[PATCHv2 2/2] nvme-pci: use sgls for all user requests if possible
Christoph Hellwig
hch at lst.de
Thu Nov 14 08:42:45 PST 2024
On Thu, Nov 14, 2024 at 08:53:49AM -0700, Keith Busch wrote:
> Only admin users can access this path by default. You have to opt-in for
> it, so it's not exploitable unless you ask for it.
We do allow non-privileged users to send I/O commands and a small
whitelist of admin commands by default, limited by the CSE effects.
> I can't see disabling
> the interface entirely. In a previous version of this patch, I had the
> kernel tainted if you tried to do passthrough without SGL support. Would
> that be a fair compromise if I reintroduce that behavior?
Taint might be a bit too strong, but a one-time message in the log might
be useful.
More information about the Linux-nvme
mailing list