Re: [PATCH V6 1/2] nvme: enable char device per namespace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Mar 25, 2021 at 09:26:47AM +0100, hch@xxxxxx wrote:
> On Thu, Mar 25, 2021 at 11:09:51AM +0900, Minwoo Im wrote:
> > > I was still allowed to write to NSID2:
> > > 
> > > sudo nvme zns report-zones -d 1 /dev/nvme0n2
> > > SLBA: 0x0        WP: 0x1        Cap: 0x3e000    State: IMP_OPENED   Type: SEQWRITE_REQ   Attrs: 0x0
> > > 
> > > Should this really be allowed?
> > 
> > I think this should not be allowed at all.  Thanks for the testing!
> 
> It should not be allowed, but it seems like a pre-existing problem
> as nvme_user_cmd does not verify the nsid.
> 
> > > I was under the impression that Christoph's argument for implementing per
> > > namespace char devices, was that you should be able to do access control.
> > > Doesn't that mean that for the new char devices, we need to reject ioctls
> > > that specify a nvme_passthru_cmd.nsid != the NSID that the char device
> > > represents?
> > > 
> > > 
> > > Although, this is not really something new, as we already have the same
> > > behavior when it comes ioctls and the block devices. Perhaps we want to
> > > add the same verification there?
> > 
> > I think there should be verifications.
> 
> Yes.

Thanks Minwoo, Christoph,

I'll cook up a patch based on nvme/nvme-5.13.


Kind regards,
Niklas



[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux