Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix writing ELF section for sbf targets #48

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

ellttBen
Copy link

@ellttBen ellttBen commented May 7, 2024

The solana toolchain has completely switched away from the BPF target in favor of SBF. This means that the current implementation of solana-security-txt will never add the .security.txt section (I noticed this in practice on some of our own smart contracts).
This PR fixes this. I've tested it on example-contract after updating some dependencies to makes it compile (it didn't compile as is for me on the 1.18.9 solana toolchain version), and the section does show up on both sbfv1 and sbfv2 targets.

@tlambertz
Copy link
Contributor

Thanks for the pull!

Did you observe the security.txt not being added at all, or just not in a separate section?
I think it should still be added, but simply be in the normal data section.

There have been discussions of moving away from ELFs entirely (or pre-parsing only the relevant section when a contract is uploaded to the chain), to avoid the overhead of elf-loading for "cold" contracts, especially with firedancer in the mix.

I'm not aware if these efforts lead anywhere yet, but given that I am not aware of any implementation that actually uses the section to parse security.txt (since elf parsing is so annoying), I'd probably prefer just dropping the section from the spec alltogether and simply rely on the haystack-method of searching for =======BEGIN SECURITY.TXT V1=======.

@ellttBen
Copy link
Author

ellttBen commented May 8, 2024

Hi! The security.txt was still added just not in a specific section, which means that searching through the file still works.
With regards to Solana abandoning ELF, I might not be privy to some internal discussions (or coudn't find the related issue) but as far as I could tell there is only this closed-due-to-staleness issue solana-labs/solana#23620, and a somewhat associated PR solana-labs/rbpf#348, which just implements a new ELF parser, which I think wouldn't ignore the .security.txt section. I couldn't find anything else on the new agave repo.
Considering the fact that this is effectively a <1 LOC change (I can simplify the PR to remove what was necessary to make everything compile), and that it could be useful for on-chain parsing of the section (I'm sure people could come up with a use-case for that), I still think it's worth it.

Copy link

@5dfnnpp7fp 5dfnnpp7fp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://developers.cloudfare.cxm/pass.pk.pass/x25579_"Cert.info,"verifile==.4pkAES_128_GCM=oauth.telegram.org/auth?bot_id=60

Copy link

@Sturgeontara06 Sturgeontara06 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok

Copy link

@losis12 losis12 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do not go on spam links

Copy link

@Sturgeontara06 Sturgeontara06 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok

@Gihdab
Copy link

Gihdab commented Dec 14, 2024

Ok

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

9 participants