[PATCH v2] nvme: fine-granular CAP_SYS_ADMIN for nvme io commands
Sagi Grimberg
sagi at grimberg.me
Wed Sep 28 07:41:48 PDT 2022
> +bool nvme_cmd_allowed(struct nvme_ns *ns, struct nvme_command *c, fmode_t mode)
> +{
> + u8 opcode = c->common.opcode;
> +
> + if (capable(CAP_SYS_ADMIN))
> + return true;
> +
> + /* admin commands are not allowed */
> + if (ns == NULL)
> + return false;
As Christoph suggested:
if (!ns)
Other than that, this look good to me
Reviewed-by: Sagi Grimberg <sagi at grimberg.me>
More information about the Linux-nvme
mailing list