Hello, Stefan Hajnoczi suggested un-privileged ublk device[1] for container use case. So far only administrator can create/control ublk device which is too strict and increase system administrator burden, and this patchset implements un-privileged ublk device: - any user can create ublk device, which can only be controlled & accessed by the owner of the device or administrator For using such mechanism, system administrator needs to deploy two simple udev rules[2] after running 'make install' in ublksrv. Userspace(ublksrv): https://github.com/ming1/ubdsrv/tree/unprivileged-ublk 'ublk add -t $TYPE --un_privileged=1' is for creating one un-privileged ublk device if the user is un-privileged. [1] https://lore.kernel.org/linux-block/YoOr6jBfgVm8GvWg@stefanha-x1.localdomain/ [2] https://github.com/ming1/ubdsrv/blob/unprivileged-ublk/README.rst#un-privileged-mode Ming Lei (6): ublk_drv: remove nr_aborted_queues from ublk_device ublk_drv: don't probe partitions if the ubq daemon isn't trusted ublk_drv: move ublk_get_device_from_id into ublk_ctrl_uring_cmd ublk_drv: add device parameter UBLK_PARAM_TYPE_DEVT ublk_drv: add module parameter of ublks_max for limiting max allowed ublk dev ublk_drv: add mechanism for supporting unprivileged ublk device Documentation/block/ublk.rst | 18 +- drivers/block/ublk_drv.c | 340 ++++++++++++++++++++++++---------- include/uapi/linux/ublk_cmd.h | 49 ++++- 3 files changed, 299 insertions(+), 108 deletions(-) -- 2.31.1
