From: Kanchan Joshi <joshi.k@samsung.com>
To: Keith Busch <kbusch@kernel.org>
Cc: Christoph Hellwig <hch@lst.de>, Sagi Grimberg <sagi@grimberg.me>,
linux-nvme@lists.infradead.org
Subject: Re: block dangerous passthrough operation
Date: Thu, 17 Nov 2022 09:21:21 +0530 [thread overview]
Message-ID: <20221117035121.GA22055@test-zns> (raw)
In-Reply-To: <Y3UL2LER7I9KUxGW@kbusch-mbp.dhcp.thefacebook.com>
[-- Attachment #1: Type: text/plain, Size: 722 bytes --]
On Wed, Nov 16, 2022 at 09:12:08AM -0700, Keith Busch wrote:
>On Wed, Nov 16, 2022 at 02:01:00PM +0100, Christoph Hellwig wrote:
>> Hi all,
>>
>> I recently had to debug some testing code that tried to send fabrics
>> commands and caused a major havoc. This series adds checks for various
>> very low-level passthrough commands that have no business sent by anyone
>> but the driver itself. The list might now be complete, so discussion
>> is welcome.
>
>People do use the fabrics command for 'get property' to check on their
>device, which is a harmless command that you've blocked.
Not about this series, but should not fabrics command be allowed for
unprivileged users? Trying to understand the harm linked to that.
[-- Attachment #2: Type: text/plain, Size: 0 bytes --]
next prev parent reply other threads:[~2022-11-17 4:03 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CGME20221116130636epcas5p39a586e15d27045752f18d022f4efd74a@epcas5p3.samsung.com>
2022-11-16 13:01 ` block dangerous passthrough operation Christoph Hellwig
2022-11-16 13:01 ` [PATCH 1/4] nvme: return an errno from nvme_cmd_allowed Christoph Hellwig
2022-11-16 13:01 ` [PATCH 2/4] nvme: don't allow user space to send fabrics commands Christoph Hellwig
2022-11-16 13:01 ` [PATCH 3/4] nvme: don't allow userspace to set the Host Behavior Support feature Christoph Hellwig
2022-11-16 13:01 ` [PATCH 4/4] nvme: reject passthrough of queue creation / deletion commands Christoph Hellwig
2022-11-16 13:25 ` block dangerous passthrough operation Kanchan Joshi
2022-11-16 13:38 ` Christoph Hellwig
2022-11-16 13:43 ` Kanchan Joshi
2022-11-16 15:44 ` Christoph Hellwig
2022-11-17 3:13 ` Kanchan Joshi
2022-11-21 7:43 ` Christoph Hellwig
2022-11-16 16:12 ` Keith Busch
2022-11-17 3:51 ` Kanchan Joshi [this message]
2022-11-17 16:03 ` Keith Busch
2022-11-17 6:48 ` Chaitanya Kulkarni
2022-11-21 7:45 ` Christoph Hellwig
2022-11-17 3:49 ` Jens Axboe
2022-11-21 7:46 ` Christoph Hellwig
2022-11-21 15:35 ` Keith Busch
2022-11-22 6:47 ` Christoph Hellwig
2022-11-22 10:38 ` Sagi Grimberg
2022-11-22 12:03 ` Christoph Hellwig
2022-11-22 15:11 ` Keith Busch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221117035121.GA22055@test-zns \
--to=joshi.k@samsung.com \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.