Use zalloc for processor/message-queue/coordinator

An additional layer which protects us against edge cases with Zeroizing (objects which don't support it or don't miss it).
2025-04-10 00:07:33 +00:00 · 2024-01-01 08:45:45 -05:00 · 2024-01-01 08:45:45 -05:00 · 8bd2a0fc56
commit 8bd2a0fc56
parent 7d2c47f3d4
7 changed files with 21 additions and 3 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -7344,6 +7344,7 @@ dependencies = [
 "sp-runtime",
 "tokio",
 "tributary-chain",
+ "zalloc",
 "zeroize",
 ]

@ -7486,6 +7487,7 @@ dependencies = [
 "serai-env",
 "serai-primitives",
 "tokio",
+ "zalloc",
 "zeroize",
 ]

@ -7607,6 +7609,7 @@ dependencies = [
 "sp-application-crypto",
 "thiserror",
 "tokio",
+ "zalloc",
 "zeroize",
 ]

--- a/coordinator/Cargo.toml
+++ b/coordinator/Cargo.toml
@ -32,6 +32,7 @@ frost-schnorrkel = { path = "../crypto/schnorrkel" }

 scale = { package = "parity-scale-codec", version = "3", default-features = false, features = ["std", "derive"] }

+zalloc = { path = "../common/zalloc" }
 serai-db = { path = "../common/db" }
 serai-env = { path = "../common/env" }

--- a/coordinator/src/main.rs
+++ b/coordinator/src/main.rs
@ -63,6 +63,10 @@ use cosign_evaluator::CosignEvaluator;
 #[cfg(test)]
 pub mod tests;

+#[global_allocator]
+static ALLOCATOR: zalloc::ZeroizingAlloc<std::alloc::System> =
+  zalloc::ZeroizingAlloc(std::alloc::System);
+
 #[derive(Clone)]
 pub struct ActiveTributary<D: Db, P: P2p> {
  pub spec: TributarySpec,
--- a/message-queue/Cargo.toml
+++ b/message-queue/Cargo.toml
@ -40,6 +40,7 @@ env_logger = { version = "0.10", default-features = false, features = ["humantim
 # Uses a single threaded runtime since this shouldn't ever be CPU-bound
 tokio = { version = "1", default-features = false, features = ["rt", "time", "io-util", "net", "macros"] }

+zalloc = { path = "../common/zalloc" }
 serai-db = { path = "../common/db", optional = true }

 serai-env = { path = "../common/env" }
--- a/message-queue/src/main.rs
+++ b/message-queue/src/main.rs
@ -1,6 +1,3 @@
-mod messages;
-mod queue;
-
 pub(crate) use std::{
  sync::{Arc, RwLock},
  collections::HashMap,
@ -38,6 +35,13 @@ mod clippy {
 }
 pub(crate) use self::clippy::*;

+mod messages;
+mod queue;
+
+#[global_allocator]
+static ALLOCATOR: zalloc::ZeroizingAlloc<std::alloc::System> =
+  zalloc::ZeroizingAlloc(std::alloc::System);
+
 // queue RPC method
 /*
  Queues a message to be delivered from a processor to a coordinator, or vice versa.
--- a/processor/Cargo.toml
+++ b/processor/Cargo.toml
@ -54,6 +54,7 @@ log = { version = "0.4", default-features = false, features = ["std"] }
 env_logger = { version = "0.10", default-features = false, features = ["humantime"], optional = true }
 tokio = { version = "1", default-features = false, features = ["rt-multi-thread", "sync", "time", "macros"] }

+zalloc = { path = "../common/zalloc" }
 serai-db = { path = "../common/db", optional = true }
 serai-env = { path = "../common/env", optional = true }
 # TODO: Replace with direct usage of primitives
--- a/processor/src/main.rs
+++ b/processor/src/main.rs
@ -61,6 +61,10 @@ use multisigs::{MultisigEvent, MultisigManager};
 #[cfg(test)]
 mod tests;

+#[global_allocator]
+static ALLOCATOR: zalloc::ZeroizingAlloc<std::alloc::System> =
+  zalloc::ZeroizingAlloc(std::alloc::System);
+
 // Items which are mutably borrowed by Tributary.
 // Any exceptions to this have to be carefully monitored in order to ensure consistency isn't
 // violated.