2024-02-06 11:27:01

by Sergei Trofimovich

[permalink] [raw]
Subject: wireless-regdb key change broke crda tests after 37dcea0e6e5

Hi `crda` and `wireless-regdb` maintainers!

`nixpkgs` attempted to update to latest `wireless-regdb-2024.01.23` from
`2024.01.23` and got `crda` verification failures at
https://github.com/NixOS/nixpkgs/pull/286012:

crda> make verify
crda> CHK ...-wireless-regdb-2024.01.23/lib/crda/regulatory.bin
crda> Database signature verification failed.
crda> Invalid or empty regulatory file, note: a binary regulatory file should be used.
crda> make: *** [Makefile:161: verify] Error 234

Bisect says the suspect is key change at done by https://git.kernel.org/pub/scm/linux/kernel/git/wens/wireless-regdb.git/commit/?id=37dcea0e6e5effb4228fe385e906edba3cbee389

"wireless-regdb: Update keys and maintainer information".

Both `git` `master` version of `crda` and `wireless-regdb` still fail
`crda`'s `make verify`.

Should `crda` key the key update as well?

Thanks!

--

Sergei


2024-02-06 12:07:21

by Johannes Berg

[permalink] [raw]
Subject: Re: wireless-regdb key change broke crda tests after 37dcea0e6e5

Hi,

> "wireless-regdb: Update keys and maintainer information".
>
> Both `git` `master` version of `crda` and `wireless-regdb` still fail
> `crda`'s `make verify`.
>
> Should `crda` key the key update as well?

Maybe?

But perhaps the real question is if you should still be shipping crda?
It was last needed for kernel 4.15, and even the newest stable kernel
based on or before it (4.14) is now EOL ...

After that, we had the regdb loaded like a firmware file including the
signatures, so the whole crda isn't needed any more.

johannes

2024-02-06 22:29:27

by Sergei Trofimovich

[permalink] [raw]
Subject: Re: wireless-regdb key change broke crda tests after 37dcea0e6e5

On Tue, 06 Feb 2024 12:47:35 +0100
Johannes Berg <[email protected]> wrote:

> Hi,
>
> > "wireless-regdb: Update keys and maintainer information".
> >
> > Both `git` `master` version of `crda` and `wireless-regdb` still fail
> > `crda`'s `make verify`.
> >
> > Should `crda` key the key update as well?
>
> Maybe?
>
> But perhaps the real question is if you should still be shipping crda?
> It was last needed for kernel 4.15, and even the newest stable kernel
> based on or before it (4.14) is now EOL ...
>
> After that, we had the regdb loaded like a firmware file including the
> signatures, so the whole crda isn't needed any more.

Great point! `nixpkgs` uses `crda` only as a `hostapd` depend and
looking at modern `hostapd` it does not use it at all. I'll spend some
time removing it downstream. Thank you!

--

Sergei

2024-02-07 07:58:47

by Johannes Berg

[permalink] [raw]
Subject: Re: wireless-regdb key change broke crda tests after 37dcea0e6e5

On Tue, 2024-02-06 at 22:27 +0000, Sergei Trofimovich wrote:
>
> Great point! `nixpkgs` uses `crda` only as a `hostapd` depend and
> looking at modern `hostapd` it does not use it at all. I'll spend some
> time removing it downstream. Thank you!

Note that hostapd never directly depended on crda, it just needs/wants
it to have the correct regulatory information in the kernel (crda puts
it there) after switching the country (hostapd can do that if possible)
and then hostapd retrieves the information.

But in any case, the whole step with crda is no longer needed if you
have the regulatory file (and possibly signature) in place, the firmware
will load them as firmware files.

johannes

2024-02-07 09:19:27

by Kalle Valo

[permalink] [raw]
Subject: Re: wireless-regdb key change broke crda tests after 37dcea0e6e5

Johannes Berg <[email protected]> writes:

> On Tue, 2024-02-06 at 22:27 +0000, Sergei Trofimovich wrote:
>>
>> Great point! `nixpkgs` uses `crda` only as a `hostapd` depend and
>> looking at modern `hostapd` it does not use it at all. I'll spend some
>> time removing it downstream. Thank you!
>
> Note that hostapd never directly depended on crda, it just needs/wants
> it to have the correct regulatory information in the kernel (crda puts
> it there) after switching the country (hostapd can do that if possible)
> and then hostapd retrieves the information.
>
> But in any case, the whole step with crda is no longer needed if you
> have the regulatory file (and possibly signature) in place, the firmware
> will load them as firmware files.

I assume you mean: the kernel will load them as firmware files.

--
https://patchwork.kernel.org/project/linux-wireless/list/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches

2024-02-07 09:24:11

by Johannes Berg

[permalink] [raw]
Subject: Re: wireless-regdb key change broke crda tests after 37dcea0e6e5

On Wed, 2024-02-07 at 11:19 +0200, Kalle Valo wrote:
> Johannes Berg <[email protected]> writes:
>
> > On Tue, 2024-02-06 at 22:27 +0000, Sergei Trofimovich wrote:
> > >
> > > Great point! `nixpkgs` uses `crda` only as a `hostapd` depend and
> > > looking at modern `hostapd` it does not use it at all. I'll spend some
> > > time removing it downstream. Thank you!
> >
> > Note that hostapd never directly depended on crda, it just needs/wants
> > it to have the correct regulatory information in the kernel (crda puts
> > it there) after switching the country (hostapd can do that if possible)
> > and then hostapd retrieves the information.
> >
> > But in any case, the whole step with crda is no longer needed if you
> > have the regulatory file (and possibly signature) in place, the firmware
> > will load them as firmware files.
>
> I assume you mean: the kernel will load them as firmware files.
>
Haha, indeed, sorry.

johannes