The interface where messages are transmitted from the kernel into the
monitor buffer in userspace for handling by this code is controlled
entirely by trusted code managed by the Cilium project. The messages are
formed in a consistent way by eBPF code, which are then transmitted
through a map that requires privileged access to inject into or read out
of, and then the code being fuzzed here will read those messages from
the ringbuffer map. Fuzzing this interface doesn't make sense given
Cilium's threat model.
If we have someone actively involved in the project who sees value in
these tests and wishes to adopt these and handle the corresponding
reports, please reach out to security@cilium.io.
The interface where messages are transmitted from the kernel into the monitor buffer in userspace for handling by this code is controlled entirely by trusted code managed by the Cilium project. The messages are formed in a consistent way by eBPF code, which are then transmitted through a map that requires privileged access to inject into or read out of, and then the code being fuzzed here will read those messages from the ringbuffer map. Fuzzing this interface doesn't make sense given Cilium's threat model.
If we have someone actively involved in the project who sees value in these tests and wishes to adopt these and handle the corresponding reports, please reach out to security@cilium.io.