[PATCH 9/9] nvme: don't allow unprivileged passthrough of commands that have effects
Kanchan Joshi
joshi.k at samsung.com
Thu Dec 15 00:24:10 PST 2022
On Thu, Dec 15, 2022 at 09:18:29AM +0100, Christoph Hellwig wrote:
>On Thu, Dec 15, 2022 at 12:44:05PM +0530, Kanchan Joshi wrote:
>> So even for operation that do not alter anything (e.g. nvme_cmd_read)
>> nvme_is_write will return false, but nvme_command_effects will return
>> true and we will ask for FMODE_WRITE. Is that intentional?
>>
>> I think doing "nvme_command_effects(ctrl, ns, opcode) &
>> ~NVME_CMD_EFFECTS_CSUPP"
>> is better to avoid that?
>
>Take a look at patch 6.
But that patch still takes NVME_CMD_EFFECTS_CSUPP into account while
returning effects. It should be removed from there, and we need nothing
else here.
More information about the Linux-nvme
mailing list