[PATCH 0/2] Granular CAP_SYS_ADMIN

Kanchan Joshi joshi.k at samsung.com
Thu Oct 20 00:02:03 PDT 2022 

Hi,

Patch 1 is for io-commands. It implements the shift to file-mode based
policy.
Patch 2 is to allow identify-namespace command. This is based on the feedback
received during ALPSS.

@Sagi: Since patch 1 is changed a bit (changelog below), I did not
apply the reviewed-by tag. Please take a look again.

Changes since v2:
- Add patch 2 that allows identify-ns
- Patch 1: Move nvme_cmd_allowed check further down, so that we can use CNS
  values for decision making in patch 2
- Patch 1: invert if condition (Sagi)

Changes since v1:
- Move nvme_cmd_allowed check at a place that allows using nvme_is_write
  helper (hch)
- Keep everything into single patch (chaitanya, hch)
- Comments cleanup (hch, chaitanya)
- Part of cover-letter moved to commit-description

Examples (after patches):
***************************

#1: Two NS, one with 666 another with 600
$: ls -l /dev/ng*
crw-rw-rw- 1 root root 242, 0 Oct 20 12:04 /dev/ng0n1
crw------- 1 root root 242, 1 Oct 20 12:04 /dev/ng0n2

#2: this should fail
$: nvme id-ns /dev/ng0n2
/dev/ng0n2: Permission denied
Usage: nvme id-ns <device> [OPTIONS]

Send an Identify Namespace command to the given device, returns properties of
the specified namespace in either human-readable or binary format. Can also
return binary vendor-specific namespace attributes.

Options:
  [  --namespace-id=<NUM>, -n <NUM> ]   --- identifier of desired namespace
  [  --force ]                          --- Return this namespace, even if
                                            not attaced (1.2 devices only)
  [  --vendor-specific, -v ]            --- dump binary vendor fields
  [  --raw-binary, -b ]                 --- show identify in binary format
  [  --output-format=<FMT>, -o <FMT> ]  --- Output format: normal|json|binary
  [  --human-readable, -H ]             --- show identify in readable format

#3: this should travel
$: nvme id-ns /dev/ng0n1
NVME Identify Namespace 1:
nsze    : 0x300000
ncap    : 0x300000
nuse    : 0x300000
nsfeat  : 0
nlbaf   : 7
flbas   : 0x4
mc      : 0
dpc     : 0
dps     : 0
nmic    : 0
rescap  : 0
fpi     : 0
dlfeat  : 9
nawun   : 0
nawupf  : 0
nacwu   : 0
nabsn   : 0
nabo    : 0
nabspf  : 0
noiob   : 0
nvmcap  : 0
mssrl   : 256
mcl     : 256
msrc    : 127
nulbaf  : 0
anagrpid: 0
nsattr  : 0
nvmsetid: 0
endgid  : 0
nguid   : 00000000000000000000000000000000
eui64   : 0000000000000000
lbaf  0 : ms:0   lbads:9  rp:0
lbaf  1 : ms:8   lbads:9  rp:0
lbaf  2 : ms:16  lbads:9  rp:0
lbaf  3 : ms:64  lbads:9  rp:0
lbaf  4 : ms:0   lbads:12 rp:0 (in use)
lbaf  5 : ms:8   lbads:12 rp:0
lbaf  6 : ms:16  lbads:12 rp:0
lbaf  7 : ms:64  lbads:12 rp:0

#4: this should not travel
$: nvme id-ctrl /dev/ng0n1
identify controller: Permission denied

#5: uring-passthru read on ng0n1 (should work)
$: ./fio -iodepth=1 -rw=randread -ioengine=io_uring_cmd -cmd_type=nvme -bs=4k -numjobs=1 -size=4k -filename=/dev/ng0n1 -name=pt
pt: (g=0): rw=randread, bs=(R) 4096B-4096B, (W) 4096B-4096B, (T) 4096B-4096B, ioengine=io_uring_cmd, iodepth=1
fio-3.32-58-gb19c-dirty
Starting 1 process

pt: (groupid=0, jobs=1): err= 0: pid=56582: Thu Oct 20 12:12:50 2022
  read: IOPS=500, BW=2000KiB/s (2048kB/s)(4096B/2msec)
    slat (nsec): min=461505, max=461505, avg=461505.00, stdev= 0.00
    clat (nsec): min=544742, max=544742, avg=544742.00, stdev= 0.00
     lat (nsec): min=1006.2k, max=1006.2k, avg=1006247.00, stdev= 0.00
    clat percentiles (usec):
     |  1.00th=[  545],  5.00th=[  545], 10.00th=[  545], 20.00th=[  545],
     | 30.00th=[  545], 40.00th=[  545], 50.00th=[  545], 60.00th=[  545],
     | 70.00th=[  545], 80.00th=[  545], 90.00th=[  545], 95.00th=[  545],
     | 99.00th=[  545], 99.50th=[  545], 99.90th=[  545], 99.95th=[  545],
     | 99.99th=[  545]
  lat (usec)   : 750=100.00%
  cpu          : usr=0.00%, sys=200.00%, ctx=1, majf=0, minf=6
  IO depths    : 1=100.0%, 2=0.0%, 4=0.0%, 8=0.0%, 16=0.0%, 32=0.0%, >=64=0.0%
     submit    : 0=0.0%, 4=100.0%, 8=0.0%, 16=0.0%, 32=0.0%, 64=0.0%, >=64=0.0%
     complete  : 0=0.0%, 4=100.0%, 8=0.0%, 16=0.0%, 32=0.0%, 64=0.0%, >=64=0.0%
     issued rwts: total=1,0,0,0 short=0,0,0,0 dropped=0,0,0,0
     latency   : target=0, window=0, percentile=100.00%, depth=1

Run status group 0 (all jobs):
   READ: bw=2000KiB/s (2048kB/s), 2000KiB/s-2000KiB/s (2048kB/s-2048kB/s), io=4096B (4096B), run=2-2msec

#6: uring-passthru read on ng0n2 (should fail)
$: ./fio -iodepth=1 -rw=randread -ioengine=io_uring_cmd -cmd_type=nvme -bs=4k -numjobs=1 -size=4k -filename=/dev/ng0n2 -name=pt
pt: (g=0): rw=randread, bs=(R) 4096B-4096B, (W) 4096B-4096B, (T) 4096B-4096B, ioengine=io_uring_cmd, iodepth=1
fio-3.32-58-gb19c-dirty
Starting 1 process



Run status group 0 (all jobs):


Kanchan Joshi (2):
  nvme: fine-granular CAP_SYS_ADMIN for nvme io commands
  nvme: identify-namespace without CAP_SYS_ADMIN

 drivers/nvme/host/ioctl.c | 107 ++++++++++++++++++++++++++------------
 include/linux/nvme.h      |   1 +
 2 files changed, 75 insertions(+), 33 deletions(-)

-- 
2.25.1

More information about the Linux-nvme mailing list