[PATCH V6 1/2] nvme: enable char device per namespace
Minwoo Im
minwoo.im.dev at gmail.com
Thu Mar 25 09:34:44 GMT 2021
On 21-03-25 08:39:40, Niklas Cassel wrote:
> On Thu, Mar 25, 2021 at 09:26:47AM +0100, hch at lst.de wrote:
> > On Thu, Mar 25, 2021 at 11:09:51AM +0900, Minwoo Im wrote:
> > > > I was still allowed to write to NSID2:
> > > >
> > > > sudo nvme zns report-zones -d 1 /dev/nvme0n2
> > > > SLBA: 0x0 WP: 0x1 Cap: 0x3e000 State: IMP_OPENED Type: SEQWRITE_REQ Attrs: 0x0
> > > >
> > > > Should this really be allowed?
> > >
> > > I think this should not be allowed at all. Thanks for the testing!
> >
> > It should not be allowed, but it seems like a pre-existing problem
> > as nvme_user_cmd does not verify the nsid.
> >
> > > > I was under the impression that Christoph's argument for implementing per
> > > > namespace char devices, was that you should be able to do access control.
> > > > Doesn't that mean that for the new char devices, we need to reject ioctls
> > > > that specify a nvme_passthru_cmd.nsid != the NSID that the char device
> > > > represents?
> > > >
> > > >
> > > > Although, this is not really something new, as we already have the same
> > > > behavior when it comes ioctls and the block devices. Perhaps we want to
> > > > add the same verification there?
> > >
> > > I think there should be verifications.
> >
> > Yes.
>
> Thanks Minwoo, Christoph,
>
> I'll cook up a patch based on nvme/nvme-5.13.
Just FYI: Actually Javier and I am working on this patch of the next
version and have plan to post it on this weekend maybe :)
Thanks!
>
>
> Kind regards,
> Niklas
More information about the Linux-nvme
mailing list