forked from TrueCloudLab/neoneo-go
Merge pull request #1224 from nspcc-dev/interop/triggers
core, vm: remove allowed triggers from syscalls
This commit is contained in:
commit
4cdd48f494
6 changed files with 25 additions and 82 deletions
|
@ -59,8 +59,6 @@ type Function struct {
|
||||||
Name string
|
Name string
|
||||||
Func func(*Context, *vm.VM) error
|
Func func(*Context, *vm.VM) error
|
||||||
Price int64
|
Price int64
|
||||||
// AllowedTriggers is a set of triggers which are allowed to initiate invocation.
|
|
||||||
AllowedTriggers trigger.Type
|
|
||||||
// RequiredFlags is a set of flags which must be set during script invocations.
|
// RequiredFlags is a set of flags which must be set during script invocations.
|
||||||
// Default value is NoneFlag i.e. no flags are required.
|
// Default value is NoneFlag i.e. no flags are required.
|
||||||
RequiredFlags smartcontract.CallFlag
|
RequiredFlags smartcontract.CallFlag
|
||||||
|
|
|
@ -18,7 +18,6 @@ import (
|
||||||
"github.com/nspcc-dev/neo-go/pkg/core/interop/runtime"
|
"github.com/nspcc-dev/neo-go/pkg/core/interop/runtime"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/core/native"
|
"github.com/nspcc-dev/neo-go/pkg/core/native"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm"
|
"github.com/nspcc-dev/neo-go/pkg/vm"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/emit"
|
"github.com/nspcc-dev/neo-go/pkg/vm/emit"
|
||||||
)
|
)
|
||||||
|
@ -74,31 +73,20 @@ var systemInterops = []interop.Function{
|
||||||
{Name: "System.Binary.Base64Encode", Func: runtimeEncode, Price: 100000},
|
{Name: "System.Binary.Base64Encode", Func: runtimeEncode, Price: 100000},
|
||||||
{Name: "System.Binary.Deserialize", Func: runtimeDeserialize, Price: 500000},
|
{Name: "System.Binary.Deserialize", Func: runtimeDeserialize, Price: 500000},
|
||||||
{Name: "System.Binary.Serialize", Func: runtimeSerialize, Price: 100000},
|
{Name: "System.Binary.Serialize", Func: runtimeSerialize, Price: 100000},
|
||||||
{Name: "System.Blockchain.GetBlock", Func: bcGetBlock, Price: 2500000,
|
{Name: "System.Blockchain.GetBlock", Func: bcGetBlock, Price: 2500000, RequiredFlags: smartcontract.AllowStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
{Name: "System.Blockchain.GetContract", Func: bcGetContract, Price: 1000000, RequiredFlags: smartcontract.AllowStates},
|
||||||
{Name: "System.Blockchain.GetContract", Func: bcGetContract, Price: 1000000,
|
{Name: "System.Blockchain.GetHeight", Func: bcGetHeight, Price: 400, RequiredFlags: smartcontract.AllowStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
{Name: "System.Blockchain.GetTransaction", Func: bcGetTransaction, Price: 1000000, RequiredFlags: smartcontract.AllowStates},
|
||||||
{Name: "System.Blockchain.GetHeight", Func: bcGetHeight, Price: 400,
|
{Name: "System.Blockchain.GetTransactionFromBlock", Func: bcGetTransactionFromBlock, Price: 1000000, RequiredFlags: smartcontract.AllowStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
{Name: "System.Blockchain.GetTransactionHeight", Func: bcGetTransactionHeight, Price: 1000000, RequiredFlags: smartcontract.AllowStates},
|
||||||
{Name: "System.Blockchain.GetTransaction", Func: bcGetTransaction, Price: 1000000,
|
{Name: "System.Contract.Call", Func: contractCall, Price: 1000000, RequiredFlags: smartcontract.AllowCall},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
{Name: "System.Contract.CallEx", Func: contractCallEx, Price: 1000000, RequiredFlags: smartcontract.AllowCall},
|
||||||
{Name: "System.Blockchain.GetTransactionFromBlock", Func: bcGetTransactionFromBlock, Price: 1000000,
|
{Name: "System.Contract.Create", Func: contractCreate, Price: 0, RequiredFlags: smartcontract.AllowModifyStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
|
||||||
{Name: "System.Blockchain.GetTransactionHeight", Func: bcGetTransactionHeight, Price: 1000000,
|
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
|
||||||
{Name: "System.Contract.Call", Func: contractCall, Price: 1000000,
|
|
||||||
AllowedTriggers: trigger.System | trigger.Application, RequiredFlags: smartcontract.AllowCall},
|
|
||||||
{Name: "System.Contract.CallEx", Func: contractCallEx, Price: 1000000,
|
|
||||||
AllowedTriggers: trigger.System | trigger.Application, RequiredFlags: smartcontract.AllowCall},
|
|
||||||
{Name: "System.Contract.Create", Func: contractCreate, Price: 0,
|
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates},
|
|
||||||
{Name: "System.Contract.CreateStandardAccount", Func: contractCreateStandardAccount, Price: 10000},
|
{Name: "System.Contract.CreateStandardAccount", Func: contractCreateStandardAccount, Price: 10000},
|
||||||
{Name: "System.Contract.Destroy", Func: contractDestroy, Price: 1000000,
|
{Name: "System.Contract.Destroy", Func: contractDestroy, Price: 1000000, RequiredFlags: smartcontract.AllowModifyStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates},
|
|
||||||
{Name: "System.Contract.IsStandard", Func: contractIsStandard, Price: 30000},
|
{Name: "System.Contract.IsStandard", Func: contractIsStandard, Price: 30000},
|
||||||
{Name: "System.Contract.GetCallFlags", Func: contractGetCallFlags, Price: 30000},
|
{Name: "System.Contract.GetCallFlags", Func: contractGetCallFlags, Price: 30000},
|
||||||
{Name: "System.Contract.Update", Func: contractUpdate, Price: 0,
|
{Name: "System.Contract.Update", Func: contractUpdate, Price: 0, RequiredFlags: smartcontract.AllowModifyStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates},
|
|
||||||
{Name: "System.Enumerator.Concat", Func: enumerator.Concat, Price: 400},
|
{Name: "System.Enumerator.Concat", Func: enumerator.Concat, Price: 400},
|
||||||
{Name: "System.Enumerator.Create", Func: enumerator.Create, Price: 400},
|
{Name: "System.Enumerator.Create", Func: enumerator.Create, Price: 400},
|
||||||
{Name: "System.Enumerator.Next", Func: enumerator.Next, Price: 1000000},
|
{Name: "System.Enumerator.Next", Func: enumerator.Next, Price: 1000000},
|
||||||
|
@ -119,28 +107,19 @@ var systemInterops = []interop.Function{
|
||||||
{Name: "System.Runtime.GetInvocationCounter", Func: runtime.GetInvocationCounter, Price: 400},
|
{Name: "System.Runtime.GetInvocationCounter", Func: runtime.GetInvocationCounter, Price: 400},
|
||||||
{Name: "System.Runtime.GetNotifications", Func: runtime.GetNotifications, Price: 10000},
|
{Name: "System.Runtime.GetNotifications", Func: runtime.GetNotifications, Price: 10000},
|
||||||
{Name: "System.Runtime.GetScriptContainer", Func: engineGetScriptContainer, Price: 250},
|
{Name: "System.Runtime.GetScriptContainer", Func: engineGetScriptContainer, Price: 250},
|
||||||
{Name: "System.Runtime.GetTime", Func: runtimeGetTime, Price: 250,
|
{Name: "System.Runtime.GetTime", Func: runtimeGetTime, Price: 250, RequiredFlags: smartcontract.AllowStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
|
||||||
{Name: "System.Runtime.GetTrigger", Func: runtimeGetTrigger, Price: 250},
|
{Name: "System.Runtime.GetTrigger", Func: runtimeGetTrigger, Price: 250},
|
||||||
{Name: "System.Runtime.Log", Func: runtimeLog, Price: 1000000, RequiredFlags: smartcontract.AllowNotify},
|
{Name: "System.Runtime.Log", Func: runtimeLog, Price: 1000000, RequiredFlags: smartcontract.AllowNotify},
|
||||||
{Name: "System.Runtime.Notify", Func: runtimeNotify, Price: 1000000, RequiredFlags: smartcontract.AllowNotify},
|
{Name: "System.Runtime.Notify", Func: runtimeNotify, Price: 1000000, RequiredFlags: smartcontract.AllowNotify},
|
||||||
{Name: "System.Runtime.Platform", Func: runtimePlatform, Price: 250},
|
{Name: "System.Runtime.Platform", Func: runtimePlatform, Price: 250},
|
||||||
{Name: "System.Storage.Delete", Func: storageDelete, Price: StoragePrice,
|
{Name: "System.Storage.Delete", Func: storageDelete, Price: StoragePrice, RequiredFlags: smartcontract.AllowModifyStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates},
|
{Name: "System.Storage.Find", Func: storageFind, Price: 1000000, RequiredFlags: smartcontract.AllowStates},
|
||||||
{Name: "System.Storage.Find", Func: storageFind, Price: 1000000,
|
{Name: "System.Storage.Get", Func: storageGet, Price: 1000000, RequiredFlags: smartcontract.AllowStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
{Name: "System.Storage.GetContext", Func: storageGetContext, Price: 400, RequiredFlags: smartcontract.AllowStates},
|
||||||
{Name: "System.Storage.Get", Func: storageGet, Price: 1000000,
|
{Name: "System.Storage.GetReadOnlyContext", Func: storageGetReadOnlyContext, Price: 400, RequiredFlags: smartcontract.AllowStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
{Name: "System.Storage.Put", Func: storagePut, Price: 0, RequiredFlags: smartcontract.AllowModifyStates}, // These don't have static price in C# code.
|
||||||
{Name: "System.Storage.GetContext", Func: storageGetContext, Price: 400,
|
{Name: "System.Storage.PutEx", Func: storagePutEx, Price: 0, RequiredFlags: smartcontract.AllowModifyStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
{Name: "System.Storage.AsReadOnly", Func: storageContextAsReadOnly, Price: 400, RequiredFlags: smartcontract.AllowStates},
|
||||||
{Name: "System.Storage.GetReadOnlyContext", Func: storageGetReadOnlyContext, Price: 400,
|
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
|
||||||
{Name: "System.Storage.Put", Func: storagePut, Price: 0,
|
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates}, // These don't have static price in C# code.
|
|
||||||
{Name: "System.Storage.PutEx", Func: storagePutEx, Price: 0,
|
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates},
|
|
||||||
{Name: "System.Storage.AsReadOnly", Func: storageContextAsReadOnly, Price: 400,
|
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowStates},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var neoInterops = []interop.Function{
|
var neoInterops = []interop.Function{
|
||||||
|
@ -150,8 +129,7 @@ var neoInterops = []interop.Function{
|
||||||
{Name: "Neo.Crypto.CheckMultisigWithECDsaSecp256k1", Func: crypto.ECDSASecp256k1CheckMultisig, Price: 0},
|
{Name: "Neo.Crypto.CheckMultisigWithECDsaSecp256k1", Func: crypto.ECDSASecp256k1CheckMultisig, Price: 0},
|
||||||
{Name: "Neo.Crypto.SHA256", Func: crypto.Sha256, Price: 1000000},
|
{Name: "Neo.Crypto.SHA256", Func: crypto.Sha256, Price: 1000000},
|
||||||
{Name: "Neo.Crypto.RIPEMD160", Func: crypto.RipeMD160, Price: 1000000},
|
{Name: "Neo.Crypto.RIPEMD160", Func: crypto.RipeMD160, Price: 1000000},
|
||||||
{Name: "Neo.Native.Deploy", Func: native.Deploy, Price: 0,
|
{Name: "Neo.Native.Deploy", Func: native.Deploy, Price: 0, RequiredFlags: smartcontract.AllowModifyStates},
|
||||||
AllowedTriggers: trigger.Application, RequiredFlags: smartcontract.AllowModifyStates},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// initIDinInteropsSlice initializes IDs from names in one given
|
// initIDinInteropsSlice initializes IDs from names in one given
|
||||||
|
|
|
@ -6,7 +6,6 @@ import (
|
||||||
"sort"
|
"sort"
|
||||||
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/emit"
|
"github.com/nspcc-dev/neo-go/pkg/vm/emit"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
|
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
|
||||||
)
|
)
|
||||||
|
@ -16,12 +15,9 @@ type InteropFunc func(vm *VM) error
|
||||||
|
|
||||||
// InteropFuncPrice represents an interop function with a price.
|
// InteropFuncPrice represents an interop function with a price.
|
||||||
type InteropFuncPrice struct {
|
type InteropFuncPrice struct {
|
||||||
Func InteropFunc
|
Func InteropFunc
|
||||||
Price int64
|
Price int64
|
||||||
// AllowedTriggers is a mask representing triggers which should be allowed by an interop.
|
RequiredFlags smartcontract.CallFlag
|
||||||
// 0 is interpreted as All.
|
|
||||||
AllowedTriggers trigger.Type
|
|
||||||
RequiredFlags smartcontract.CallFlag
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// interopIDFuncPrice adds an ID to the InteropFuncPrice.
|
// interopIDFuncPrice adds an ID to the InteropFuncPrice.
|
||||||
|
|
|
@ -18,7 +18,6 @@ import (
|
||||||
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/encoding/bigint"
|
"github.com/nspcc-dev/neo-go/pkg/encoding/bigint"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/opcode"
|
"github.com/nspcc-dev/neo-go/pkg/vm/opcode"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
|
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
@ -127,8 +126,7 @@ func getTestingInterop(id uint32) *InteropFuncPrice {
|
||||||
}
|
}
|
||||||
case binary.LittleEndian.Uint32([]byte{0x55, 0x55, 0x55, 0x55}):
|
case binary.LittleEndian.Uint32([]byte{0x55, 0x55, 0x55, 0x55}):
|
||||||
return &InteropFuncPrice{
|
return &InteropFuncPrice{
|
||||||
Func: f,
|
Func: f,
|
||||||
AllowedTriggers: trigger.Application,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -1253,9 +1253,6 @@ func (v *VM) execute(ctx *Context, op opcode.Opcode, parameter []byte) (err erro
|
||||||
case opcode.SYSCALL:
|
case opcode.SYSCALL:
|
||||||
interopID := GetInteropID(parameter)
|
interopID := GetInteropID(parameter)
|
||||||
ifunc := v.GetInteropByID(interopID)
|
ifunc := v.GetInteropByID(interopID)
|
||||||
if ifunc.AllowedTriggers != 0 && ifunc.AllowedTriggers&v.trigger == 0 {
|
|
||||||
panic(fmt.Sprintf("trigger not allowed: %s", v.trigger))
|
|
||||||
}
|
|
||||||
if !v.Context().callFlag.Has(ifunc.RequiredFlags) {
|
if !v.Context().callFlag.Has(ifunc.RequiredFlags) {
|
||||||
panic(fmt.Sprintf("missing call flags: %05b vs %05b", v.Context().callFlag, ifunc.RequiredFlags))
|
panic(fmt.Sprintf("missing call flags: %05b vs %05b", v.Context().callFlag, ifunc.RequiredFlags))
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,7 +14,6 @@ import (
|
||||||
"github.com/nspcc-dev/neo-go/pkg/internal/random"
|
"github.com/nspcc-dev/neo-go/pkg/internal/random"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/io"
|
"github.com/nspcc-dev/neo-go/pkg/io"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
"github.com/nspcc-dev/neo-go/pkg/smartcontract"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger"
|
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/emit"
|
"github.com/nspcc-dev/neo-go/pkg/vm/emit"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/opcode"
|
"github.com/nspcc-dev/neo-go/pkg/vm/opcode"
|
||||||
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
|
"github.com/nspcc-dev/neo-go/pkg/vm/stackitem"
|
||||||
|
@ -841,29 +840,6 @@ func TestCallFlags(t *testing.T) {
|
||||||
t.Run("AllFlagsProvided", getTestCallFlagsFunc(readOnly, smartcontract.ReadOnly, new(int)))
|
t.Run("AllFlagsProvided", getTestCallFlagsFunc(readOnly, smartcontract.ReadOnly, new(int)))
|
||||||
}
|
}
|
||||||
|
|
||||||
func getTestTriggerFunc(syscall []byte, tr trigger.Type, result interface{}) func(t *testing.T) {
|
|
||||||
return func(t *testing.T) {
|
|
||||||
script := append([]byte{byte(opcode.SYSCALL)}, syscall...)
|
|
||||||
v := NewWithTrigger(tr)
|
|
||||||
v.RegisterInteropGetter(getTestingInterop)
|
|
||||||
v.LoadScript(script)
|
|
||||||
if result == nil {
|
|
||||||
checkVMFailed(t, v)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
runVM(t, v)
|
|
||||||
require.Equal(t, result, v.PopResult())
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestAllowedTriggers(t *testing.T) {
|
|
||||||
noFlags := []byte{0x77, 0x77, 0x77, 0x77}
|
|
||||||
appOnly := []byte{0x55, 0x55, 0x55, 0x55}
|
|
||||||
t.Run("Application/NeedNothing", getTestTriggerFunc(noFlags, trigger.Application, new(int)))
|
|
||||||
t.Run("Application/NeedApplication", getTestTriggerFunc(appOnly, trigger.Application, new(int)))
|
|
||||||
t.Run("System/NeedApplication", getTestTriggerFunc(appOnly, trigger.System, nil))
|
|
||||||
}
|
|
||||||
|
|
||||||
func callNTimes(n uint16) []byte {
|
func callNTimes(n uint16) []byte {
|
||||||
return makeProgram(
|
return makeProgram(
|
||||||
opcode.PUSHINT16, opcode.Opcode(n), opcode.Opcode(n>>8), // little-endian
|
opcode.PUSHINT16, opcode.Opcode(n), opcode.Opcode(n>>8), // little-endian
|
||||||
|
|
Loading…
Reference in a new issue