On Wed, Sep 06, 2023 at 09:18:15PM +0530, Kanchan Joshi wrote:
Would you really prefer to have nvme_add_user_metadata() changed to do away with allocation and use userspace meta-buffer directly?
I mean, sure, if it's possible. We can avoid a costly copy if the user metabuffer is aligned and physically contiguous.
Even with that route, extended-lba-with-short-unaligned-buffer remains unhandled. That will still require similar checks that I would like to avoid but cannnot.
So how about this -
There's lots of bad things you can do with this interface. Example, provide an unaligned single byte user buffer and send an Identify command.
We never provided opcode decoding sanity checks before because it's a bad maintenance burden, adds performance killing overhead, couldn't catch all the cases anyway due to vendor specific and future opcodes, and harms the flexibility of the interface. The burden is usually on the user for these kinds of priviledged interfaces: if you abuse it, "you get to keep both pieces" territory.