[SPDK] Access control on the subsystem NQN

Hi, On a previous thread, I got the great answer that a subsystem is actually an access control list. We have been using it as such, but some of the behavior seems odd. On host_remove the sessions to the hosts are not disconnected, this means that even though I removed the host from the ACL, it will have access, until it disconnects (although it cannot connect another session). In addition, a host can see all the subsystems exposed on the IP, even though it has access to only some of them. We would be happy to work on these issues, but I would like to understand the expected behavior. Thanks, Shahar