From: Claude Code Review Bot <claude-review@example.com>
To: dri-devel-reviews@example.com
Subject: Claude review: complete perf_allow_* trio and use in drm/xe
Date: Mon, 25 May 2026 18:04:51 +1000 [thread overview]
Message-ID: <review-overall-20260523013326.129491-1-jhubbard@nvidia.com> (raw)
In-Reply-To: <20260523013326.129491-1-jhubbard@nvidia.com>
Overall Series Review
Subject: complete perf_allow_* trio and use in drm/xe
Author: John Hubbard <jhubbard@nvidia.com>
Patches: 5
Reviewed: 2026-05-25T18:04:51.127105
---
This is a clean, well-motivated 2-patch series that completes the `perf_allow_*` API for modular callers and then uses it in drm/xe to replace open-coded permission checks. The series follows the precedent set by commit 5e9629d0ae97 for `perf_allow_kernel()` and extends it consistently to the remaining two helpers.
The code is correct and the structure is sound. The main behavioral change to note is that xe observation streams will now additionally consult the `security_perf_event_open()` LSM hook and respect the graduated `kernel.perf_event_paranoid` policy rather than doing a simple `perfmon_capable()` check. This is a deliberate improvement and is well-documented in the commit messages.
One subtle point worth calling out: when `kernel.perf_event_paranoid` is set to 0 (not the default, which is 2), `perf_allow_cpu()` will skip the capability check entirely and only consult the LSM hook. This means xe observation could become *less* restrictive than before in that specific admin-configured scenario. This is consistent with the stated goal of aligning with the system perf policy, but the series might benefit from a note in the commit message about this edge case for anyone bisecting a permission change.
No blocking issues. Reviewed-by-worthy with minor observations below.
---
---
Generated by Claude Code Patch Reviewer
prev parent reply other threads:[~2026-05-25 8:04 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-23 1:33 [PATCH v2 0/2] complete perf_allow_* trio and use in drm/xe John Hubbard
2026-05-23 1:33 ` [PATCH v2 1/2] perf/core: out-of-line and export perf_allow_cpu/tracepoint() John Hubbard
2026-05-25 8:04 ` Claude review: " Claude Code Review Bot
2026-05-23 1:33 ` [PATCH v2 2/2] drm/xe: gate observation streams with perf_allow_cpu() John Hubbard
2026-05-25 8:04 ` Claude review: " Claude Code Review Bot
2026-05-23 8:40 ` [PATCH v2 0/2] complete perf_allow_* trio and use in drm/xe Peter Zijlstra
2026-05-23 17:52 ` John Hubbard
2026-05-25 8:04 ` Claude Code Review Bot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=review-overall-20260523013326.129491-1-jhubbard@nvidia.com \
--to=claude-review@example.com \
--cc=dri-devel-reviews@example.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox