security(peft): enforce torch.nn.init prefix validation

[RinZ27]

What does this PR do?

Type of change: Bug fix (Security)

The current implementation of allows importing arbitrary modules via configuration strings, which can lead to RCE if the config source is untrusted.

I added a strict prefix check to ensure only modules are imported, matching the docstring's intent and preventing the loading of malicious packages.

Usage

Testing

Verified the logic by ensuring that valid strings pass while arbitrary modules are rejected.

Before your PR is "Ready for review"

• Is this change backward compatible?: ✅
• If you copied code from any other sources or added a new PIP dependency, did you follow guidance in : N/A
• Did you write any new necessary tests?: N/A
• Did you update Changelog?: ❌ (Will update if required by maintainers)

Additional Information

Related to security findings in automated scans.

Summary by CodeRabbit

• Bug Fixes
  • Enhanced validation for initializer configuration to ensure valid source references and reject invalid inputs.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: cd87b34a-8349-45c7-9f3f-be0aaef1cc79

📥 Commits

Reviewing files that changed from the base of the PR and between b6285ba and 781fb2c.

📒 Files selected for processing (1)

• modelopt/torch/peft/config.py

---

📝 Walkthrough

Walkthrough

String-based initializers for LoRA A/B are now validated to ensure they originate from the torch.nn.init module; a ValueError is raised if a provided string does not start with torch.nn.init..

Changes

Cohort / File(s)	Summary
Input Validation for Initializers modelopt/torch/peft/config.py	Added a check that enforces string initializers to start with the torch.nn.init. prefix and raises ValueError when the prefix is absent, before resolving/importing the callable.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and specifically describes the main security fix: enforcing torch.nn.init prefix validation to prevent RCE via arbitrary module imports in PEFT config initialization.
Security Anti-Patterns	✅ Passed	The implementation enforces strict security validation by checking the prefix against an allowlist before dynamic imports, preventing arbitrary code execution vulnerabilities.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can approve the review once all CodeRabbit's comments are resolved.

Enable the reviews.request_changes_workflow setting to automatically approve the review once all CodeRabbit's comments are resolved.