From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jamal Hadi Salim <jhs@mojatatu.com>
Subject: Re: [PATCH 1/2] netlink: add NLA_REJECT policy type
Date: Tue, 18 Sep 2018 08:55:12 -0400
Message-ID: <26dd9a66-9515-93aa-e21f-51c37db6be2c@mojatatu.com>
References: <20180913084603.7979-1-johannes@sipsolutions.net>
 <20180913193004.GF4590@localhost.localdomain>
 <20180913212742.GC3876@unicorn.suse.cz>
 <20180913215839.GI27095@localhost.localdomain>
 <1537177132.2957.6.camel@sipsolutions.net>
 <847cc635-cb90-821d-5824-07e7f941db75@mojatatu.com>
 <1537274378.2957.23.camel@sipsolutions.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Cc: linux-wireless@vger.kernel.org, netdev@vger.kernel.org,
        jbenc@redhat.com
To: Johannes Berg <johannes@sipsolutions.net>,
        Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>,
        Michal Kubecek <mkubecek@suse.cz>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-io1-f66.google.com ([209.85.166.66]:43243 "EHLO
        mail-io1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726828AbeIRS1n (ORCPT
        <rfc822;netdev@vger.kernel.org>); Tue, 18 Sep 2018 14:27:43 -0400
Received: by mail-io1-f66.google.com with SMTP id y10-v6so1402702ioa.10
        for <netdev@vger.kernel.org>; Tue, 18 Sep 2018 05:55:14 -0700 (PDT)
In-Reply-To: <1537274378.2957.23.camel@sipsolutions.net>
Content-Language: en-US
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On 2018-09-18 8:39 a.m., Johannes Berg wrote:
> On Tue, 2018-09-18 at 08:34 -0400, Jamal Hadi Salim wrote:
> 

>> Maybe time to introduce kernel side access-control flags?
>> Read/Write permissions for example. Attrs marked as read only
>> (in the kernel) cannot be written to.
> 
> I dunno, that might work for ethtool, but I want to use it for something
> that's not even an attribute you could think about writing to, but the
> result of some operation you started.
>

Execute permission kind of thing? i.e if i understood you correctly
if acl is "rwx" then attribute can only be written to (or read from) if
the "thing executing" is complete
> What would the practical difference be though? Hopefully you wouldn't
> have write-only attributes, and then NLA_REJECT is basically equivalent?
>

If ACL says "-w-" then reading should get explicit permission denied
code possibly with an extack which is more descriptive that reading
is not allowed.

cheers,
jamal