Skip to content
This repository has been archived by the owner on Aug 2, 2022. It is now read-only.

bos blacklist #6947

Closed
wants to merge 11 commits into from
Closed

bos blacklist #6947

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
4f8a64c
blacklist
vvvictorlee Mar 14, 2019
b51d559
blacklist
vvvictorlee Mar 14, 2019
0ca6d84
blacklist
vvvictorlee Mar 14, 2019
4f3f57c
Merge branch 'feature/blacklistonchainforeosio' of https://github.com…
vvvictorlee Mar 14, 2019
cde2094
blacklist
vvvictorlee Mar 17, 2019
70fa50b
blacklist
vvvictorlee Mar 20, 2019
717cb7d
blacklist
vvvictorlee Mar 20, 2019
cb0f95e
blacklist
vvvictorlee Mar 20, 2019
2f0256a
blacklist
vvvictorlee Mar 21, 2019
1ff2983
blacklist
vvvictorlee Mar 21, 2019
9f235c3
Merge pull request #8 from EOSIO/develop
vlbos Mar 30, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions libraries/chain/chain_config.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,4 +43,10 @@ namespace eosio { namespace chain {
"max authority depth should be at least 1" );
}

void chain_config2::validate() const{
EOS_ASSERT(std::numeric_limits<decltype(actor_blacklist.size())>::max() > actor_blacklist.size(), action_validate_exception, "Overflow in blacklist when adding actor blacklist!");
EOS_ASSERT(std::numeric_limits<decltype(contract_blacklist.size())>::max() > contract_blacklist.size(), action_validate_exception, "Overflow in blacklist when adding contract blacklist!");
EOS_ASSERT(std::numeric_limits<decltype(resource_greylist.size())>::max() > resource_greylist.size(), action_validate_exception, "Overflow in greylistwhen adding resource greylist!");
}

} } // namespace eosio::chain
135 changes: 135 additions & 0 deletions libraries/chain/controller.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ using controller_index_set = index_set<
account_index,
account_sequence_index,
global_property_multi_index,
global_property2_multi_index,
dynamic_global_property_multi_index,
block_summary_multi_index,
transaction_multi_index,
Expand Down Expand Up @@ -124,6 +125,7 @@ struct controller_impl {
resource_limits_manager resource_limits;
authorization_manager authorization;
controller::config conf;
controller::config multisig_blacklists;///< multisig blacklists in memory
chain_id_type chain_id;
bool replaying= false;
optional<fc::time_point> replay_head_time;
Expand Down Expand Up @@ -400,6 +402,7 @@ struct controller_impl {
ilog( "database initialized with hash: ${hash}", ("hash", hash) );
}

merge_msig_blacklist_into_conf();
}

~controller_impl() {
Expand Down Expand Up @@ -641,6 +644,9 @@ struct controller_impl {
});
db.create<dynamic_global_property_object>([](auto&){});

db.create<global_property2_object>([&](auto &gpo) {

});
authorization.initialize_database();
resource_limits.initialize_database();

Expand All @@ -666,7 +672,128 @@ struct controller_impl {
conf.genesis.initial_timestamp );
}

void set_blacklist(blacklist_type list, list_action_type action, std::vector<account_name> accounts)
{
//set list from set_blacklist action in system contract
EOS_ASSERT(action >= list_action_type::insert_type && action < list_action_type::list_action_type_count, transaction_exception, "unknown action: ${action}", ("action", static_cast<int64_t>(action)));
int64_t blacklist_type = static_cast<int64_t>(list);
const auto &gp2o = db.get<global_property2_object>();
auto update_blacklists = [&](const shared_vector<account_name> &db_blacklist, flat_set<account_name> &conf_blacklist, flat_set<account_name> &msig_blacklist){
for (auto &a : db_blacklist){
conf_blacklist.insert(a);
msig_blacklist.insert(a);
}

auto update_blacklist = [&](auto &blacklist) {
if (action == list_action_type::insert_type){
blacklist.insert(accounts.begin(), accounts.end());
}
else if (action == list_action_type::remove_type){
flat_set<account_name> name_set(accounts.begin(), accounts.end());
flat_set<account_name> results;
results.reserve(blacklist.size());
set_difference(blacklist.begin(), blacklist.end(),
name_set.begin(), name_set.end(),
std::inserter(results, results.begin()));

blacklist = results;
}
};

update_blacklist(conf_blacklist);
update_blacklist(msig_blacklist);

auto insert_blacklists = [&](auto &gp2) {
auto insert_blacklist = [&](shared_vector<account_name> &blacklist) {
blacklist.clear();

for (auto &a : msig_blacklist){
blacklist.push_back(a);
}
};

switch (list){
case blacklist_type::actor_blacklist_type:
insert_blacklist(gp2.cfg.actor_blacklist);
break;
case blacklist_type::contract_blacklist_type:
insert_blacklist(gp2.cfg.contract_blacklist);
break;
case blacklist_type::resource_greylist_type:
insert_blacklist(gp2.cfg.resource_greylist);
break;
default:
EOS_ASSERT(false, transaction_exception,
"unknown list type : ${blklsttype}", ("blklsttype", blacklist_type));
}
};

db.modify(gp2o, [&](auto &gp2) {
insert_blacklists(gp2);
});
};

switch (list){
case blacklist_type::actor_blacklist_type:
update_blacklists(gp2o.cfg.actor_blacklist, conf.actor_blacklist, multisig_blacklists.actor_blacklist);
break;
case blacklist_type::contract_blacklist_type:
update_blacklists(gp2o.cfg.contract_blacklist, conf.contract_blacklist, multisig_blacklists.contract_blacklist);
break;
case blacklist_type::resource_greylist_type:
update_blacklists(gp2o.cfg.resource_greylist, conf.resource_greylist, multisig_blacklists.resource_greylist);
break;
default:
EOS_ASSERT(false, transaction_exception,
"unknown list type : ${blklsttype}", ("blklsttype", blacklist_type));
}
}

void check_msig_blacklist(blacklist_type blacklist_type,account_name account)
{
auto check_blacklist = [&](const flat_set<account_name>& msig_blacklist){
EOS_ASSERT(msig_blacklist.find(account) == msig_blacklist.end(), transaction_exception,
" do not remove account in multisig blacklist , account: ${account}", ("account", account));
};

switch (blacklist_type)
{
case blacklist_type::actor_blacklist_type:
check_blacklist(multisig_blacklists.actor_blacklist);
break;
case blacklist_type::contract_blacklist_type:
check_blacklist(multisig_blacklists.contract_blacklist);
break;
case blacklist_type::resource_greylist_type:
check_blacklist(multisig_blacklists.resource_greylist);
break;
default:
EOS_ASSERT(false, transaction_exception,
"unknown list type : ${blklsttype}, account: ${account}", ("blklsttype",static_cast<uint64_t>(blacklist_type))("account", account));
}
}

void merge_msig_blacklist_into_conf()
{
try{
auto merge_blacklist = [&](const shared_vector<account_name>& msig_blacklist_in_db,flat_set<account_name>& conf_blacklist){

for (auto& a : msig_blacklist_in_db)
{
conf_blacklist.insert(a);
}
};

const auto &gp2o = db.get<global_property2_object>();
merge_blacklist(gp2o.cfg.actor_blacklist,conf.actor_blacklist);
merge_blacklist(gp2o.cfg.contract_blacklist,conf.contract_blacklist);
merge_blacklist(gp2o.cfg.resource_greylist,conf.resource_greylist);
}
catch (...)
{
wlog("when plugin initialize,execute merge multsig blacklist to ignore exception before create global property2 object");
}
}

/**
* @post regardless of the success of commit block there is no active pending block
Expand Down Expand Up @@ -2201,6 +2328,7 @@ void controller::add_resource_greylist(const account_name &name) {
}

void controller::remove_resource_greylist(const account_name &name) {
my->check_msig_blacklist(blacklist_type::resource_greylist_type,name);
my->conf.resource_greylist.erase(name);
}

Expand All @@ -2212,4 +2340,11 @@ const flat_set<account_name> &controller::get_resource_greylist() const {
return my->conf.resource_greylist;
}

const global_property2_object& controller::get_global_properties2()const {
return my->db.get<global_property2_object>();
}
void controller::set_blacklist(int64_t list, int64_t action, std::vector<account_name> accounts)
{
my->set_blacklist(static_cast<blacklist_type>(list), static_cast<list_action_type>(action), accounts);
}
} } /// eosio::chain
11 changes: 11 additions & 0 deletions libraries/chain/include/eosio/chain/chain_config.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,16 @@ struct chain_config {

};

struct chain_config2 {
chain_config2( chainbase::allocator<char> alloc )
:actor_blacklist(alloc),contract_blacklist(alloc),resource_greylist(alloc){}

shared_vector<name> actor_blacklist;
shared_vector<name> contract_blacklist;
shared_vector<name> resource_greylist;

void validate()const;
};
} } // namespace eosio::chain

FC_REFLECT(eosio::chain::chain_config,
Expand All @@ -119,3 +129,4 @@ FC_REFLECT(eosio::chain::chain_config,
(max_inline_action_size)(max_inline_action_depth)(max_authority_depth)

)
FC_REFLECT( eosio::chain::chain_config2, (actor_blacklist)(contract_blacklist)(resource_greylist) )
15 changes: 15 additions & 0 deletions libraries/chain/include/eosio/chain/controller.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ namespace eosio { namespace chain {

class dynamic_global_property_object;
class global_property_object;
class global_property2_object;
class permission_object;
class account_object;
using resource_limits::resource_limits_manager;
Expand All @@ -50,6 +51,18 @@ namespace eosio { namespace chain {
FULL,
LIGHT
};
enum class blacklist_type:int64_t {
actor_blacklist_type=1,
contract_blacklist_type,
resource_greylist_type,
list_type_count
};
enum class list_action_type:int64_t
{
insert_type = 1,
remove_type,
list_action_type_count
};

class controller {
public:
Expand Down Expand Up @@ -213,6 +226,8 @@ namespace eosio { namespace chain {

void add_resource_greylist(const account_name &name);
void remove_resource_greylist(const account_name &name);
const global_property2_object& get_global_properties2()const;
void set_blacklist(int64_t list, int64_t action, std::vector<account_name> accounts);
bool is_resource_greylisted(const account_name &name) const;
const flat_set<account_name> &get_resource_greylist() const;

Expand Down
20 changes: 20 additions & 0 deletions libraries/chain/include/eosio/chain/global_property_object.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,14 @@ namespace eosio { namespace chain {
chain_config configuration;
};

class global_property2_object : public chainbase::object<global_property2_object_type, global_property2_object>
{
OBJECT_CTOR(global_property2_object, (cfg))

id_type id;
chain_config2 cfg;

};


/**
Expand Down Expand Up @@ -71,11 +79,20 @@ namespace eosio { namespace chain {
>
>;

using global_property2_multi_index = chainbase::shared_multi_index_container<
global_property2_object,
indexed_by<
ordered_unique<tag<by_id>,
BOOST_MULTI_INDEX_MEMBER(global_property2_object, global_property2_object::id_type, id)
>
>
>;
}}

CHAINBASE_SET_INDEX_TYPE(eosio::chain::global_property_object, eosio::chain::global_property_multi_index)
CHAINBASE_SET_INDEX_TYPE(eosio::chain::dynamic_global_property_object,
eosio::chain::dynamic_global_property_multi_index)
CHAINBASE_SET_INDEX_TYPE(eosio::chain::global_property2_object, eosio::chain::global_property2_multi_index)

FC_REFLECT(eosio::chain::dynamic_global_property_object,
(global_action_sequence)
Expand All @@ -84,3 +101,6 @@ FC_REFLECT(eosio::chain::dynamic_global_property_object,
FC_REFLECT(eosio::chain::global_property_object,
(proposed_schedule_block_num)(proposed_schedule)(configuration)
)
FC_REFLECT(eosio::chain::global_property2_object,
(cfg)
)
1 change: 1 addition & 0 deletions libraries/chain/include/eosio/chain/types.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,7 @@ namespace eosio { namespace chain {
index_double_object_type,
index_long_double_object_type,
global_property_object_type,
global_property2_object_type,
dynamic_global_property_object_type,
block_summary_object_type,
transaction_object_type,
Expand Down
16 changes: 16 additions & 0 deletions libraries/chain/wasm_interface.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -193,6 +193,21 @@ class privileged_api : public context_aware_api {
});
}

void set_blacklist_packed(int64_t list, int64_t action, array_ptr<char> packed_blockchain_blacklist, size_t datalen)
{
int64_t lstbegin = static_cast<int64_t>(blacklist_type::actor_blacklist_type);
int64_t lstend = static_cast<int64_t>(blacklist_type::list_type_count);
int64_t actbegin = static_cast<int64_t>(list_action_type::insert_type);
int64_t actend = static_cast<int64_t>(list_action_type::list_action_type_count);
EOS_ASSERT(list >= lstbegin && list < lstend, wasm_execution_error, "unkown blacklist type!");
EOS_ASSERT(action >= actbegin && action < actend, wasm_execution_error, "unkown action type");

datastream<const char *> ds(packed_blockchain_blacklist, datalen);
std::vector<name> blacklist;
fc::raw::unpack(ds, blacklist);

context.control.set_blacklist(list, action, blacklist);
}
bool is_privileged( account_name n )const {
return context.db.get<account_object, by_name>( n ).privileged;
}
Expand Down Expand Up @@ -1700,6 +1715,7 @@ REGISTER_INTRINSICS(privileged_api,
(set_proposed_producers, int64_t(int,int) )
(get_blockchain_parameters_packed, int(int, int) )
(set_blockchain_parameters_packed, void(int,int) )
(set_blacklist_packed, void(int64_t,int64_t,int,int) )
(is_privileged, int(int64_t) )
(set_privileged, void(int64_t, int) )
);
Expand Down