lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <716357837.20131211200651@eikelenboom.it>
Date:	Wed, 11 Dec 2013 20:06:51 +0100
From:	Sander Eikelenboom <linux@...elenboom.it>
To:	"Luis R. Rodriguez" <mcgrof@...not-panic.com>
CC:	"Berg, Johannes" <johannes.berg@...el.com>,
	"Grumbach, Emmanuel" <emmanuel.grumbach@...el.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"ilw@...ux.intel.com" <ilw@...ux.intel.com>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
	"linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>,
	"John W. Linville" <linville@...driver.com>
Subject: Re: [cfg80211 / iwlwifi] setting wireless regulatory domain doesn't work.


Wednesday, December 11, 2013, 7:38:50 PM, you wrote:

> On Wed, Dec 11, 2013 at 7:11 PM, Sander Eikelenboom
> <linux@...elenboom.it> wrote:
>>
>> Wednesday, December 11, 2013, 6:53:07 PM, you wrote:
>>
>>> The best way to address all this is by automatic region awareness and
>>> doing the right thing on devices, this however requires good
>>> architecture / calibration data  / etc and all that needs to be
>>> verified by the system integrators, and finally they need to be
>>> certified. If you want to hack your firmware and software go at it,
>>> just be aware there are reasons for things.
>>
>> Well the general problem seems to be "we don't trust the user" so we FORCE him to the lowest
>> common denominator (without a way to overrule that) so he is forced to operate *well* within the law.

> Its simply stupid to have the user be involved, period, the fact that
> a user would be involved should only be for testing or helping
> compliance for a busted device, development, research and obviously
> hacking. Linux allows all these but by default a device with firmware
> and a custom regdomain that will barf if you try to use a channel that
> is not allowed is a restriction in firmware. Feel free to reverse
> engineer that if you don't like it but it just won't be supported or
> go upstream. Now, the common denominator is generally optimized for
> best performance as well so you shouldn't have to do anything, and for
> APs -- this is typically carefully crafted for a region, also highly
> optimized.

Well how about a car maker shipping al his cars capped to say 10 miles an hour,
because somewhere in the world that's the lowest. So to prevent you from breaking the law
we will cap your 500HP engine, owh in your country you have a higher speedlimit, ah wel bad luck for you then.
We need to enforce this so no one is going to brake any law any where.

It's just plain stupid in my opinion (but not something linux can do much about, but it's about enforcing this stuff in firmware in general
and thinking too much for the user (fine if you are capable to do so, but in this case clearly not, since there is no automatic way to detect in which country the device is,
except by relying on user input).
Why just don't set the safe and restricted value on boot and let the user overrule that if he wishes.
(that means the user has to invoke a action, so he also should be aware of the consequences).


>>>>> It doesn't seem like you are getting your original requests getting
>>>>> processed, so I don't think CRDA is passing it. Can you verify running
>>>>> from CRDA code:
>>>>
>>>> They don't get processed unless i remove the return from the code as i indicated.
>>>> If i remove that return it processes the request.
>>>>
>>>>> ./regdbdump /usr/lib/crda/regulatory.bin
>>>>
>>>> Although it's in a different location on Debian, /lib/crda/regulatory.bin
>>>> the dump seems fine.
>>
>>> OK thanks. Can you send a patch of what exact change you made, it was
>>> unclear from the paste you made.
>>
>>> diff -u file.c.orig file.c
>>
>> Well i just did a pull from wireless-next, to try Avinash Patil's patch.
>> net/wireless/reg.c had already changed much so i couldn't apply his patch without.
>>
>> With his patch it sets the regulatory domain, although as now expected i still can not use channels 12 and 13 yet,
>> probably due to those firmware restrictions.

> Its unclear what results you got, and yeah if the device is restricted
> then its just the fw telling the driver its channels and you can't use
> them. That's it. You won't be able to override information then unless
> you hack the firmware.

Without the patch:

- "iw reg get" gives country 00
- now do a "iw reg set US", no error so it should be fine
- now do a "iw reg get" .. gives country 00 again, so it has not been set to the country requested.

With the patch:

- "iw reg get" gives country 00
- now do a "iw reg set US", no error so it should be fine
- now do a "iw reg get" .. gives country US, so it has been set to the country requested.

>   Luis


--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ