[PATCH] nvme: restrict management ioctls to admin

[Jens Axboe]

On 9/8/22 3:35 PM, Keith Busch wrote:
> From: Keith Busch <kbusch at kernel.org>
> 
> The passthrough commands already have this restriction, but the other
> operations do not. Require the same capabilities for all users as all of
> these operations can be disruptive.

Would it be saner to require that you have write permissions on the
opened device? Not sure this CAP_SYS_ADMIN is really necessary,
and might break existing setups as this is new.

I do agree that passthrough and sync ioctl based issue should be
consistent, though.

-- 
Jens Axboe