Alan-Jowett
commented
2 years ago Clarification: We should create a ".3d" file that describes the protocol messages from ebpf_protocol.h and have everparse generate a validator for it.
Then modify ebpf_core_invoke_protocol_handler to invoke the generated validator to verify the message is valid before dispatching it.
dahavey
Communication between execution context and verifier/user mode is currently via handwritten serializer code. We should investigate using a more secure serializer like everparse which offers better guarantees about safety.