallclock_nanos>=FD_MICRO_TO_NANOSEC( value->contact_info->outset ) ) ) continue;
563 0 : if( FD_LIKELY( memcmp( ctx->identity_pubkey->uc, value->origin, 32UL ) ) ) continue;
564 :
565 0 : FD_LOG_ERR(( "duplicate running instances of the same validator node, our timestamp: %ldns their timestamp: %ldns", ctx->instance_creation_wallclock_nanos, FD_MICRO_TO_NANOSEC( value->contact_info->outset ) ));
566 0 : }
567 0 : }
568 :
569 : static inline int
570 : is_ping_active( fd_gossvf_tile_ctx_t * ctx,
571 : fd_ip4_port_t addr,
572 0 : fd_pubkey_t const * pubkey ) {
573 : /* 1. If the node is an entrypoint, it is active */
574 0 : if( FD_UNLIKELY( is_entrypoint( ctx, addr ) ) ) return 1;
575 :
576 : /* 2. If the node has more than 1 sol staked, it is active */
577 0 : stake_t const * stake = stake_map_ele_query_const( ctx->stake.map, pubkey, NULL, ctx->stake.pool );
578 0 : if( FD_LIKELY( stake && stake->stake>=1000000000UL ) ) return 1;
579 :
580 : /* 3. If the node has actively ponged a ping, it is active */
581 0 : ping_t * ping = ping_map_ele_query( ctx->ping_map, pubkey, NULL, ctx->pings );
582 0 : return ping!=NULL;
583 0 : }
584 :
585 : static int
586 : ping_if_unponged( fd_gossvf_tile_ctx_t * ctx,
587 : fd_ip4_port_t addr,
588 : uchar const * origin,
589 0 : fd_stem_context_t * stem ) {
590 0 : if( FD_UNLIKELY( !is_ping_active( ctx, addr, fd_type_pun_const( origin ) ) ) ) {
591 0 : fd_gossip_pingreq_t * pingreq = (fd_gossip_pingreq_t*)fd_chunk_to_laddr( ctx->out->mem, ctx->out->chunk );
592 0 : fd_memcpy( pingreq->pubkey.uc, origin, 32UL );
593 0 : fd_stem_publish( stem, 0UL, fd_gossvf_sig( addr.addr, addr.port, 1 ), ctx->out->chunk, sizeof(fd_gossip_pingreq_t), 0UL, 0UL, 0UL );
594 0 : ctx->out->chunk = fd_dcache_compact_next( ctx->out->chunk, sizeof(fd_gossip_pingreq_t), ctx->out->chunk0, ctx->out->wmark );
595 :
596 : #if DEBUG_PEERS
597 : char base58[ FD_BASE58_ENCODED_32_SZ ];
598 : fd_base58_encode_32( origin, NULL, base58 );
599 : FD_LOG_NOTICE(( "pinging %s (" FD_IP4_ADDR_FMT ":%hu) (%lu)", base58, FD_IP4_ADDR_FMT_ARGS( addr.addr ), addr.port, ctx->ping_cnt ));
600 : #endif
601 0 : return 1;
602 0 : }
603 0 : return 0;
604 0 : }
605 :
606 : static int
607 : check_addr( fd_ip4_port_t addr,
608 0 : int allow_private_address ) {
609 0 : if( FD_UNLIKELY( !addr.port || !addr.addr || fd_ip4_addr_is_mcast( addr.addr ) ) ) return 0;
610 0 : if( FD_UNLIKELY( !allow_private_address && !fd_ip4_addr_is_public( addr.addr ) ) ) return 0;
611 0 : return 1;
612 0 : }
613 :
614 : static int
615 : verify_addresses( fd_gossvf_tile_ctx_t * ctx,
616 : fd_gossip_message_t * view,
617 : uchar * failed,
618 0 : fd_stem_context_t * stem ) {
619 0 : ulong values_len;
620 0 : fd_gossip_value_t * values;
621 0 : switch( view->tag ) {
622 0 : case FD_GOSSIP_MESSAGE_PING:
623 0 : case FD_GOSSIP_MESSAGE_PONG:
624 0 : case FD_GOSSIP_MESSAGE_PRUNE:
625 0 : return 0;
626 0 : case FD_GOSSIP_MESSAGE_PULL_REQUEST:
627 0 : if( FD_UNLIKELY( !check_addr( ctx->peer, ctx->allow_private_address ) ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_INACTIVE_IDX;
628 0 : if( FD_UNLIKELY( ping_if_unponged( ctx, ctx->peer, view->pull_request->contact_info->origin, stem ) ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_INACTIVE_IDX;
629 0 : return 0;
630 0 : case FD_GOSSIP_MESSAGE_PUSH:
631 0 : values_len = view->push->values_len;
632 0 : values = view->push->values;
633 0 : break;
634 0 : case FD_GOSSIP_MESSAGE_PULL_RESPONSE:
635 0 : values_len = view->pull_response->values_len;
636 0 : values = view->pull_response->values;
637 0 : break;
638 0 : default:
639 0 : FD_LOG_ERR(( "unexpected view tag %u", view->tag ));
640 0 : }
641 :
642 0 : for( ulong i=0UL; i<values_len; i++ ) {
643 0 : fd_gossip_value_t const * value = &values[ i ];
644 0 : if( FD_UNLIKELY( failed[ i ] || value->tag!=FD_GOSSIP_VALUE_CONTACT_INFO ) ) continue;
645 :
646 : /* We currently don't handle IPv6, so setting the address to 0 will
647 : cause it to be always dropped. */
648 0 : fd_ip4_port_t addr = {
649 0 : .addr = value->contact_info->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].is_ipv6 ? 0U : value->contact_info->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].ip4,
650 0 : .port = value->contact_info->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].port
651 0 : };
652 0 : int drop = !check_addr( addr, ctx->allow_private_address ) || ping_if_unponged( ctx, addr, value->origin, stem );
653 :
654 0 : if( FD_UNLIKELY( drop ) ) {
655 0 : if( FD_LIKELY( view->tag==FD_GOSSIP_MESSAGE_PUSH ) ) {
656 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_INACTIVE_IDX ]++;
657 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_INACTIVE_IDX ] += value->length;
658 0 : } else {
659 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_INACTIVE_IDX ]++;
660 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_INACTIVE_IDX ] += value->length;
661 0 : }
662 : /* Mark as failed instead of removing so gossip tile can
663 : track the hash in the purged set. */
664 0 : failed[ i ] = FD_GOSSIP_FAILED_NO_CONTACT_INFO;
665 0 : }
666 0 : }
667 :
668 0 : return 0;
669 0 : }
670 :
671 : static void
672 : handle_ping_update( fd_gossvf_tile_ctx_t * ctx,
673 0 : fd_gossip_ping_update_t * ping_update ) {
674 : #if DEBUG_PEERS
675 : char base58[ FD_BASE58_ENCODED_32_SZ ];
676 : fd_base58_encode_32( ping_update->pubkey.uc, NULL, base58 );
677 : #endif
678 :
679 0 : if( FD_UNLIKELY( ping_update->remove ) ) {
680 : #if DEBUG_PEERS
681 : ctx->ping_cnt--;
682 : FD_LOG_NOTICE(( "removing ping for %s (" FD_IP4_ADDR_FMT ":%hu) (%lu)", base58, FD_IP4_ADDR_FMT_ARGS( ping_update->gossip_addr.addr ), fd_ushort_bswap( ping_update->gossip_addr.port ), ctx->ping_cnt ));
683 : #endif
684 :
685 0 : ping_t * ping = ping_map_ele_remove( ctx->ping_map, &ping_update->pubkey, NULL, ctx->pings );
686 0 : FD_TEST( ping );
687 0 : ping_pool_ele_release( ctx->pings, ping );
688 0 : } else {
689 : #if DEBUG_PEERS
690 : ctx->ping_cnt++;
691 : FD_LOG_NOTICE(( "adding ping for %s (" FD_IP4_ADDR_FMT ":%hu) (%lu)", base58, FD_IP4_ADDR_FMT_ARGS( ping_update->gossip_addr.addr ), fd_ushort_bswap( ping_update->gossip_addr.port ), ctx->ping_cnt ));
692 : #endif
693 :
694 0 : FD_TEST( ping_pool_free( ctx->pings ) );
695 0 : FD_TEST( !ping_map_ele_query( ctx->ping_map, &ping_update->pubkey, NULL, ctx->pings ) );
696 0 : ping_t * ping = ping_pool_ele_acquire( ctx->pings );
697 0 : ping->addr.l = ping_update->gossip_addr.l;
698 0 : fd_memcpy( ping->pubkey.uc, ping_update->pubkey.uc, 32UL );
699 0 : ping_map_ele_insert( ctx->ping_map, ping, ctx->pings );
700 0 : }
701 0 : }
702 :
703 : static void
704 : handle_peer_update( fd_gossvf_tile_ctx_t * ctx,
705 0 : fd_gossip_update_message_t * gossip_update ) {
706 : #if DEBUG_PEERS
707 : char base58[ FD_BASE58_ENCODED_32_SZ ];
708 : fd_base58_encode_32( gossip_update->origin, NULL, base58 );
709 : #endif
710 :
711 0 : switch( gossip_update->tag ) {
712 0 : case FD_GOSSIP_UPDATE_TAG_CONTACT_INFO: {
713 0 : peer_t * peer = peer_map_ele_query( ctx->peer_map, fd_type_pun_const( gossip_update->origin ), NULL, ctx->peers );
714 0 : if( FD_LIKELY( peer ) ) {
715 : #if DEBUG_PEERS
716 : FD_LOG_NOTICE(( "updating peer %s (" FD_IP4_ADDR_FMT ":%hu) (%lu)", base58, FD_IP4_ADDR_FMT_ARGS( gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].ip4 ), fd_ushort_bswap( gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].port ), ctx->peer_cnt ));
717 : #endif
718 :
719 0 : peer->shred_version = gossip_update->contact_info->value->shred_version;
720 0 : peer->gossip_addr.addr = gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].is_ipv6 ? 0U : gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].ip4;
721 0 : peer->gossip_addr.port = gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].port;
722 0 : } else {
723 : #if DEBUG_PEERS
724 : ctx->peer_cnt++;
725 : FD_LOG_NOTICE(( "adding peer %s (" FD_IP4_ADDR_FMT ":%hu) (%lu)", base58, FD_IP4_ADDR_FMT_ARGS( gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].ip4 ), fd_ushort_bswap( gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].port ), ctx->peer_cnt ));
726 : #endif
727 :
728 0 : FD_TEST( peer_pool_free( ctx->peers ) );
729 0 : peer = peer_pool_ele_acquire( ctx->peers );
730 0 : peer->shred_version = gossip_update->contact_info->value->shred_version;
731 0 : peer->gossip_addr.addr = gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].is_ipv6 ? 0U : gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].ip4;
732 0 : peer->gossip_addr.port = gossip_update->contact_info->value->sockets[ FD_GOSSIP_CONTACT_INFO_SOCKET_GOSSIP ].port;
733 0 : fd_memcpy( peer->pubkey.uc, gossip_update->origin, 32UL );
734 0 : peer_map_ele_insert( ctx->peer_map, peer, ctx->peers );
735 0 : }
736 0 : break;
737 0 : }
738 0 : case FD_GOSSIP_UPDATE_TAG_CONTACT_INFO_REMOVE: {
739 : #if DEBUG_PEERS
740 : ctx->peer_cnt--;
741 : FD_LOG_NOTICE(( "removing peer %s (%lu)", base58, ctx->peer_cnt ));
742 : #endif
743 :
744 0 : peer_t * peer = peer_map_ele_remove( ctx->peer_map, fd_type_pun_const( gossip_update->origin ), NULL, ctx->peers );
745 0 : FD_TEST( peer );
746 0 : peer_pool_ele_release( ctx->peers, peer );
747 0 : break;
748 0 : }
749 0 : default: FD_LOG_ERR(( "unexpected gossip_update tag %d", gossip_update->tag ));
750 0 : }
751 0 : }
752 :
753 : static int
754 : handle_net( fd_gossvf_tile_ctx_t * ctx,
755 : ulong sz,
756 : ulong tsorig,
757 0 : fd_stem_context_t * stem ) {
758 0 : uchar * payload;
759 0 : ulong payload_sz;
760 0 : fd_ip4_hdr_t * ip4_hdr;
761 0 : fd_udp_hdr_t * udp_hdr;
762 0 : FD_TEST( fd_ip4_udp_hdr_strip( ctx->payload, sz, &payload, &payload_sz, NULL, &ip4_hdr, &udp_hdr ) );
763 0 : ctx->peer.addr = ip4_hdr->saddr;
764 0 : ctx->peer.port = udp_hdr->net_sport;
765 :
766 0 : long now = ctx->last_wallclock + (long)((double)(fd_tickcount()-ctx->last_tickcount)/ctx->ticks_per_ns);
767 :
768 0 : fd_gossip_message_t * message = ctx->_message;
769 0 : int decoded = fd_gossip_message_deserialize( message, payload, payload_sz );
770 0 : if( FD_UNLIKELY( !decoded ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_UNPARSEABLE_IDX;
771 :
772 0 : if( FD_UNLIKELY( message->tag==FD_GOSSIP_MESSAGE_PULL_REQUEST ) ) {
773 0 : if( FD_UNLIKELY( message->pull_request->contact_info->tag!=FD_GOSSIP_VALUE_CONTACT_INFO ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_NOT_CONTACT_INFO_IDX;
774 0 : if( FD_UNLIKELY( !memcmp( message->pull_request->contact_info->origin, ctx->identity_pubkey, 32UL ) ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_LOOPBACK_IDX;
775 0 : if( FD_UNLIKELY( message->pull_request->crds_filter->mask_bits>=64U ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_MASK_BITS_IDX;
776 :
777 0 : long clamp_wallclock_lower_nanos = now-15L*1000L*1000L*1000L;
778 0 : long clamp_wallclock_upper_nanos = now+15L*1000L*1000L*1000L;
779 0 : if( FD_UNLIKELY( FD_MILLI_TO_NANOSEC( message->pull_request->contact_info->wallclock )<clamp_wallclock_lower_nanos ||
780 0 : FD_MILLI_TO_NANOSEC( message->pull_request->contact_info->wallclock )>clamp_wallclock_upper_nanos ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PULL_REQUEST_WALLCLOCK_IDX;
781 0 : }
782 :
783 0 : if( FD_UNLIKELY( message->tag==FD_GOSSIP_MESSAGE_PRUNE ) ) {
784 0 : if( FD_UNLIKELY( !!memcmp( message->prune->destination, ctx->identity_pubkey, 32UL ) ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_DESTINATION_IDX;
785 : /* Agave uses a window of 500ms here, rather than 1s, but it's too
786 : narrow in production and causes us to throw away a lot of prunes
787 : that are actually valid and useful. */
788 0 : if( FD_UNLIKELY( now-1000L*1000L*1000L>FD_MILLI_TO_NANOSEC( message->prune->wallclock ) ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PRUNE_WALLCLOCK_IDX;
789 0 : }
790 :
791 0 : if( FD_LIKELY( message->tag==FD_GOSSIP_MESSAGE_PUSH ) ) {
792 0 : ulong i = 0UL;
793 0 : while( i<message->push->values_len ) {
794 0 : fd_gossip_value_t const * value = &message->push->values[ i ];
795 0 : if( FD_UNLIKELY( FD_MILLI_TO_NANOSEC( value->wallclock )<now-15L*1000L*1000L*1000L ||
796 0 : FD_MILLI_TO_NANOSEC( value->wallclock )>now+15L*1000L*1000L*1000L ) ) {
797 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_WALLCLOCK_IDX ]++;
798 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PUSH_WALLCLOCK_IDX ] += value->length;
799 0 : message->push->values[ i ] = message->push->values[ message->push->values_len-1UL ];
800 0 : message->push->values_len--;
801 0 : continue;
802 0 : }
803 0 : i++;
804 0 : }
805 :
806 0 : if( FD_UNLIKELY( !message->push->values_len ) ) return FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_DROPPED_PUSH_NO_VALID_CRDS_IDX;
807 0 : }
808 :
809 0 : uchar failed[ FD_GOSSIP_MESSAGE_MAX_CRDS ] = {0};
810 :
811 0 : if( FD_UNLIKELY( message->tag==FD_GOSSIP_MESSAGE_PULL_RESPONSE ) ) {
812 0 : int has_staked_node = ctx->stake.count>0UL;
813 0 : for( ulong i=0UL; i<message->pull_response->values_len; i++ ) {
814 0 : fd_gossip_value_t const * value = &message->pull_response->values[ i ];
815 :
816 0 : uchar is_me = !memcmp( value->origin, ctx->identity_pubkey, 32UL );
817 0 : long accept_after_nanos;
818 0 : if( FD_UNLIKELY( is_me ) ) {
819 0 : accept_after_nanos = 0L;
820 0 : } else {
821 0 : stake_t const * entry = stake_map_ele_query_const( ctx->stake.map, (fd_pubkey_t const *)value->origin, NULL, ctx->stake.pool );
822 0 : ulong origin_stake = entry ? entry->stake : 0UL;
823 0 : if( !origin_stake && has_staked_node ) accept_after_nanos = now-15L*1000L*1000L*1000L;
824 0 : else accept_after_nanos = now-432000L*400L*1000L*1000L;
825 0 : }
826 :
827 0 : if( FD_UNLIKELY( accept_after_nanos>FD_MILLI_TO_NANOSEC( value->wallclock ) ) ) {
828 0 : peer_t const * origin_peer = peer_map_ele_query_const( ctx->peer_map, (fd_pubkey_t const *)value->origin, NULL, ctx->peers );
829 0 : if( FD_UNLIKELY( !origin_peer ) ) {
830 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_WALLCLOCK_IDX ]++;
831 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_DROPPED_PULL_RESPONSE_WALLCLOCK_IDX ] += value->length;
832 0 : failed[ i ] = FD_GOSSIP_FAILED_WALLCLOCK;
833 0 : }
834 0 : }
835 0 : }
836 0 : }
837 :
838 0 : int result = filter_shred_version( ctx, message, failed );
839 0 : if( FD_UNLIKELY( result ) ) return result;
840 :
841 0 : result = verify_addresses( ctx, message, failed, stem );
842 0 : if( FD_UNLIKELY( result ) ) return result;
843 :
844 0 : result = verify_signatures( ctx, message, payload, ctx->sha, failed );
845 0 : if( FD_UNLIKELY( result ) ) return result;
846 :
847 0 : check_duplicate_instance( ctx, message );
848 :
849 0 : switch( message->tag ) {
850 0 : case FD_GOSSIP_MESSAGE_PULL_RESPONSE: {
851 0 : for( ulong i=0UL; i<message->pull_response->values_len; i++ ) {
852 0 : if( FD_UNLIKELY( failed[ i ]==FD_GOSSIP_FAILED_NO_CONTACT_INFO ) ) continue; /* Don't add to tcache so we can re-receive after learning contact info */
853 0 : ulong dedup_tag = ctx->seed ^ fd_ulong_load_8_fast( message->pull_response->values[ i ].signature );
854 0 : int ha_dup = 0;
855 0 : FD_TCACHE_INSERT( ha_dup, *ctx->tcache.sync, ctx->tcache.ring, ctx->tcache.depth, ctx->tcache.map, ctx->tcache.map_cnt, dedup_tag );
856 0 : (void)ha_dup; /* unused */
857 0 : }
858 0 : break;
859 0 : }
860 0 : case FD_GOSSIP_MESSAGE_PUSH: {
861 0 : for( ulong i=0UL; i<message->push->values_len; i++ ) {
862 0 : if( FD_UNLIKELY( failed[ i ] ) ) continue; /* Don't add to tcache so we can re-receive after learning contact info */
863 0 : ulong dedup_tag = ctx->seed ^ fd_ulong_load_8_fast( message->push->values[ i ].signature );
864 0 : int ha_dup = 0;
865 0 : FD_TCACHE_INSERT( ha_dup, *ctx->tcache.sync, ctx->tcache.ring, ctx->tcache.depth, ctx->tcache.map, ctx->tcache.map_cnt, dedup_tag );
866 0 : (void)ha_dup; /* unused */
867 0 : }
868 0 : break;
869 0 : }
870 0 : default:
871 0 : break;
872 0 : }
873 :
874 0 : switch( message->tag ) {
875 0 : case FD_GOSSIP_MESSAGE_PULL_REQUEST: result = FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PULL_REQUEST_IDX; break;
876 0 : case FD_GOSSIP_MESSAGE_PULL_RESPONSE: result = FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PULL_RESPONSE_IDX; break;
877 0 : case FD_GOSSIP_MESSAGE_PUSH: result = FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PUSH_IDX; break;
878 0 : case FD_GOSSIP_MESSAGE_PRUNE: result = FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PRUNE_IDX; break;
879 0 : case FD_GOSSIP_MESSAGE_PING: result = FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PING_IDX; break;
880 0 : case FD_GOSSIP_MESSAGE_PONG: result = FD_METRICS_ENUM_GOSSVF_MESSAGE_OUTCOME_V_SUCCESS_PONG_IDX; break;
881 0 : default: FD_LOG_ERR(( "unexpected message tag %u", message->tag ));
882 0 : }
883 :
884 0 : switch( message->tag ) {
885 0 : case FD_GOSSIP_MESSAGE_PULL_RESPONSE:
886 0 : for( ulong i=0UL; i<message->pull_response->values_len; i++ ) {
887 0 : if( FD_UNLIKELY( failed[ i ] ) ) continue;
888 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_SUCCESS_PULL_RESPONSE_IDX ]++;
889 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_SUCCESS_PULL_RESPONSE_IDX ] += message->pull_response->values[ i ].length;
890 0 : }
891 0 : break;
892 0 : case FD_GOSSIP_MESSAGE_PUSH:
893 0 : for( ulong i=0UL; i<message->push->values_len; i++ ) {
894 0 : if( FD_UNLIKELY( failed[ i ] ) ) continue;
895 0 : ctx->metrics.crds_rx[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_SUCCESS_PUSH_IDX ]++;
896 0 : ctx->metrics.crds_rx_bytes[ FD_METRICS_ENUM_GOSSVF_CRDS_OUTCOME_V_SUCCESS_PUSH_IDX ] += message->push->values[ i ].length;
897 0 : }
898 0 : break;
899 0 : default:
900 0 : break;
901 0 : }
902 :
903 0 : uchar * dst = fd_chunk_to_laddr( ctx->out->mem, ctx->out->chunk );
904 0 : fd_memcpy( dst, message, sizeof(fd_gossip_message_t ) );
905 0 : fd_memcpy( dst+sizeof(fd_gossip_message_t), failed, FD_GOSSIP_MESSAGE_MAX_CRDS );
906 0 : fd_memcpy( dst+sizeof(fd_gossip_message_t)+FD_GOSSIP_MESSAGE_MAX_CRDS, payload, payload_sz );
907 :
908 0 : ulong tspub = (ulong)fd_frag_meta_ts_comp( fd_tickcount() );
909 0 : ulong out_sz = sizeof(fd_gossip_message_t)+FD_GOSSIP_MESSAGE_MAX_CRDS+payload_sz;
910 0 : fd_stem_publish( stem, 0UL, fd_gossvf_sig( ctx->peer.addr, ctx->peer.port, 0 ), ctx->out->chunk, out_sz, 0UL, tsorig, tspub );
911 0 : ctx->out->chunk = fd_dcache_compact_next( ctx->out->chunk, out_sz, ctx->out->chunk0, ctx->out->wmark );
912 :
913 0 : return result;
914 0 : }
915 :
916 : static inline void
917 : after_frag( fd_gossvf_tile_ctx_t * ctx,
918 : ulong in_idx,
919 : ulong seq,
920 : ulong sig,
921 : ulong sz,
922 : ulong tsorig,
923 : ulong _tspub,
924 0 : fd_stem_context_t * stem ) {
925 0 : (void)seq;
926 0 : (void)sig;
927 0 : (void)_tspub;
928 :
929 0 : switch( ctx->in[ in_idx ].kind ) {
930 0 : case IN_KIND_SHRED_VERSION: break;
931 0 : case IN_KIND_PINGS: handle_ping_update( ctx, ctx->_ping_update ); break;
932 0 : case IN_KIND_GOSSIP: handle_peer_update( ctx, ctx->_gossip_update ); break;
933 0 : case IN_KIND_EPOCH: handle_epoch( ctx, (fd_epoch_info_msg_t const *) ctx->stake.msg_buf ); break;
934 0 : case IN_KIND_NET: {
935 0 : int result = handle_net( ctx, sz, tsorig, stem );
936 0 : ctx->metrics.message_rx[ result ]++;
937 0 : ctx->metrics.message_rx_bytes[ result ] += sz;
938 0 : break;
939 0 : }
940 0 : default: FD_LOG_ERR(( "unexpected in_kind %d", ctx->in[ in_idx ].kind ));
941 0 : }
942 0 : }
943 :
944 : static void
945 : privileged_init( fd_topo_t * topo,
946 0 : fd_topo_tile_t * tile ) {
947 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
948 :
949 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
950 0 : fd_gossvf_tile_ctx_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_gossvf_tile_ctx_t ), sizeof( fd_gossvf_tile_ctx_t ) );
951 0 : FD_TEST( fd_rng_secure( &ctx->seed, 8U ) );
952 :
953 0 : if( FD_UNLIKELY( !strcmp( tile->gossvf.identity_key_path, "" ) ) ) FD_LOG_ERR(( "identity_key_path not set" ));
954 :
955 0 : ctx->identity_pubkey[ 0 ] = *(fd_pubkey_t const *)fd_type_pun_const( fd_keyload_load( tile->gossvf.identity_key_path, /* pubkey only: */ 1 ) );
956 0 : }
957 :
958 : static void
959 : unprivileged_init( fd_topo_t * topo,
960 0 : fd_topo_tile_t * tile ) {
961 0 : void * scratch = fd_topo_obj_laddr( topo, tile->tile_obj_id );
962 :
963 0 : FD_SCRATCH_ALLOC_INIT( l, scratch );
964 0 : fd_gossvf_tile_ctx_t * ctx = FD_SCRATCH_ALLOC_APPEND( l, alignof( fd_gossvf_tile_ctx_t ), sizeof( fd_gossvf_tile_ctx_t ) );
965 0 : void * _peer_pool = FD_SCRATCH_ALLOC_APPEND( l, peer_pool_align(), peer_pool_footprint( FD_CONTACT_INFO_TABLE_SIZE ) );
966 0 : void * _peer_map = FD_SCRATCH_ALLOC_APPEND( l, peer_map_align(), peer_map_footprint( 2UL*FD_CONTACT_INFO_TABLE_SIZE ) );
967 0 : void * _ping_pool = FD_SCRATCH_ALLOC_APPEND( l, ping_pool_align(), ping_pool_footprint( FD_PING_TRACKER_MAX ) );
968 0 : void * _ping_map = FD_SCRATCH_ALLOC_APPEND( l, ping_map_align(), ping_map_footprint( 2UL*FD_PING_TRACKER_MAX ) );
969 0 : void * _stake_pool = FD_SCRATCH_ALLOC_APPEND( l, stake_pool_align(), stake_pool_footprint( MAX_STAKED_LEADERS ) );
970 0 : void * _stake_map = FD_SCRATCH_ALLOC_APPEND( l, stake_map_align(), stake_map_footprint( stake_map_chain_cnt_est( MAX_STAKED_LEADERS ) ) );
971 0 : void * _tcache = FD_SCRATCH_ALLOC_APPEND( l, fd_tcache_align(), fd_tcache_footprint( tile->gossvf.tcache_depth, 0UL ) );
972 :
973 0 : ctx->peers = peer_pool_join( peer_pool_new( _peer_pool, FD_CONTACT_INFO_TABLE_SIZE ) );
974 0 : FD_TEST( ctx->peers );
975 :
976 0 : ctx->peer_map = peer_map_join( peer_map_new( _peer_map, 2UL*FD_CONTACT_INFO_TABLE_SIZE, ctx->seed ) );
977 0 : FD_TEST( ctx->peer_map );
978 :
979 0 : ctx->pings = ping_pool_join( ping_pool_new( _ping_pool, FD_PING_TRACKER_MAX ) );
980 0 : FD_TEST( ctx->pings );
981 :
982 0 : ctx->ping_map = ping_map_join( ping_map_new( _ping_map, 2UL*FD_PING_TRACKER_MAX, ctx->seed ) );
983 0 : FD_TEST( ctx->ping_map );
984 :
985 0 : ctx->stake.count = 0UL;
986 0 : ctx->stake.pool = stake_pool_join( stake_pool_new( _stake_pool, MAX_STAKED_LEADERS ) );
987 0 : FD_TEST( ctx->stake.pool );
988 :
989 0 : ctx->stake.map = stake_map_join( stake_map_new( _stake_map, stake_map_chain_cnt_est( MAX_STAKED_LEADERS ), ctx->seed ) );
990 0 : FD_TEST( ctx->stake.map );
991 :
992 0 : ctx->round_robin_cnt = fd_topo_tile_name_cnt( topo, tile->name );
993 0 : ctx->round_robin_idx = tile->kind_id;
994 :
995 0 : ctx->allow_private_address = tile->gossvf.allow_private_address;
996 :
997 0 : ctx->keyswitch = fd_keyswitch_join( fd_topo_obj_laddr( topo, tile->id_keyswitch_obj_id ) );
998 0 : FD_TEST( ctx->keyswitch );
999 :
1000 0 : ctx->shred_version = tile->gossvf.shred_version;
1001 :
1002 0 : ctx->ticks_per_ns = fd_tempo_tick_per_ns( NULL );
1003 0 : ctx->last_wallclock = fd_log_wallclock();
1004 0 : ctx->last_tickcount = fd_tickcount();
1005 :
1006 0 : FD_TEST( fd_sha512_join( fd_sha512_new( ctx->sha ) ) );
1007 :
1008 0 : fd_tcache_t * tcache = fd_tcache_join( fd_tcache_new( _tcache, tile->gossvf.tcache_depth, 0UL ) );
1009 0 : FD_TEST( tcache );
1010 :
1011 0 : ctx->tcache.depth = fd_tcache_depth ( tcache );
1012 0 : ctx->tcache.map_cnt = fd_tcache_map_cnt ( tcache );
1013 0 : ctx->tcache.sync = fd_tcache_oldest_laddr( tcache );
1014 0 : ctx->tcache.ring = fd_tcache_ring_laddr ( tcache );
1015 0 : ctx->tcache.map = fd_tcache_map_laddr ( tcache );
1016 :
1017 0 : ctx->entrypoints_cnt = tile->gossvf.entrypoints_cnt;
1018 0 : for( ulong i=0UL; i<tile->gossvf.entrypoints_cnt; i++ ) {
1019 0 : ctx->entrypoints[ i ].l = tile->gossvf.entrypoints[ i ].l;
1020 : #if DEBUG_PEERS
1021 : FD_LOG_NOTICE(( "entrypoint " FD_IP4_ADDR_FMT ":%hu", FD_IP4_ADDR_FMT_ARGS( ctx->entrypoints[ i ].addr ), fd_ushort_bswap( ctx->entrypoints[ i ].port ) ));
1022 : #endif
1023 0 : }
1024 :
1025 : /* Conversion to MICROs ensures we are comparing apples to apples in
1026 : check_duplicate_instance */
1027 0 : ctx->instance_creation_wallclock_nanos = FD_MICRO_TO_NANOSEC( FD_NANOSEC_TO_MICRO( tile->gossvf.boot_timestamp_nanos ) );
1028 :
1029 : #if DEBUG_PEERS
1030 : ctx->peer_cnt = 0UL;
1031 : ctx->ping_cnt = 0UL;
1032 : #endif
1033 :
1034 0 : memset( &ctx->metrics, 0, sizeof( ctx->metrics ) );
1035 :
1036 0 : FD_TEST( tile->in_cnt<=sizeof(ctx->in)/sizeof(ctx->in[0]) );
1037 0 : for( ulong i=0UL; i<tile->in_cnt; i++ ) {
1038 0 : fd_topo_link_t * link = &topo->links[ tile->in_link_id[ i ] ];
1039 0 : fd_topo_wksp_t * link_wksp = &topo->workspaces[ topo->objs[ link->dcache_obj_id ].wksp_id ];
1040 :
1041 0 : ctx->in[ i ].mem = link_wksp->wksp;
1042 0 : if( FD_LIKELY( link->mtu ) ) {
1043 0 : ctx->in[ i ].chunk0 = fd_dcache_compact_chunk0( ctx->in[ i ].mem, link->dcache );
1044 0 : ctx->in[ i ].wmark = fd_dcache_compact_wmark ( ctx->in[ i ].mem, link->dcache, link->mtu );
1045 0 : } else {
1046 0 : ctx->in[ i ].chunk0 = 0UL;
1047 0 : ctx->in[ i ].wmark = 0UL;
1048 0 : }
1049 0 : ctx->in[ i ].mtu = link->mtu;
1050 :
1051 0 : if( !strcmp( link->name, "gossip_gossvf" ) ) ctx->in[ i ].kind = IN_KIND_PINGS;
1052 0 : else if( !strcmp( link->name, "ipecho_out" ) ) ctx->in[ i ].kind = IN_KIND_SHRED_VERSION;
1053 0 : else if( !strcmp( link->name, "gossip_out" ) ) ctx->in[ i ].kind = IN_KIND_GOSSIP;
1054 0 : else if( !strcmp( link->name, "net_gossvf" ) ) {
1055 0 : ctx->in[ i ].kind = IN_KIND_NET;
1056 0 : fd_net_rx_bounds_init( &ctx->net_in_bounds[ i ], link->dcache );
1057 0 : }
1058 0 : else if( !strcmp( link->name, "replay_epoch" ) ) ctx->in[ i ].kind = IN_KIND_EPOCH;
1059 0 : else FD_LOG_ERR(( "unexpected input link name %s", link->name ));
1060 0 : }
1061 :
1062 0 : FD_TEST( tile->out_cnt==1UL );
1063 0 : fd_topo_link_t * gossvf_out = &topo->links[ tile->out_link_id[ 0UL ] ];
1064 0 : ctx->out->mem = topo->workspaces[ topo->objs[ gossvf_out->dcache_obj_id ].wksp_id ].wksp;
1065 0 : ctx->out->chunk0 = fd_dcache_compact_chunk0( ctx->out->mem, gossvf_out->dcache );
1066 0 : ctx->out->wmark = fd_dcache_compact_wmark ( ctx->out->mem, gossvf_out->dcache, gossvf_out->mtu );
1067 0 : ctx->out->chunk = ctx->out->chunk0;
1068 :
1069 0 : ulong scratch_top = FD_SCRATCH_ALLOC_FINI( l, 1UL );
1070 0 : if( FD_UNLIKELY( scratch_top > (ulong)scratch + scratch_footprint( tile ) ) )
1071 0 : FD_LOG_ERR(( "scratch overflow %lu %lu %lu", scratch_top - (ulong)scratch - scratch_footprint( tile ), scratch_top, (ulong)scratch + scratch_footprint( tile ) ));
1072 0 : }
1073 :
1074 : static ulong
1075 : populate_allowed_seccomp( fd_topo_t const * topo,
1076 : fd_topo_tile_t const * tile,
1077 : ulong out_cnt,
1078 0 : struct sock_filter * out ) {
1079 0 : (void)topo;
1080 0 : (void)tile;
1081 :
1082 0 : populate_sock_filter_policy_fd_gossvf_tile( out_cnt, out, (uint)fd_log_private_logfile_fd() );
1083 0 : return sock_filter_policy_fd_gossvf_tile_instr_cnt;
1084 0 : }
1085 :
1086 : static ulong
1087 : populate_allowed_fds( fd_topo_t const * topo,
1088 : fd_topo_tile_t const * tile,
1089 : ulong out_fds_cnt,
1090 0 : int * out_fds ) {
1091 0 : (void)topo;
1092 0 : (void)tile;
1093 :
1094 0 : if( FD_UNLIKELY( out_fds_cnt<2UL ) ) FD_LOG_ERR(( "out_fds_cnt %lu", out_fds_cnt ));
1095 :
1096 0 : ulong out_cnt = 0UL;
1097 0 : out_fds[ out_cnt++ ] = 2; /* stderr */
1098 0 : if( FD_LIKELY( -1!=fd_log_private_logfile_fd() ) )
1099 0 : out_fds[ out_cnt++ ] = fd_log_private_logfile_fd(); /* logfile */
1100 0 : return out_cnt;
1101 0 : }
1102 :
1103 0 : #define STEM_BURST (17UL/*FD_GOSSIP_MSG_MAX_CRDS*/+1UL)
1104 :
1105 0 : #define STEM_LAZY (128L*3000L)
1106 :
1107 0 : #define STEM_CALLBACK_CONTEXT_TYPE fd_gossvf_tile_ctx_t
1108 0 : #define STEM_CALLBACK_CONTEXT_ALIGN alignof(fd_gossvf_tile_ctx_t)
1109 :
1110 0 : #define STEM_CALLBACK_DURING_HOUSEKEEPING during_housekeeping
1111 0 : #define STEM_CALLBACK_METRICS_WRITE metrics_write
1112 0 : #define STEM_CALLBACK_BEFORE_FRAG before_frag
1113 0 : #define STEM_CALLBACK_DURING_FRAG during_frag
1114 0 : #define STEM_CALLBACK_AFTER_FRAG after_frag
1115 :
1116 : #include "../../disco/stem/fd_stem.c"
1117 :
1118 : fd_topo_run_tile_t fd_tile_gossvf = {
1119 : .name = "gossvf",
1120 : .populate_allowed_seccomp = populate_allowed_seccomp,
1121 : .populate_allowed_fds = populate_allowed_fds,
1122 : .scratch_align = scratch_align,
1123 : .scratch_footprint = scratch_footprint,
1124 : .privileged_init = privileged_init,
1125 : .unprivileged_init = unprivileged_init,
1126 : .run = stem_run,
1127 : };
|
