Return-path: Received: from mail-la0-f46.google.com ([209.85.215.46]:36409 "EHLO mail-la0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753555AbbDJA6H (ORCPT ); Thu, 9 Apr 2015 20:58:07 -0400 MIME-Version: 1.0 From: "Luis R. Rodriguez" Date: Thu, 9 Apr 2015 17:57:44 -0700 Message-ID: (sfid-20150410_025833_920195_9BCB4A1A) Subject: Looking for extensible kernel database format To: "netdev@vger.kernel.org" , "linux-kernel@vger.kernel.org" Cc: linux-wireless , Matthew Garrett , Kees Cook , Ming Lei , Greg Kroah-Hartman , Johannes Berg , Seth Forshee , "Luis R. Rodriguez" , netfilter-devel@vger.kernel.org Content-Type: text/plain; charset=UTF-8 Sender: linux-wireless-owner@vger.kernel.org List-ID: Hey folks, next week I'd like to address replacing the need for CRDA [0] as a udev helper with in-kernel functionality There's a few motivations for this but a good one is that the kernel already has now cryptographic support to verify the integrity of the regulatory database, just as it has support for verifying the integrity of modules / firmware. We'd use something like: request_file(file_reqs) Where the file_reqs provides the requirements, including cryptographic requirements, and I suspect we'd use LSM to vet for the cryptographic needs of the file. Now other than this step CRDA currently *reads* a database and today we have our own format. If we want to extend this though we will have to issue a new regdb format and old kernels might not be compatible with the new format. This is a typical database problem and I'm hoping we are not the first to deal with this. What *extensible* kernel database format are there already, are they generic already? I'd prefer something already using netlink. Any recommendations? [0] https://wireless.wiki.kernel.org/en/developers/regulatory/crda Luis