2 * Central Regulatory Domain Agent for Linux
4 * Userspace helper which sends regulatory domains to Linux via nl80211
11 #include <ctype.h> /* For isalnum(), remove later */
13 #include <sys/types.h>
17 #include <arpa/inet.h>
19 #include <netlink/genl/genl.h>
20 #include <netlink/genl/family.h>
21 #include <netlink/genl/ctrl.h>
22 #include <netlink/msg.h>
23 #include <netlink/attr.h>
24 #include <linux/nl80211.h>
29 #include <openssl/objects.h>
30 #include <openssl/bn.h>
31 #include <openssl/rsa.h>
32 #include <openssl/sha.h>
40 #include "keys-gcrypt.c"
43 struct nl80211_state {
44 struct nl_handle *nl_handle;
45 struct nl_cache *nl_cache;
46 struct genl_family *nl80211;
49 static int nl80211_init(struct nl80211_state *state)
53 state->nl_handle = nl_handle_alloc();
54 if (!state->nl_handle) {
55 fprintf(stderr, "Failed to allocate netlink handle.\n");
59 if (genl_connect(state->nl_handle)) {
60 fprintf(stderr, "Failed to connect to generic netlink.\n");
62 goto out_handle_destroy;
65 state->nl_cache = genl_ctrl_alloc_cache(state->nl_handle);
66 if (!state->nl_cache) {
67 fprintf(stderr, "Failed to allocate generic netlink cache.\n");
69 goto out_handle_destroy;
72 state->nl80211 = genl_ctrl_search_by_name(state->nl_cache, "nl80211");
73 if (!state->nl80211) {
74 fprintf(stderr, "nl80211 not found.\n");
82 nl_cache_free(state->nl_cache);
84 nl_handle_destroy(state->nl_handle);
88 static void nl80211_cleanup(struct nl80211_state *state)
90 genl_family_put(state->nl80211);
91 nl_cache_free(state->nl_cache);
92 nl_handle_destroy(state->nl_handle);
95 static int reg_handler(struct nl_msg *msg, void *arg)
97 printf("=== reg_handler() called\n");
101 static int wait_handler(struct nl_msg *msg, void *arg)
109 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err, void *arg)
111 fprintf(stderr, "nl80211 error %d\n", err->error);
115 int isalpha_upper(char letter)
117 if (letter >= 65 && letter <= 90)
122 static int is_alpha2(char *alpha2)
124 if (isalpha_upper(alpha2[0]) && isalpha_upper(alpha2[1]))
129 static int is_world_regdom(char *alpha2)
132 if (alpha2[0] == 48 && alpha2[1] == 48)
137 static void *get_file_ptr(__u8 *db, int dblen, int structlen, __be32 ptr)
139 __u32 p = ntohl(ptr);
141 if (p > dblen - structlen) {
142 fprintf(stderr, "Invalid database file, bad pointer!\n");
146 return (void *)(db + p);
149 static int put_reg_rule(__u8 *db, int dblen, __be32 ruleptr, struct nl_msg *msg)
151 struct regdb_file_reg_rule *rule;
152 struct regdb_file_freq_range *freq;
153 struct regdb_file_power_rule *power;
155 rule = get_file_ptr(db, dblen, sizeof(*rule), ruleptr);
156 freq = get_file_ptr(db, dblen, sizeof(*freq), rule->freq_range_ptr);
157 power = get_file_ptr(db, dblen, sizeof(*power), rule->power_rule_ptr);
159 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, ntohl(rule->flags));
160 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, ntohl(freq->start_freq));
161 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, ntohl(freq->end_freq));
162 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, ntohl(freq->max_bandwidth));
163 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, ntohl(power->max_antenna_gain));
164 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, ntohl(power->max_eirp));
172 int main(int argc, char **argv)
177 struct regdb_file_header *header;
178 struct regdb_file_reg_country *countries;
179 int dblen, siglen, num_countries, i, j, r;
181 struct nl80211_state nlstate;
182 struct nl_cb *cb = NULL;
184 int found_country = 0;
187 struct regdb_file_reg_rules_collection *rcoll;
188 struct regdb_file_reg_country *country;
189 struct nlattr *nl_reg_rules;
194 __u8 hash[SHA_DIGEST_LENGTH];
198 gcry_mpi_t mpi_e, mpi_n;
199 gcry_sexp_t rsa, signature, data;
203 char *regdb = "/usr/lib/crda/regulatory.bin";
206 fprintf(stderr, "Usage: %s <ISO-3166 alpha2 country code>\n", argv[0]);
210 if (!is_alpha2(argv[1]) && !is_world_regdom(argv[1])) {
211 fprintf(stderr, "Invalid alpha2\n");
215 memcpy(alpha2, argv[1], 2);
217 r = nl80211_init(&nlstate);
221 fd = open(regdb, O_RDONLY);
223 perror("failed to open db file");
228 if (fstat(fd, &stat)) {
229 perror("failed to fstat db file");
234 dblen = stat.st_size;
236 db = mmap(NULL, dblen, PROT_READ, MAP_PRIVATE, fd, 0);
237 if (db == MAP_FAILED) {
238 perror("failed to mmap db file");
243 header = get_file_ptr(db, dblen, sizeof(*header), 0);
245 if (ntohl(header->magic) != REGDB_MAGIC) {
246 fprintf(stderr, "Invalid database magic\n");
251 if (ntohl(header->version) != REGDB_VERSION) {
252 fprintf(stderr, "Invalid database version\n");
257 siglen = ntohl(header->signature_length);
258 /* adjust dblen so later sanity checks don't run into the signature */
261 if (dblen <= sizeof(*header)) {
262 fprintf(stderr, "Invalid signature length %d\n", siglen);
267 /* verify signature */
271 fprintf(stderr, "Failed to create RSA key\n");
276 if (SHA1(db, dblen, hash) != hash) {
277 fprintf(stderr, "Failed to calculate SHA sum\n");
282 for (i = 0; i < sizeof(keys)/sizeof(keys[0]); i++) {
286 if (RSA_size(rsa) != siglen)
289 ok = RSA_verify(NID_sha1, hash, SHA_DIGEST_LENGTH,
290 db + dblen, siglen, rsa) == 1;
296 fprintf(stderr, "Database signature wrong\n");
305 BN_print_fp(stdout, &keys[0].n);
311 gcry_md_hash_buffer(GCRY_MD_SHA1, hash, db, dblen);
313 if (gcry_sexp_build(&data, NULL, "(data (flags pkcs1) (hash sha1 %b))",
315 fprintf(stderr, "failed to build data expression\n");
319 if (gcry_sexp_build(&signature, NULL, "(sig-val (rsa (s %b)))",
320 siglen, db + dblen)) {
321 fprintf(stderr, "failed to build signature expression\n");
325 for (i = 0; i < sizeof(keys)/sizeof(keys[0]); i++) {
326 if (gcry_mpi_scan(&mpi_e, GCRYMPI_FMT_USG,
327 keys[0].e, keys[0].len_e, NULL) ||
328 gcry_mpi_scan(&mpi_n, GCRYMPI_FMT_USG,
329 keys[0].n, keys[0].len_n, NULL)) {
330 fprintf(stderr, "failed to convert numbers\n");
334 if (gcry_sexp_build(&rsa, NULL,
335 "(public-key (rsa (n %m) (e %m)))",
337 fprintf(stderr, "failed to build rsa key\n");
341 if (!gcry_pk_verify(signature, data, rsa)) {
348 fprintf(stderr, "Database signature wrong\n");
354 num_countries = ntohl(header->reg_country_num);
355 countries = get_file_ptr(db, dblen,
356 sizeof(struct regdb_file_reg_country) * num_countries,
357 header->reg_country_ptr);
359 for (i = 0; i < num_countries; i++) {
360 country = countries + i;
361 if (memcmp(country->alpha2, alpha2, 2) == 0) {
367 if (!found_country) {
368 fprintf(stderr, "failed to find a country match in regulatory database\n");
374 fprintf(stderr, "failed to allocate netlink msg\n");
378 genlmsg_put(msg, 0, 0, genl_family_get_id(nlstate.nl80211), 0,
379 0, NL80211_CMD_SET_REG, 0);
382 rcoll = get_file_ptr(db, dblen, sizeof(*rcoll), country->reg_collection_ptr);
383 num_rules = ntohl(rcoll->reg_rule_num);
384 /* re-get pointer with sanity checking for num_rules */
385 rcoll = get_file_ptr(db, dblen,
386 sizeof(*rcoll) + num_rules * sizeof(__be32),
387 country->reg_collection_ptr);
389 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, (char *) country->alpha2);
391 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
394 goto nla_put_failure;
397 for (j = 0; j < num_rules; j++) {
398 struct nlattr *nl_reg_rule;
399 nl_reg_rule = nla_nest_start(msg, i);
401 goto nla_put_failure;
403 r = put_reg_rule(db, dblen, rcoll->reg_rule_ptrs[j], msg);
405 goto nla_put_failure;
407 nla_nest_end(msg, nl_reg_rule);
410 nla_nest_end(msg, nl_reg_rules);
412 cb = nl_cb_alloc(NL_CB_CUSTOM);
416 r = nl_send_auto_complete(nlstate.nl_handle, msg);
419 fprintf(stderr, "failed to send regulatory request: %d\n", r);
423 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, reg_handler, NULL);
424 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, wait_handler, &finished);
425 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, NULL);
428 r = nl_wait_for_ack(nlstate.nl_handle);
430 fprintf(stderr, "failed to set regulatory domain: %d\n", r);
440 nl80211_cleanup(&nlstate);
projects / platform / upstream / crda.git / blob