From: Claude Code Review Bot <claude-review@example.com>
To: dri-devel-reviews@example.com
Subject: Claude review: dma-buf: add DMA_BUF_IOCTL_DERIVE for reduced-permission aliases
Date: Mon, 25 May 2026 20:27:32 +1000 [thread overview]
Message-ID: <review-overall-20260521-dmabuf-limit-access-v1-0-26c01e27365a@redhat.com> (raw)
In-Reply-To: <20260521-dmabuf-limit-access-v1-0-26c01e27365a@redhat.com>
Overall Series Review
Subject: dma-buf: add DMA_BUF_IOCTL_DERIVE for reduced-permission aliases
Author: Albert Esteve <aesteve@redhat.com>
Patches: 7
Reviewed: 2026-05-25T20:27:32.725080
---
This series adds `DMA_BUF_IOCTL_DERIVE`, a mechanism to create a new file descriptor for an existing dma-buf with a subset of the caller's permissions. The use case (handing read-only views to less-privileged consumers) is well-motivated and the cover letter does a good job explaining why existing approaches (dup, /proc/self/fd, re-export) don't work.
The overall design — cloning the file with `alloc_file_clone`, sharing the same `struct dma_buf` / `dma_resv`, and adding a targeted mmap write check — is reasonable. The refcount management via `get_dma_buf` / `dma_buf_put` and the move of `__dma_buf_list_del` to dentry release are sound.
However, there is a **security bug** in the permission escalation check: `O_WRONLY` is not blocked when deriving from an `O_RDONLY` fd, which is a privilege escalation. There are also a few design gaps worth discussing (DMA access, sync ioctl, write-only interactions).
---
---
Generated by Claude Code Patch Reviewer
prev parent reply other threads:[~2026-05-25 10:27 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-21 9:10 [PATCH 0/2] dma-buf: add DMA_BUF_IOCTL_DERIVE for reduced-permission aliases Albert Esteve
2026-05-21 9:10 ` [PATCH 1/2] " Albert Esteve
2026-05-21 12:30 ` Christian König
2026-05-25 10:27 ` Claude review: " Claude Code Review Bot
2026-05-21 9:10 ` [PATCH 2/2] selftests: dma-buf: add DERIVE ioctl tests Albert Esteve
2026-05-25 10:27 ` Claude review: " Claude Code Review Bot
2026-05-21 12:28 ` [PATCH 0/2] dma-buf: add DMA_BUF_IOCTL_DERIVE for reduced-permission aliases Christian König
2026-05-21 13:01 ` Albert Esteve
2026-05-21 13:14 ` Christian König
2026-05-25 10:27 ` Claude Code Review Bot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=review-overall-20260521-dmabuf-limit-access-v1-0-26c01e27365a@redhat.com \
--to=claude-review@example.com \
--cc=dri-devel-reviews@example.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox