Atheros WiFi cards with regulatory domain 00 - tmshlvck/turris-debian GitHub Wiki
The Atheros/Qualcomm based WiFi cards that were built in to the first few (at least 3) production runs of Turris Omnia routers were models with 00 regulatory domain written in the NIC EPROM. This applies to both 2.4 GHz only NIC (Qualcomm Atheros AR9287 Wireless Network Adapter) - the short mPCI-Express card and the 2.4/5 GHz NIC (Qualcomm Atheros QCA986x/988x 802.11ac Wireless Network Adapter) - the long mPCI-Express.
It was not a problem for the first few releases of Debian for Turris because the kernel driver allowed to override the regulatory domain from userspace using iw reg set CZ or whatever reg domain was appropriate. And we had own kernel package anyway so later I just took the OpenWRT patches.
However since Debian Bullseye I replaced the custom kernel with the upstream one that contains the upstream work that locked out the userspace change of the regulatory domain. Even worse it seems that it treats the EPROM values in the 2.4/5 GHz card in the manner that actually merges multiple restrictions together and in the end the 5GHz band can not be used for AP at all.
The symptoms of this behavior seem to be these dmesg messages:
[ 17.675417] ath: EEPROM regdomain sanitized
[ 17.675425] ath: EEPROM regdomain: 0x64
[ 17.675428] ath: EEPROM indicates we should expect a direct regpair map
[ 17.675435] ath: Country alpha2 being used: 00
[ 17.675438] ath: Regpair used: 0x64
There are numerous guides how to overcome this either by re-building the ath.o module (https://github.com/twisteroidambassador/arch-linux-ath-user-regd/issues/1) or simply by taking the OpenWRT patch https://gist.github.com/renaudcerrato/02de8b2e8dc013bc71326defd2ef062c/raw/a2db325e520e6442c8c12f7599d64ac1b7596a3e/402-ath_regd_optional.patch
I went down the easiest but very slow route (compilation ran overnight on 12-core CPU):
- unpack the current
omnia-medkit-<date>.tar.gz - setup binfmt-misc in the distro to properly execute qemu-static for armhf (this depends on the distro, I used this link to setup my Fedora: https://github.com/junaruga/fedora-workshop-multiarch/blob/master/02.system/README.md)
- chroot to the unpacked armhf tree:
mount -o bind /proc turris/proc/ ; mount -o bind /dev turris/dev ; mount -o bind /sys turris/sys ; chroot /root/turris /bin/bash - Run the following in the Omnia tree
apt-get build-dep linux
apt-get source linux
VERSION=$(uname -r)
cd linux-${VERSION%%-*}
wget -O - https://gist.github.com/renaudcerrato/02de8b2e8dc013bc71326defd2ef062c/raw/a2db325e520e6442c8c12f7599d64ac1b7596a3e/402-ath_regd_optional.patch | patch -p1 -b
#TODO: Fix the config to add CONFIG_ATH_USER_REGD
#sed -i 's/# CONFIG_ATH_USER_REGD is not set/CONFIG_ATH_USER_REGD=y/' debian/build/build_armhf_none_armmp/.config
echo "CONFIG_ATH_USER_REGD=y" >> debian/build/build_armhf_none_armmp/.config
fakeroot debian/rules clean
fakeroot debian/rules binary-generic
- Then exit the chroot and take the resulting
linux-image-armmp_<version>_armhf.deband install it on the Omnia withdpkg -i <package>.deb
- https://medium.com/@renaudcerrato/how-to-build-your-own-wireless-router-from-scratch-part-3-d54eecce157f
- https://wiki.debian.org/BuildADebianKernelPackage
This method seems to be more sustainable. However we need to wrap this up to a script to make it easy to update the kernels.
The method (captured from my experiment):
sudo podman image pull debian
sudo mkdir /home/th/build
sudo podman run --network=host -it --privileged --volume /home/th/build:/build docker.io/library/debian /bin/bash
#sudo podman start -a unruffled_goldwasser
#Running the build:
cat > /etc/apt/sources.list <<EOF
deb http://deb.debian.org/debian bullseye main
deb-src http://deb.debian.org/debian bullseye main
deb http://security.debian.org/debian-security bullseye-security main
deb-src http://security.debian.org/debian-security bullseye-security main
deb http://deb.debian.org/debian bullseye-updates main
deb-src http://deb.debian.org/debian bullseye-updates main
EOF
apt-get update
apt install fakeroot git kernel-wedge quilt ccache flex bison libssl-dev dh-exec rsync libelf-dev bc crossbuild-essential-armhf procps vim wget devscripts
apt-get build-dep linux
cd /build
apt-get source linux
wget https://gist.github.com/renaudcerrato/02de8b2e8dc013bc71326defd2ef062c/raw/a2db325e520e6442c8c12f7599d64ac1b7596a3e/402-ath_regd_optional.patch
cd /build/linux-5.10.106/
#debian/bin/test-patches ../402-ath_regd_optional.patch # this does not work because the patch needs -p1 to apply
# This triplet is defined in
# https://salsa.debian.org/kernel-team/linux/tree/master/debian/config/<ARCH>/
# and its sub-directories.
ARCH=armhf
FEATURESET=none
FLAVOUR=armmp
export $(dpkg-architecture -a$ARCH)
export PATH=/usr/lib/ccache:$PATH
# Build profiles is from: https://salsa.debian.org/kernel-team/linux/blob/master/debian/README.source
export DEB_BUILD_PROFILES="cross nopython nodoc pkg.linux.notools"
# Enable build in parallel
export MAKEFLAGS="-j$(($(nproc)*2))"
# Disable -dbg (debug) package is only possible when distribution="UNRELEASED" in debian/changelog
export DEBIAN_KERNEL_DISABLE_DEBUG=
[ "$(dpkg-parsechangelog --show-field Distribution)" = "UNRELEASED" ] &&
export DEBIAN_KERNEL_DISABLE_DEBUG=yes
fakeroot make -f debian/rules clean
fakeroot make -f debian/rules orig
fakeroot make -f debian/rules source
fakeroot make -f debian/rules.gen setup_${ARCH}_${FEATURESET}_${FLAVOUR}
echo "CONFIG_ATH_USER_REGD=y" >> debian/build/build_armhf_none_armmp/.config
fakeroot make -f debian/rules.gen binary-arch_${ARCH}_${FEATURESET}_${FLAVOUR}
# Exctract the packages and then do the cleanup
sudo podman ps --all
sudo podman rm unruffled_goldwasser
- https://www.debian.org/doc/manuals/debian-kernel-handbook/ch-common-tasks.html#s4.2.2
- https://wiki.debian.org/HowToCrossBuildAnOfficialDebianKernelPackage
DAEMON_OPTS=" /etc/hostapd/hostapd5.conf"
logger_syslog=-1
logger_syslog_level=2
interface=wlp3s0
bridge=br0
driver=nl80211
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
country_code=CH
ieee80211d=1
ssid=xxx
hw_mode=g
channel=auto
wpa=2
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
wpa_passphrase=xxx
wmm_enabled=1
# Low priority / AC_BK = background
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
# Note: for IEEE 802.11b mode: cWmin=5 cWmax=10
#
# Normal priority / AC_BE = best effort
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
# Note: for IEEE 802.11b mode: cWmin=5 cWmax=7
#
# High priority / AC_VI = video
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
# Note: for IEEE 802.11b mode: cWmin=4 cWmax=5 txop_limit=188
#
# Highest priority / AC_VO = voice
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
ieee80211n=1
ht_capab=[HT40+][HT40-][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
logger_syslog=-1
logger_syslog_level=2
interface=wlp2s0
bridge=br0
driver=nl80211
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
country_code=CH
ieee80211d=1
ieee80211h=1
ssid=xxx
hw_mode=a
#channel=auto
channel=36
wpa=2
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
wpa_passphrase=xxx
wmm_enabled=1
# Low priority / AC_BK = background
wmm_ac_bk_cwmin=4
wmm_ac_bk_cwmax=10
wmm_ac_bk_aifs=7
wmm_ac_bk_txop_limit=0
wmm_ac_bk_acm=0
# Note: for IEEE 802.11b mode: cWmin=5 cWmax=10
#
# Normal priority / AC_BE = best effort
wmm_ac_be_aifs=3
wmm_ac_be_cwmin=4
wmm_ac_be_cwmax=10
wmm_ac_be_txop_limit=0
wmm_ac_be_acm=0
# Note: for IEEE 802.11b mode: cWmin=5 cWmax=7
#
# High priority / AC_VI = video
wmm_ac_vi_aifs=2
wmm_ac_vi_cwmin=3
wmm_ac_vi_cwmax=4
wmm_ac_vi_txop_limit=94
wmm_ac_vi_acm=0
# Note: for IEEE 802.11b mode: cWmin=4 cWmax=5 txop_limit=188
#
# Highest priority / AC_VO = voice
wmm_ac_vo_aifs=2
wmm_ac_vo_cwmin=2
wmm_ac_vo_cwmax=3
wmm_ac_vo_txop_limit=47
wmm_ac_vo_acm=0
ieee80211n=1
ht_capab=[HT40+][HT40-][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
vht_oper_centr_freq_seg0_idx=42
ieee80211ac=1
vht_oper_chwidth=1
vht_capab=[MAX-MPDU-11454][RXLDPC][SHORT-GI-80][TX-STBC-2BY1][RX-STBC-1]