block dangerous passthrough operation

Keith Busch kbusch at kernel.org
Thu Nov 17 08:03:29 PST 2022


On Thu, Nov 17, 2022 at 09:21:21AM +0530, Kanchan Joshi wrote:
> On Wed, Nov 16, 2022 at 09:12:08AM -0700, Keith Busch wrote:
> > On Wed, Nov 16, 2022 at 02:01:00PM +0100, Christoph Hellwig wrote:
> > > Hi all,
> > > 
> > > I recently had to debug some testing code that tried to send fabrics
> > > commands and caused a major havoc.  This series adds checks for various
> > > very low-level passthrough commands that have no business sent by anyone
> > > but the driver itself.  The list might now be complete, so discussion
> > > is welcome.
> > 
> > People do use the fabrics command for 'get property' to check on their
> > device, which is a harmless command that you've blocked.
> 
> Not about this series, but should not fabrics command be allowed for
> unprivileged users? Trying to understand the harm linked to that.

The driver needs to own the fabrics connection setup. If users mess with
that directly, it can really confuse the driver as to the state of the
target and things will mysteriously stop working. Instead of issuing
passthrough fabrics commands, users should use the /dev/nvme-fabrics
special file.



More information about the Linux-nvme mailing list