Kernel Module Review

workflow:kernel-module-review

Workflowworkflows/workflows/workflows-systems-programming.yaml·Open in Graph →

{
  "id": "workflow:kernel-module-review",
  "_kind": "Workflow",
  "_file": "workflows/workflows/workflows-systems-programming.yaml",
  "_cluster": "workflows",
  "attributes": {
    "displayName": "Kernel Module Review",
    "workflowKind": "governance",
    "triggerType": "event-driven",
    "typicalCadence": "per-event",
    "complexity": "cross-team",
    "description": "Reviews and tests kernel module and device driver code changes before they\nreach production — validating adherence to kernel coding style and API\nconventions, running static analysis with sparse and smatch for common kernel\nbug patterns (use-after-free, missing locks, uninitialized memory), executing\nthe kernel test suite (KUnit, kselftest) with coverage instrumentation,\nstress-testing under memory pressure and CPU contention to expose race\nconditions, verifying module load/unload cycles for resource leak freedom,\nand checking backward compatibility of exported symbols against stable ABI\nguarantees. Produces code review reports, static analysis findings, and test\nexecution summaries with regression status. Excludes userspace driver\ndevelopment.\n"
  },
  "outgoingEdges": [
    {
      "from": "workflow:kernel-module-review",
      "to": "role:principal-engineer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "role:security-reviewer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "role:code-reviewer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "skill-area:fuzz-testing",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "skill-area:profiling-memory",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "domain:systems-programming",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "domain:security",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "responsibility:security-review",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "responsibility:code-review-coverage",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "org-unit:engineering",
      "kind": "performed_by_org_unit",
      "attributes": {}
    },
    {
      "from": "workflow:kernel-module-review",
      "to": "org-unit:application-security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    }
  ],
  "incomingEdges": []
}

{ "id": "workflow:kernel-module-review", "_kind": "Workflow", "_file": "workflows/workflows/workflows-systems-programming.yaml", "_cluster": "workflows", "attributes": { "displayName": "Kernel Module Review", "workflowKind": "governance", "triggerType": "event-driven", "typicalCadence": "per-event", "complexity": "cross-team", "description": "Reviews and tests kernel module and device driver code changes before they\nreach production — validating adherence to kernel coding style and API\nconventions, running static analysis with sparse and smatch for common kernel\nbug patterns (use-after-free, missing locks, uninitialized memory), executing\nthe kernel test suite (KUnit, kselftest) with coverage instrumentation,\nstress-testing under memory pressure and CPU contention to expose race\nconditions, verifying module load/unload cycles for resource leak freedom,\nand checking backward compatibility of exported symbols against stable ABI\nguarantees. Produces code review reports, static analysis findings, and test\nexecution summaries with regression status. Excludes userspace driver\ndevelopment.\n" }, "outgoingEdges": [ { "from": "workflow:kernel-module-review", "to": "role:principal-engineer", "kind": "involves_role", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "role:security-reviewer", "kind": "involves_role", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "role:code-reviewer", "kind": "involves_role", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "skill-area:fuzz-testing", "kind": "requires_skill_area", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "skill-area:profiling-memory", "kind": "requires_skill_area", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "domain:systems-programming", "kind": "applies_to_domain", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "domain:security", "kind": "applies_to_domain", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "responsibility:security-review", "kind": "triggers_responsibility", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "responsibility:code-review-coverage", "kind": "triggers_responsibility", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "org-unit:engineering", "kind": "performed_by_org_unit", "attributes": {} }, { "from": "workflow:kernel-module-review", "to": "org-unit:application-security-team", "kind": "performed_by_org_unit", "attributes": {} } ], "incomingEdges": [] }