> -----Original Message----- > From: Hostap [mailto:hostap-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Ben > Greear > Sent: Friday, July 07, 2017 12:42 AM > To: hostap@xxxxxxxxxxxxxxxxxxx > Cc: Wojciech Dubowik > Subject: Re: [PATCH] wpa_supplicant: Wait for eapol 4/4 tx-status before > setting key. > > On 06/13/2017 11:29 AM, greearb@xxxxxxxxxxxxxxx wrote: > > From: Wojciech Dubowik <Wojciech.Dubowik@xxxxxxxxxxx> > > > > Supplicant is using generic L2 send function for EAPOL messages which > > doesn't give back status whether frame has been acked or not. It can > > lead to wrong wpa states when EAPOL 4/4 is lost i.e. client is in > > connected state but keys aren't established on AP side. > > Fix that by using nl80211_send_eapol_data as for AP side and check in > > conneced state that 4/4 EAPOL has been acked. > > > > As a combined improvement, do not actually set the keys until we > > receive notification that the 4/4 message was sent. This fixes races > > in ath10k CT firmware, and may eventually let other firmware remove > > hacks that were needed to work around this key-setting race. > > Any comments on this? We have been testing it for a while, and it seems to > work well. I think that delaying the 'set_key' too much might also be problematic since it may raise interop issues where we might lose the first frames sent from the remote device which will be already encrypted. > > Thanks, > Ben > Thanks, Amir _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
