From mboxrd@z Thu Jan 1 00:00:00 1970 From: Claude Code Review Bot To: dri-devel-reviews@example.com Subject: Claude review: security: dma-heap: Add dma_heap_alloc LSM hook Date: Sat, 16 May 2026 13:56:22 +1000 Message-ID: In-Reply-To: <20260512-v2_20230123_tjmercier_google_com-v1-3-6326701c3691@redhat.com> References: <20260512-v2_20230123_tjmercier_google_com-v1-0-6326701c3691@redhat.com> <20260512-v2_20230123_tjmercier_google_com-v1-3-6326701c3691@redhat.com> X-Mailer: Claude Code Patch Reviewer Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Patch Review Adds `security_dma_heap_alloc()` called when `charge_pid_fd` is set. **Issue 1 - Hook naming:** The hook is named `dma_heap_alloc` but it specif= ically guards the cross-cgroup charging operation, not allocation in genera= l. A name like `dma_heap_charge_to` would be more precise and less likely t= o be confused with a general allocation permission. **Issue 2 - Hook parameters:** The hook only receives `from` and `to` crede= ntials. It might be useful to also pass the heap or allocation size so that= policy can be more fine-grained (e.g., allowing cross-charging only up to = certain sizes, or only for certain heaps). This is a design trade-off for t= he RFC discussion. **Issue 3 - Ordering with mm access:** The LSM check happens before `get_me= m_cgroup_from_mm()`: ```c + tcred =3D get_task_cred(task); + ret =3D security_dma_heap_alloc(current_cred(), tcred); + put_cred(tcred); + if (ret) { + put_task_struct(task); + return ret; + } + + memcg =3D get_mem_cgroup_from_mm(task->mm); ``` This is correct =E2=80=94 check policy first, then access mm. But the `task= ->mm` NULL issue from patch 2 still applies here. --- Generated by Claude Code Patch Reviewer