On 2018-09-17 5:38 a.m., Johannes Berg wrote:
On Thu, 2018-09-13 at 18:58 -0300, Marcelo Ricardo Leitner wrote:
[..]
So in one case I was thinking of, there are some fields that simply
cannot be used for input, they're only used for output. > But it may not
always be obvious to somebody using the API. Thus, I think it makes
sense to instruct the kernel to reject that, so that whoever gets
confused has immediate feedback that their usage is wrong. If we ignore
that, they may not realize their error immediately.
I think the ethtool case is similar: you can read and write some fields,
and only read others - but if you try to write the read-only fields
would you prefer to be told "sorry, this is not possible" vs. it being
silently ignored? I'd definitely prefer the former.
Maybe it would be better to have NLA_IGNORE instead? </idea>
I don't think so, it doesn't give any feedback to the application author
that they're doing something wrong.
Maybe time to introduce kernel side access-control flags?
Read/Write permissions for example. Attrs marked as read only
(in the kernel) cannot be written to.
cheers,
jamal
