Re: Regulatory/CRDA Race

"Luis R. Rodriguez" <mcgrof@xxxxxxxxx> · Thu, 11 Nov 2010 16:01:37 -0800

On Thu, Nov 11, 2010 at 4:00 PM, Luis R. Rodriguez <mcgrof@xxxxxxxxx> wrote:
> On Thu, Nov 11, 2010 at 3:36 PM, Luis R. Rodriguez <mcgrof@xxxxxxxxx> wrote:
>> On Tue, Nov 9, 2010 at 1:19 PM, Luis R. Rodriguez <mcgrof@xxxxxxxxx> wrote:
>>> On Mon, Nov 8, 2010 at 11:40 AM, Mark Mentovai <mark@xxxxxxxxxxxx> wrote:
>>>> Following up on the old-ish â[ath5k-devel] Race condition in CRDA calls?â threadâ
>>>>
>>>> I independently experienced this problem, debugged it, and came to the same conclusion. There is in fact a race between regulatory requests being made via regulatory_hint and CRDA actually updating regulatory data. I see this on a system with two cards that come up one after the other during boot.
>>>>
>>>> 1. cfg80211 calls CRDA to update the world regulatory domain and CRDA does so. The regulatory domain is now 00.
>>>>
>>>> 2. The first cardâs driver (in my case, ath9k) calls regulatory_hint to provide US as a driver hint. ignore_request decides against intersection because the last request came from the core. Thereâs a CRDA call, but CRDA isnât quick enough to respond. The regulatory domain is still 00, because CRDA hasnât changed it yet.
>>>>
>>>> 3. The second cardâs driver (also ath9k) calls regulatory_hint to provide US as a driver hint. ignore_request sees that the last request came from a driver (instead of the core) and since the regulatory domain is changing from 00 to US, decides that intersection must be performed.
>>>>
>>>> 4. When CRDA finally responds to the request from #2 or #3, cfg80211 sees that last_request->intersect is true, and intersects. The regulatory domain is set to the intersection of 00 and US.
>>>>
>>>> The race here is between CRDA providing data and the second cardâs request being made via regulatory_hint. regulatory_hint and ignore_request assume that last_request is in sync with the currently-set regulatory domain, but there is no such synchronization.
>>>>
>>>> Hereâs my openwrt-devel post describing the above in a slightly different level of detail:https://lists.openwrt.org/pipermail/openwrt-devel/2010-November/008570.html.--
>>>
>>> I'll take a look at this once I get done with the
>>> compat-wireless-2.6.37 release. Thanks for the report.
>>
>> I'm looking at this now, can you do me a favor and test against
>> today's wireless-testing to verify the issue is still present? I'll be
>> digging at this in the mean time.
>
> I can reproduce this easily now with:
>
> mcgrof@flash ~ $ sudo cat /sbin/crda
> #!/bin/bash
> echo $COUNTRY >> /tmp/log
> sleep 2
> /sbin/crda.orig
>
>
> mcgrof@flash ~ $ iw reg get
> country 98:
> Â Â Â Â(2402 - 2472 @ 40), (N/A, 20)
> Â Â Â Â(2457 - 2482 @ 20), (N/A, 20), PASSIVE-SCAN, NO-IBSS
> Â Â Â Â(2474 - 2482 @ 8), (N/A, 20), NO-OFDM, PASSIVE-SCAN, NO-IBSS
> Â Â Â Â(5170 - 5250 @ 40), (N/A, 20), PASSIVE-SCAN, NO-IBSS
>
> You don't even have to use ath9k, just use mac80211_hwsim with:
>
> modprobe mac80211_hwsim regtest=2
>
> I get (I'm trimming irrelevant output)
>
> Wiphy phy1
> Â Â Â ÂBand 1:
> Â Â Â Â Â Â Â ÂFrequencies:
> Â Â Â Â Â Â Â Â Â Â Â Â* 2412 MHz [1] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2417 MHz [2] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2422 MHz [3] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2427 MHz [4] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2432 MHz [5] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2437 MHz [6] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2442 MHz [7] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2447 MHz [8] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2452 MHz [9] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2457 MHz [10] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2462 MHz [11] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2467 MHz [12] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2472 MHz [13] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2484 MHz [14] (disabled)
> Â Â Â ÂBand 2:
> Â Â Â Â Â Â Â ÂFrequencies:
> Â Â Â Â Â Â Â Â Â Â Â Â* 5180 MHz [36] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5200 MHz [40] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5220 MHz [44] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5240 MHz [48] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5260 MHz [52] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5280 MHz [56] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5300 MHz [60] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5320 MHz [64] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5500 MHz [100] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5520 MHz [104] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5540 MHz [108] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5560 MHz [112] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5580 MHz [116] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5600 MHz [120] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5620 MHz [124] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5640 MHz [128] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5660 MHz [132] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5680 MHz [136] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5700 MHz [140] (20.0 dBm) (radar detection)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5745 MHz [149] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5765 MHz [153] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5785 MHz [157] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5805 MHz [161] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5825 MHz [165] (disabled)
> Wiphy phy0
> Â Â Â ÂBand 1:
> Â Â Â Â Â Â Â ÂFrequencies:
> Â Â Â Â Â Â Â Â Â Â Â Â* 2412 MHz [1] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2417 MHz [2] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2422 MHz [3] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2427 MHz [4] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2432 MHz [5] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2437 MHz [6] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2442 MHz [7] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2447 MHz [8] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2452 MHz [9] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2457 MHz [10] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2462 MHz [11] (20.0 dBm)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2467 MHz [12] (20.0 dBm) (passive scanning, no IBSS)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2472 MHz [13] (20.0 dBm) (passive scanning, no IBSS)
> Â Â Â Â Â Â Â Â Â Â Â Â* 2484 MHz [14] (disabled)
> Â Â Â ÂBand 2:
> Â Â Â Â Â Â Â ÂFrequencies:
> Â Â Â Â Â Â Â Â Â Â Â Â* 5180 MHz [36] (20.0 dBm) (passive scanning, no IBSS)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5200 MHz [40] (20.0 dBm) (passive scanning, no IBSS)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5220 MHz [44] (20.0 dBm) (passive scanning, no IBSS)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5240 MHz [48] (20.0 dBm) (passive scanning, no IBSS)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5260 MHz [52] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5280 MHz [56] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5300 MHz [60] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5320 MHz [64] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5500 MHz [100] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5520 MHz [104] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5540 MHz [108] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5560 MHz [112] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5580 MHz [116] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5600 MHz [120] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5620 MHz [124] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5640 MHz [128] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5660 MHz [132] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5680 MHz [136] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5700 MHz [140] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5745 MHz [149] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5765 MHz [153] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5785 MHz [157] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5805 MHz [161] (disabled)
> Â Â Â Â Â Â Â Â Â Â Â Â* 5825 MHz [165] (disabled)

I'll fix thanks for reporting this.

  Luis
ÿô.nÇ‰·Ÿ®‰†+%ŠË±é¥Šwÿº{.nÇ‰·¥Š{±ÿ«zW¬³ø¡Ü}©ž²ÆzÚj:+v‰¨þø®w¥þŠàÞ¨è&¢)ß«a¶Úÿûz¹ÞúŽŠÝjÿŠwèf