[PATCH] nvme: restrict management ioctls to admin
Christoph Hellwig
hch at lst.de
Fri Sep 9 08:11:27 PDT 2022
On Thu, Sep 08, 2022 at 02:35:17PM -0700, Keith Busch wrote:
> From: Keith Busch <kbusch at kernel.org>
>
> The passthrough commands already have this restriction, but the other
> operations do not. Require the same capabilities for all users as all of
> these operations can be disruptive.
Where "these operations" are: NVME_IOCTL_RESET, NVME_IOCTL_SUBSYS_RESET,
NVME_IOCTL_RESCAN. Yes, I think those are very disruptive and the
definition of what CAP_SYS_ADMIN was designed for, but that should
be spelled out in the commit log.
That being said I think we should just do the capable() check in the
individul ioctl opcode to document things better, even if that does't
currently make any difference. Any we really need a FIXES tag going
back to the addition of the first of these ioctls.
More information about the Linux-nvme
mailing list