BPF List
 help / color / mirror / Atom feed
From: "Alexei Starovoitov" <alexei.starovoitov@gmail.com>
To: "Masoud Aghasi" <maghasi@disroot.org>, <bpf@vger.kernel.org>
Cc: <andrii@kernel.org>, <eddyz87@gmail.com>, <ast@kernel.org>,
	<daniel@iogearbox.net>, <memxor@gmail.com>,
	<martin.lau@linux.dev>, <song@kernel.org>,
	<yonghong.song@linux.dev>, <jolsa@kernel.org>,
	<emil@etsalapatis.com>
Subject: Re: [PATCH] libbpf: Add length checks for path parameters before memory allocation
Date: Tue, 30 Jun 2026 11:12:12 -0700	[thread overview]
Message-ID: <DJML5849E02H.EAOD5MGEV8L0@gmail.com> (raw)
In-Reply-To: <87da609e-ff8a-4f26-929a-338399f75288@disroot.org>

On Mon Jun 29, 2026 at 11:46 PM PDT, Masoud Aghasi wrote:
> On 29/06/2026 19:23, Alexei Starovoitov wrote:
>> 
>> The code is fine as-is. We don't add defensive checks.
>> 
>> pw-bot: cr
>
> Thanks for the review.
>
> I'm just starting to contribute to libbpf, so I'd like to make sure
> I understand the design philosophy correctly.
>
> Is the following understanding correct?
>
> Since the caller and libbpf share the same trust boundary
> (same process, same VAS), libbpf generally assumes that API arguments
> come from a trusted caller. If an application accepts input from an
> untrusted source, it's the application's responsibility to validate
> that input before passing it to libbpf.

No. It's nobody's responsiblity to validate anything.
Users of libbpf should use API correctly. That's it.


      reply	other threads:[~2026-06-30 18:12 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-29 12:25 [PATCH] libbpf: Add length checks for path parameters before memory allocation Masoud Aghasi
2026-06-29 13:13 ` bot+bpf-ci
2026-06-29 18:23 ` Alexei Starovoitov
2026-06-30  6:46   ` Masoud Aghasi
2026-06-30 18:12     ` Alexei Starovoitov [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=DJML5849E02H.EAOD5MGEV8L0@gmail.com \
    --to=alexei.starovoitov@gmail.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=eddyz87@gmail.com \
    --cc=emil@etsalapatis.com \
    --cc=jolsa@kernel.org \
    --cc=maghasi@disroot.org \
    --cc=martin.lau@linux.dev \
    --cc=memxor@gmail.com \
    --cc=song@kernel.org \
    --cc=yonghong.song@linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox