From: Claude Code Review Bot <claude-review@example.com>
To: dri-devel-reviews@example.com
Subject: Claude review: security: dma-heap: Add dma_heap_alloc LSM hook
Date: Sat, 16 May 2026 13:56:22 +1000 [thread overview]
Message-ID: <review-patch3-20260512-v2_20230123_tjmercier_google_com-v1-3-6326701c3691@redhat.com> (raw)
In-Reply-To: <20260512-v2_20230123_tjmercier_google_com-v1-3-6326701c3691@redhat.com>
Patch Review
Adds `security_dma_heap_alloc()` called when `charge_pid_fd` is set.
**Issue 1 - Hook naming:** The hook is named `dma_heap_alloc` but it specifically guards the cross-cgroup charging operation, not allocation in general. A name like `dma_heap_charge_to` would be more precise and less likely to be confused with a general allocation permission.
**Issue 2 - Hook parameters:** The hook only receives `from` and `to` credentials. It might be useful to also pass the heap or allocation size so that policy can be more fine-grained (e.g., allowing cross-charging only up to certain sizes, or only for certain heaps). This is a design trade-off for the RFC discussion.
**Issue 3 - Ordering with mm access:** The LSM check happens before `get_mem_cgroup_from_mm()`:
```c
+ tcred = get_task_cred(task);
+ ret = security_dma_heap_alloc(current_cred(), tcred);
+ put_cred(tcred);
+ if (ret) {
+ put_task_struct(task);
+ return ret;
+ }
+
+ memcg = get_mem_cgroup_from_mm(task->mm);
```
This is correct — check policy first, then access mm. But the `task->mm` NULL issue from patch 2 still applies here.
---
Generated by Claude Code Patch Reviewer
next prev parent reply other threads:[~2026-05-16 3:56 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-12 9:10 [PATCH RFC 0/5] memcg: dma-buf per-cgroup accounting via pid_fd Albert Esteve
2026-05-12 9:10 ` [PATCH RFC 1/5] memcg: Track exported dma-buffers Albert Esteve
2026-05-16 3:56 ` Claude review: " Claude Code Review Bot
2026-05-12 9:10 ` [PATCH RFC 2/5] dma-heap: charge dma-buf memory via explicit memcg Albert Esteve
2026-05-12 10:14 ` Christian König
2026-05-12 18:53 ` T.J. Mercier
2026-05-13 11:39 ` Albert Esteve
2026-05-13 16:35 ` T.J. Mercier
2026-05-13 12:41 ` Albert Esteve
2026-05-13 16:39 ` T.J. Mercier
2026-05-13 18:39 ` Albert Esteve
2026-05-15 13:53 ` Christian Brauner
2026-05-15 17:06 ` T.J. Mercier
2026-05-16 3:56 ` Claude review: " Claude Code Review Bot
2026-05-12 9:10 ` [PATCH RFC 3/5] security: dma-heap: Add dma_heap_alloc LSM hook Albert Esteve
2026-05-16 3:56 ` Claude Code Review Bot [this message]
2026-05-12 9:10 ` [PATCH RFC 4/5] selinux: Restrict cross-cgroup dma-heap charging Albert Esteve
2026-05-14 20:44 ` Paul Moore
2026-05-16 3:56 ` Claude review: " Claude Code Review Bot
2026-05-12 9:10 ` [PATCH RFC 5/5] selftests/dmabuf-heaps: Add dma-buf memcg accounting tests Albert Esteve
2026-05-16 3:56 ` Claude review: " Claude Code Review Bot
2026-05-16 3:56 ` Claude review: memcg: dma-buf per-cgroup accounting via pid_fd Claude Code Review Bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=review-patch3-20260512-v2_20230123_tjmercier_google_com-v1-3-6326701c3691@redhat.com \
--to=claude-review@example.com \
--cc=dri-devel-reviews@example.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox