Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v4.20 2018-02-27T09:54:12Z 2018-02-27T09:54:12Z Romain Naour romain.naour@gmail.com 2018-02-25T12:39:56Z urn:sha1:a78872363614367c3f37e3a5b4181c7a6b207b37 New options introduced by the patch this fixes are still enabled even if CFG80211 is disabled. .config: # CONFIG_CFG80211 is not set CONFIG_CFG80211_REQUIRE_SIGNED_REGDB=y CONFIG_CFG80211_USE_KERNEL_REGDB_KEYS=y # CONFIG_LIB80211 is not set When CFG80211_REQUIRE_SIGNED_REGDB is enabled, it selects SYSTEM_DATA_VERIFICATION which selects SYSTEM_TRUSTED_KEYRING that need extract-cert tool. extract-cert needs some openssl headers to be installed on the build machine. Instead of adding missing "depends on CFG80211", it's easier to use a 'if' block around all options related to CFG80211, so do that. Fixes: 90a53e4432b1 ("cfg80211: implement regdb signature checking") Signed-off-by: Romain Naour <romain.naour@gmail.com> [touch up commit message a bit] Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2017-11-24T21:18:37Z Johannes Berg johannes.berg@intel.com 2017-11-24T08:35:25Z urn:sha1:01a95b2141e337dea15ad48e60a35c72a9b10205 When regulatory database certificates are built-in, they're currently using the SHA256 digest algorithm, so add that to the build in that case. Also add a note that for custom certificates, one may need to add the right algorithms. Reported-by: Florian Fainelli <f.fainelli@gmail.com> Tested-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2017-10-11T12:24:24Z Johannes Berg johannes.berg@intel.com 2017-09-13T20:21:08Z urn:sha1:90a53e4432b12288316efaa5f308adafb8d304b0 Currently CRDA implements the signature checking, and the previous commits added the ability to load the whole regulatory database into the kernel. However, we really can't lose the signature checking, so implement it in the kernel by loading a detached signature (regulatory.db.p7s) and check it against built-in keys. Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2017-10-11T11:18:51Z Johannes Berg johannes.berg@intel.com 2015-10-15T12:35:41Z urn:sha1:c8c240e284b3d821011b4f680b3eaa99569b3756 Parsing and building C structures from a regdb is no longer needed since the "firmware" file (regulatory.db) can be linked into the kernel image to achieve the same effect. Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2017-10-11T11:04:15Z Johannes Berg johannes.berg@intel.com 2015-10-15T09:22:58Z urn:sha1:007f6c5e6eb45c81ee89368a5f226572ae638831 As the current regulatory database is only about 4k big, and already difficult to extend, we decided that overall it would be better to get rid of the complications with CRDA and load the database into the kernel directly, but in a new format that is extensible. The new file format can be extended since it carries a length field on all the structs that need to be extensible. In order to be able to request firmware when the module initializes, move cfg80211 from subsys_initcall() to the later fs_initcall(); the firmware loader is at the same level but linked earlier, so it can be called from there. Otherwise, when both the firmware loader and cfg80211 are built-in, the request will crash the kernel. We also need to be before device_initcall() so that cfg80211 is available for devices when they initialize. Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2016-02-24T08:04:23Z Ola Olsson ola1olsson@gmail.com 2016-01-10T17:41:42Z urn:sha1:573a2b51acb48e745094cf3cb942cf6a55d2bf30 Signed-off-by: Ola Olsson <ola.olsson@sonymobile.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2016-01-14T10:13:09Z Johannes Berg johannes.berg@intel.com 2015-12-11T14:31:10Z urn:sha1:c799ba6eab7a1bf02792e2ced933be3ae5f8daa2 Instead of having this Kconfig option, which just *floods* the kernel log, * remove the per-channel prints that are fairly useless anyway * convert the conditional printing to pr_debug() Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2015-10-16T07:15:39Z Johannes Berg johannes.berg@intel.com 2015-10-15T07:25:18Z urn:sha1:b68630369167a7fd2c4c3d1be96430defc59fb9a If there's a built-in regulatory database, there may be little point in also calling out to CRDA and failing if the system is configured that way. Allow removing CRDA support to save ~1K kernel size. Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2015-04-08T07:19:29Z Johannes Berg johannes.berg@intel.com 2015-04-08T07:16:32Z urn:sha1:6d00ec0514bd909e89ede59501342732dbef49fd The change to only export WEXT symbols when required could break the build if CONFIG_CFG80211_WEXT was explicitly disabled while a driver like orinoco selected it. Fix this by hiding the symbol when it's required so it can't be disabled in that case. Fixes: 2afe38d15cee ("cfg80211-wext: export symbols only when needed") Reported-by: Randy Dunlap <rdunlap@infradead.org> Reported-by: Jim Davis <jim.epost@gmail.com> Signed-off-by: Johannes Berg <johannes.berg@intel.com> 2015-02-28T20:31:09Z Johannes Berg johannes.berg@intel.com 2015-01-06T13:00:53Z urn:sha1:2afe38d15cee01b2bb8f22383571f7f4a95f2d99 When a fully converted cfg80211 driver needs cfg80211-wext for userspace API purposes, the symbols need not be exported. When other drivers (orinoco/hermes or ipw2200) are enabled, they do need the symbols exported as they use them directly. Make those drivers select a new CFG80211_WEXT_EXPORT Kconfig symbol (instead of just CFG80211_WEXT) and export the functions only if requested - this saves about 1/2k due to the size of EXPORT_SYMBOL() itself. Signed-off-by: Johannes Berg <johannes.berg@intel.com>