The regulatory database
CRDA requires a regulatory database (Web view or gitweb) to be build and maintained. Our hope is that this database can be used by other platforms (open or proprietary), not just Linux. John Linville maintains this database through the wireless-regdb git tree:
The regulatory.bin file there is signed with his RSA private key. We keep the RSA public key embedded as part of CRDA which allows us to verify the authorship and integrity of the regulatory database.
Releases of wireless-regdb
You can find official wireless-regdb releases here: http://kernel.org/pub/software/network/wireless-regdb/
ASCII file format
Below is an example of a country entry for the db.txt regulatory file for EC (Ecuador)
country EC: (2402 - 2482 @ 40), (N/A, 20) (5170 - 5250 @ 20), (6, 17) (5250 - 5330 @ 20), (6, 23), DFS (5735 - 5835 @ 20), (6, 30)
Note that the frequency range (e.g. 2402-2482) covers the complete used bandwidth, so this definition allows using the 2 GHz channels 1 through 13 as 40 MHz channels. 5 GHz channels of a bandwidth of 20 MHz can be used if the frequencies used by the channel fit into the specified frequency ranges.
Binary file format
We define a new custom binary file format for use with CRDA, to have the data available quickly and as compact as possible as well as allowing to distribute the data along with the digital signature (see below) as easily as possible. The file format is defined in the regdb.h header file.
RSA Digital Signature
Integrity of the binary regulatory file is ensured by digitally signing the regulatory data using a private key and embedding the signature into the binary file. When the file is loaded by the regulatory daemon the signature is checked against a list of public keys built into the regulatory daemon binary or by by checking against the list of public keys in a preconfigured directory. This process ensures regulatory.bin file authorship and integrity.
Both CRDA and wireless-regdb allows you to build it without RSA key signature checking, if this is something you find useless then do not use them, but we advise against it. The reason RSA digital signature checks are an option and is what is recommend is that regulatory bodies are highly sensitive towards compliance and the current infrastructure we have gives us best effort on our part of doing the best we can to ensure integrity of the files and also gives us a mechanism to use files from trusted parties on-the-fly. Distribution packaging tends to guarantee file integrity upon installation time and from a specific source but it does not give you on-the-fly file integrity checks. Integrity checks are possible through alternate means such as simple CRC checks but you'd then need a list of all allowed CRCs, by using RSA digital signatures you get both file integrity checks for _any_ binary built with the private key by checking for the signature – and while at it you also can get file authorship protection – all of this while the file is being read for usage in memory. Distributions do not protect against file corruption after the files are in place, for example.
John Linville is the default trusted party in CRDA if you enable RSA digital signature checks because he is the maintainer of the Linux wireless subsystem and wireless-regdb. CRDA lets you enable multiple trusted parties by letting you add more public keys into CRDA's source code's pubkeys directory or by adding them into a preconfigured system directory for dynamic reading at runtime.
If your distribution requires you to build your own regulatory.bin you can add your own public key into CRDA's source code pubkeys directory or at installation time on the system preconfigured pubkeys directory. CRDA will then run using a regulatory.bin built by John Linville or your distribution's wirelss-regdb package maintainer's key. The benefit of allowing CRDA to trust either John's key or your own distribution is it allows users to upgrade their regulatory.bin using their own distribution's built regulatory.bin, or simply upgrade to using the binary regulatory.bin provided through wireless-regdb or through releases on this web site.
Sending updates to the regulatory database
If you find any errors please send them to the wirleess-regdb mailing list and the linux-wireless mailing list, either as patches to the db.txt file from the wireless-regdb git tree, or just tell us what is wrong in plain English.
Patches sent to the wireless-regdb git tree should be addressed as follows:
To: email@example.com Cc: firstname.lastname@example.org, email@example.com Subject: wireless-regdb: Update regulatory rules for France (FR) on 5GHz
Mailing list for regulatory updates
The goal is to make regulatory data for 802.11 Part 15 rules shared between different 802.11 devices. It may be even possible to share the same regulatory database across different operating systems. Either way since data can potentially be shared we have a mailing list dedicated to discussions and review of just regulatory information. Subscribe to it for review or updates.
Please review these instructions on details of what is expected from you to make modifications to the regulatory database file.
Changing the database file format
To change the file format you will need to send patches to both crda (start off with regdb.h) and wireless-regdb/dbparse.py. You should send your patch as an RFC on the linux-wireless mailing list and CC both the wireless-regdb and crda maintainers.