[PATCH 1/1] NVMe: Do not take nsid while a passthrough IO command is being issued via a block device file descriptor
Christoph Hellwig
hch at infradead.org
Thu Jan 22 07:49:30 PST 2015
On Thu, Jan 22, 2015 at 03:21:28PM +0000, Keith Busch wrote:
> The case I considered was the "hidden" attribute in the NVMe LBA Range
> Type feature. It only indicates the storage should be hidden from the OS
> for general use, but the host may still use it for special purposes. In
> truth, the driver doesn't handle the hidden attribute very well and it
> doesn't seem like a well thought out feature in the spec anyway.
At least for Linux we should simply ignore that attribute.
> But if you really need to restrict namespace access, shouldn't that be
> enforced on the target side with reservations or similar mechanism?
Think for example about containers where we give eah container access
to a single nvme namespace, including container root access. Here you
don't really want container A to be able to submit I/O for another
container. A similar case exists for virtualization where we had
problems with SCSI passthrough from guests.
More information about the Linux-nvme
mailing list