[PATCH] nvme: don't allow unprivileged Write Zeroes passthrough on read-only FDs
Christoph Hellwig
hch at lst.de
Thu Dec 1 08:09:10 PST 2022
On Thu, Dec 01, 2022 at 09:07:38AM -0700, Keith Busch wrote:
> On Tue, Nov 29, 2022 at 10:00:16AM +0100, Christoph Hellwig wrote:
> > - if (nvme_is_write(c))
> > + if (nvme_is_write(c) || c->common.opcode == nvme_cmd_write_zeroes)
> > return mode & FMODE_WRITE;
>
> Write Uncorrectable should also be checked, and any future opcodes that
> can modify media. Maybe use Command Effects Log's LBCC field instead? We
> can preload known effects for older nvme's that don't support that log
> page.
Yes, that might be a better idea. I'll try to find some time in
the next days to implement that.
More information about the Linux-nvme
mailing list