New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FS#3901 - WPA encryption broken since commit "mac80211: remove patches stripping down crypto support" #8932
Comments
nbd: Does the issue also happen if you remove the DEU driver? |
argonym: Good catch. If I deselect kmod-ltq-deu-vr9, the issue is gone. The driver is also [[https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=e85180d90ed01ef4fb89675702622a9cabf3b092|not compatible with kernel 5.10]]. Same cause? Maybe it should simply be removed (for now). |
kestrel1974: (copy of the comment in the commit to disable ltq-deu) I had a look at the driver in trunk and could reproduce the issue by using mac80211_hwsim on fritzbox 7490 even without a physical wifi. While removing the driver or commenting out AES makes this issue go away, the drivers AES methods (aes_set_key) are not even called when the error occurs. They are called, when the error does not occur, e.g. I added printk and dumpstack() to the methods in ifxmips_aes.c and in some cases the error went away and the virtual wlan0 and wlan1 initialized just fine. There is a 'netifd: radio0 (2354): Command failed: Invalid argument' error from netifd in the log (logread not dmesg), so to me it seems the actual error is caused before even calling the ltq-deu drivers set_key method:
Unfortunately I have no clue, which command and which argument failed. |
kestrel1974: The new driver seems to work, I screwed it up by copying an newer version of the driver over with an older timestamp and it was not build, due to the timestamp. I was confused by @Notupus reports that the new driver does not work. Sorry for the confusion. |
argonym:
(This could be a duplicate of [[https://bugs.openwrt.org/index.php?do=details&task_id=3898|FS#3898]]. Created a new report as hostapd log messages differ.)
Model TP-LINK TD-W8970
Architecture MIPS 34Kc Lantiq XWAY VRX268
Wireless hardware AR9381 / ath9k
Firmware Version OpenWrt SNAPSHOT r17032+11-b4ea780da1 [based on master@e6b3e77e] / LuCI Master git-21.163.60157-1bcb125
Kernel Version 5.4.124
hostapd log messages:
root@LEDE:~# logread | grep hostapd
Thu Jun 24 13:37:53 2021 daemon.notice hostapd: Configuration file: /var/run/hostapd-phy0.conf (phy wlan0) --> new PHY
Thu Jun 24 13:37:53 2021 daemon.notice hostapd: wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE
Thu Jun 24 13:37:55 2021 daemon.err hostapd: nl80211: kernel reports: key addition failed
Thu Jun 24 13:37:55 2021 daemon.err hostapd: Interface initialization failed
Thu Jun 24 13:37:55 2021 daemon.notice hostapd: wlan0: interface state COUNTRY_UPDATE->DISABLED
Thu Jun 24 13:37:55 2021 daemon.notice hostapd: wlan0: AP-DISABLED
Thu Jun 24 13:37:55 2021 daemon.err hostapd: wlan0: Unable to setup interface.
Thu Jun 24 13:37:55 2021 daemon.notice hostapd: nl80211: deinit ifname=wlan0 disabled_11b_rates=0
Thu Jun 24 13:37:55 2021 daemon.notice hostapd: wlan0: CTRL-EVENT-TERMINATING
Thu Jun 24 13:37:55 2021 daemon.err hostapd: hostapd_free_hapd_data: Interface wlan0 wasn't started
wpad-basic, wpad-basic-wolfssl and wpad-mesh-wolfssl (wolfssl with and without /dev/crypto support) with any WPA version are affected. (I did not try wpad-*-openssl.)
Reverting [[https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=53b6783907f3bd6f0f88f9d6feed20b21e2cd181|53b6783]] fixes the issue.
My pretty standard AP-mode /etc/config/wireless:
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11g'
option path 'pci0000:00/0000:00:00.0/0000:01:00.0'
option htmode 'HT20'
option log_level '1'
option cell_density '1'
option distance '15'
option channel '13'
option country 'DE'
config wifi-iface 'wifinet0'
option device 'radio0'
option mode 'ap'
option network 'lan'
option ssid '...'
option encryption 'sae-mixed'
option key '...'
option ieee80211w '1'
/var/run/hostapd-phy0.conf:
driver=nl80211
logger_syslog=127
logger_syslog_level=1
logger_stdout=127
logger_stdout_level=1
country_code=DE
ieee80211d=1
hw_mode=g
supported_rates=60 90 120 180 240 360 480 540
basic_rates=60 120 240
beacon_int=100
dtim_period=2
channel=13
chanlist=13
ieee80211n=1
ht_coex=0
ht_capab=[LDPC][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
radio_config_id=614cf6f66f4a51eefaf4bd5d4b33983c
interface=wlan0
ctrl_interface=/var/run/hostapd
ap_isolate=1
bss_load_update_period=60
chan_util_avg_period=600
disassoc_low_ack=1
skip_inactivity_poll=0
preamble=1
wmm_enabled=1
ignore_broadcast_ssid=0
uapsd_advertisement_enabled=1
utf8_ssid=1
multi_ap=0
sae_require_mfp=1
wpa_passphrase=...
wpa_psk_file=/var/run/hostapd-wlan0.psk
auth_algs=1
wpa=2
wpa_pairwise=CCMP
ssid=...
bridge=br-lan
wpa_disable_eapol_key_retries=0
wpa_key_mgmt=WPA-PSK WPA-PSK-SHA256 SAE
okc=1
ieee80211w=1
group_mgmt_cipher=AES-128-CMAC
dynamic_vlan=0
vlan_naming=1
vlan_no_bridge=1
vlan_file=/var/run/hostapd-wlan0.vlan
config_id=959613158ed8967fd9f81b6a58d43b5f
bssid=...
Diffconfig and dmesg attached.
The text was updated successfully, but these errors were encountered: