mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-11 00:08:50 +00:00
90a53e4432
Currently CRDA implements the signature checking, and the previous commits added the ability to load the whole regulatory database into the kernel. However, we really can't lose the signature checking, so implement it in the kernel by loading a detached signature (regulatory.db.p7s) and check it against built-in keys. Signed-off-by: Johannes Berg <johannes.berg@intel.com>
227 lines
7.2 KiB
Plaintext
227 lines
7.2 KiB
Plaintext
config WIRELESS_EXT
|
|
bool
|
|
|
|
config WEXT_CORE
|
|
def_bool y
|
|
depends on CFG80211_WEXT || WIRELESS_EXT
|
|
|
|
config WEXT_PROC
|
|
def_bool y
|
|
depends on PROC_FS
|
|
depends on WEXT_CORE
|
|
|
|
config WEXT_SPY
|
|
bool
|
|
|
|
config WEXT_PRIV
|
|
bool
|
|
|
|
config CFG80211
|
|
tristate "cfg80211 - wireless configuration API"
|
|
depends on RFKILL || !RFKILL
|
|
select FW_LOADER
|
|
---help---
|
|
cfg80211 is the Linux wireless LAN (802.11) configuration API.
|
|
Enable this if you have a wireless device.
|
|
|
|
For more information refer to documentation on the wireless wiki:
|
|
|
|
http://wireless.kernel.org/en/developers/Documentation/cfg80211
|
|
|
|
When built as a module it will be called cfg80211.
|
|
|
|
config NL80211_TESTMODE
|
|
bool "nl80211 testmode command"
|
|
depends on CFG80211
|
|
help
|
|
The nl80211 testmode command helps implementing things like
|
|
factory calibration or validation tools for wireless chips.
|
|
|
|
Select this option ONLY for kernels that are specifically
|
|
built for such purposes.
|
|
|
|
Debugging tools that are supposed to end up in the hands of
|
|
users should better be implemented with debugfs.
|
|
|
|
Say N.
|
|
|
|
config CFG80211_DEVELOPER_WARNINGS
|
|
bool "enable developer warnings"
|
|
depends on CFG80211
|
|
default n
|
|
help
|
|
This option enables some additional warnings that help
|
|
cfg80211 developers and driver developers, but beware that
|
|
they can also trigger due to races with userspace.
|
|
|
|
For example, when a driver reports that it was disconnected
|
|
from the AP, but the user disconnects manually at the same
|
|
time, the warning might trigger spuriously due to races.
|
|
|
|
Say Y only if you are developing cfg80211 or a driver based
|
|
on it (or mac80211).
|
|
|
|
|
|
config CFG80211_CERTIFICATION_ONUS
|
|
bool "cfg80211 certification onus"
|
|
depends on CFG80211 && EXPERT
|
|
default n
|
|
---help---
|
|
You should disable this option unless you are both capable
|
|
and willing to ensure your system will remain regulatory
|
|
compliant with the features available under this option.
|
|
Some options may still be under heavy development and
|
|
for whatever reason regulatory compliance has not or
|
|
cannot yet be verified. Regulatory verification may at
|
|
times only be possible until you have the final system
|
|
in place.
|
|
|
|
This option should only be enabled by system integrators
|
|
or distributions that have done work necessary to ensure
|
|
regulatory certification on the system with the enabled
|
|
features. Alternatively you can enable this option if
|
|
you are a wireless researcher and are working in a controlled
|
|
and approved environment by your local regulatory agency.
|
|
|
|
config CFG80211_REQUIRE_SIGNED_REGDB
|
|
bool "require regdb signature" if CFG80211_CERTIFICATION_ONUS
|
|
default y
|
|
select SYSTEM_DATA_VERIFICATION
|
|
help
|
|
Require that in addition to the "regulatory.db" file a
|
|
"regulatory.db.p7s" can be loaded with a valid PKCS#7
|
|
signature for the regulatory.db file made by one of the
|
|
keys in the certs/ directory.
|
|
|
|
config CFG80211_USE_KERNEL_REGDB_KEYS
|
|
bool "allow regdb keys shipped with the kernel" if CFG80211_CERTIFICATION_ONUS
|
|
default y
|
|
depends on CFG80211_REQUIRE_SIGNED_REGDB
|
|
help
|
|
Allow the regulatory database to be signed by one of the keys for
|
|
which certificates are part of the kernel sources
|
|
(in net/wireless/certs/).
|
|
|
|
This is currently only Seth Forshee's key, who is the regulatory
|
|
database maintainer.
|
|
|
|
config CFG80211_EXTRA_REGDB_KEYDIR
|
|
string "additional regdb key directory" if CFG80211_CERTIFICATION_ONUS
|
|
depends on CFG80211_REQUIRE_SIGNED_REGDB
|
|
help
|
|
If selected, point to a directory with DER-encoded X.509
|
|
certificates like in the kernel sources (net/wireless/certs/)
|
|
that shall be accepted for a signed regulatory database.
|
|
|
|
config CFG80211_REG_CELLULAR_HINTS
|
|
bool "cfg80211 regulatory support for cellular base station hints"
|
|
depends on CFG80211_CERTIFICATION_ONUS
|
|
---help---
|
|
This option enables support for parsing regulatory hints
|
|
from cellular base stations. If enabled and at least one driver
|
|
claims support for parsing cellular base station hints the
|
|
regulatory core will allow and parse these regulatory hints.
|
|
The regulatory core will only apply these regulatory hints on
|
|
drivers that support this feature. You should only enable this
|
|
feature if you have tested and validated this feature on your
|
|
systems.
|
|
|
|
config CFG80211_REG_RELAX_NO_IR
|
|
bool "cfg80211 support for NO_IR relaxation"
|
|
depends on CFG80211_CERTIFICATION_ONUS
|
|
---help---
|
|
This option enables support for relaxation of the NO_IR flag for
|
|
situations that certain regulatory bodies have provided clarifications
|
|
on how relaxation can occur. This feature has an inherent dependency on
|
|
userspace features which must have been properly tested and as such is
|
|
not enabled by default.
|
|
|
|
A relaxation feature example is allowing the operation of a P2P group
|
|
owner (GO) on channels marked with NO_IR if there is an additional BSS
|
|
interface which associated to an AP which userspace assumes or confirms
|
|
to be an authorized master, i.e., with radar detection support and DFS
|
|
capabilities. However, note that in order to not create daisy chain
|
|
scenarios, this relaxation is not allowed in cases where the BSS client
|
|
is associated to P2P GO and in addition the P2P GO instantiated on
|
|
a channel due to this relaxation should not allow connection from
|
|
non P2P clients.
|
|
|
|
The regulatory core will apply these relaxations only for drivers that
|
|
support this feature by declaring the appropriate channel flags and
|
|
capabilities in their registration flow.
|
|
|
|
config CFG80211_DEFAULT_PS
|
|
bool "enable powersave by default"
|
|
depends on CFG80211
|
|
default y
|
|
help
|
|
This option enables powersave mode by default.
|
|
|
|
If this causes your applications to misbehave you should fix your
|
|
applications instead -- they need to register their network
|
|
latency requirement, see Documentation/power/pm_qos_interface.txt.
|
|
|
|
config CFG80211_DEBUGFS
|
|
bool "cfg80211 DebugFS entries"
|
|
depends on CFG80211
|
|
depends on DEBUG_FS
|
|
---help---
|
|
You can enable this if you want debugfs entries for cfg80211.
|
|
|
|
If unsure, say N.
|
|
|
|
config CFG80211_CRDA_SUPPORT
|
|
bool "support CRDA" if EXPERT
|
|
default y
|
|
depends on CFG80211
|
|
help
|
|
You should enable this option unless you know for sure you have no
|
|
need for it, for example when using internal regdb (above) or the
|
|
database loaded as a firmware file.
|
|
|
|
If unsure, say Y.
|
|
|
|
config CFG80211_WEXT
|
|
bool "cfg80211 wireless extensions compatibility" if !CFG80211_WEXT_EXPORT
|
|
depends on CFG80211
|
|
select WEXT_CORE
|
|
default y if CFG80211_WEXT_EXPORT
|
|
help
|
|
Enable this option if you need old userspace for wireless
|
|
extensions with cfg80211-based drivers.
|
|
|
|
config CFG80211_WEXT_EXPORT
|
|
bool
|
|
depends on CFG80211
|
|
help
|
|
Drivers should select this option if they require cfg80211's
|
|
wext compatibility symbols to be exported.
|
|
|
|
config LIB80211
|
|
tristate
|
|
default n
|
|
help
|
|
This options enables a library of common routines used
|
|
by IEEE802.11 wireless LAN drivers.
|
|
|
|
Drivers should select this themselves if needed.
|
|
|
|
config LIB80211_CRYPT_WEP
|
|
tristate
|
|
|
|
config LIB80211_CRYPT_CCMP
|
|
tristate
|
|
|
|
config LIB80211_CRYPT_TKIP
|
|
tristate
|
|
|
|
config LIB80211_DEBUG
|
|
bool "lib80211 debugging messages"
|
|
depends on LIB80211
|
|
default n
|
|
---help---
|
|
You can enable this if you want verbose debugging messages
|
|
from lib80211.
|
|
|
|
If unsure, say N.
|