Thank you for your answer. I have tried to add the "ieee802.11w=1" to the configurations but hostapd doesn't start when I do so. Here is what the logs is telling me: "nl80211: set_key failed; err=-22 Invalid argument)". Here is the full output: 'random: Trying to read entropy from /dev/random Configuration file: hostapd-2.9/hostapd/myhostapd.conf ctrl_interface_group=0 nl80211: Supported cipher 00-0f-ac:1 nl80211: Supported cipher 00-0f-ac:5 nl80211: Supported cipher 00-0f-ac:2 nl80211: Supported cipher 00-0f-ac:4 nl80211: Supported cipher 00-0f-ac:10 nl80211: Supported cipher 00-0f-ac:8 nl80211: Supported cipher 00-0f-ac:9 nl80211: Using driver-based off-channel TX nl80211: Driver-advertised extended capabilities (default) - hexdump(len=8): 00 00 00 00 00 00 00 40 nl80211: Driver-advertised extended capabilities mask (default) - hexdump(len=8): 00 00 00 00 00 00 00 40 nl80211: interface wlx000e8e9082a7 in phy phy1 nl80211: Set mode ifindex 4 iftype 3 (AP) nl80211: Setup AP(wlx000e8e9082a7) - device_ap_sme=0 use_monitor=0 nl80211: Subscribe to mgmt frames with AP handle 0x561271eb1900 nl80211: Register frame type=0xb0 (WLAN_FC_STYPE_AUTH) nl_handle=0x561271eb1900 match= nl80211: Register frame type=0x0 (WLAN_FC_STYPE_ASSOC_REQ) nl_handle=0x561271eb1900 match= nl80211: Register frame type=0x20 (WLAN_FC_STYPE_REASSOC_REQ) nl_handle=0x561271eb1900 match= nl80211: Register frame type=0xa0 (WLAN_FC_STYPE_DISASSOC) nl_handle=0x561271eb1900 match= nl80211: Register frame type=0xc0 (WLAN_FC_STYPE_DEAUTH) nl_handle=0x561271eb1900 match= nl80211: Register frame type=0x40 (WLAN_FC_STYPE_PROBE_REQ) nl_handle=0x561271eb1900 match= nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=04 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=0501 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=0503 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=0504 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=06 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=08 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=09 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=0a nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=11 nl80211: Register frame type=0xd0 (WLAN_FC_STYPE_ACTION) nl_handle=0x561271eb1900 match=7f rfkill: initial event: idx=2 type=1 op=0 soft=0 hard=0 nl80211: Add own interface ifindex 4 (ifidx_reason -1) nl80211: if_indices[16]: 4(-1) phy: phy1 BSS count 1, BSSID mask 00:00:00:00:00:00 (0 bits) wlx000e8e9082a7: interface state UNINITIALIZED->COUNTRY_UPDATE Previous country code CA, new country code CA nl80211: Regulatory information - country=CA (DFS-FCC) nl80211: 2402-2472 @ 40 MHz 30 mBm nl80211: 5150-5250 @ 80 MHz 23 mBm (no outdoor) nl80211: 5250-5350 @ 80 MHz 24 mBm (DFS) nl80211: 5470-5600 @ 80 MHz 24 mBm (DFS) nl80211: 5650-5730 @ 80 MHz 24 mBm (DFS) nl80211: 5735-5835 @ 80 MHz 30 mBm nl80211: Added 802.11b mode based on 802.11g information nl80211: Mode IEEE 802.11g: 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 2467[DISABLED][NO_IR] 2472[DISABLED][NO_IR] 2484[DISABLED][NO_IR] nl80211: Mode IEEE 802.11a: 5180 5190 5200 5210 5220 5230 5240 5250[DISABLED] 5260[RADAR] 5270[RADAR] 5280[RADAR] 5290[RADAR] 5300[RADAR] 5310[RADAR] 5320[RADAR] 5500[RADAR] 5510[RADAR] 5520[RADAR] 5530[RADAR] 5540[RADAR] nl80211: Mode IEEE 802.11b: 2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 2467[DISABLED][NO_IR] 2472[DISABLED][NO_IR] 2484[DISABLED][NO_IR] hw vht capab: 0x0, conf vht capab: 0x0 Completing interface initialization Mode: IEEE 802.11a Channel: 48 Frequency: 5240 MHz DFS 0 channels required radar detection nl80211: Set freq 5240 (ht_enabled=1, vht_enabled=1, he_enabled=0, bandwidth=20 MHz, cf1=5240 MHz, cf2=0 MHz) * freq=5240 * he_enabled=0 * vht_enabled=1 * ht_enabled=1 * bandwidth=20 * channel_width=1 * center_freq1=5240 * center_freq2=0 RATE[0] rate=60 flags=0x1 RATE[1] rate=90 flags=0x0 RATE[2] rate=120 flags=0x1 RATE[3] rate=180 flags=0x0 RATE[4] rate=240 flags=0x1 RATE[5] rate=360 flags=0x0 RATE[6] rate=480 flags=0x0 RATE[7] rate=540 flags=0x0 hostapd_setup_bss(hapd=0x561271eab1c0 (wlx000e8e9082a7), first=1) wlx000e8e9082a7: Flushing old station entries nl80211: flush -> DEL_STATION wlx000e8e9082a7 (all) wlx000e8e9082a7: Deauthenticate all stations nl80211: send_mlme - da= ff:ff:ff:ff:ff:ff noack=0 freq=0 no_cck=0 offchanok=0 wait_time=0 fc=0xc0 (WLAN_FC_STYPE_DEAUTH) nlmode=3 nl80211: send_mlme -> send_frame nl80211: send_frame - Use bss->freq=5240 nl80211: send_frame -> send_frame_cmd nl80211: Frame command failed: ret=-16 (Device or resource busy) (freq=5240 wait=0) wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=3 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=4 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=5 set_tx=0 seq_len=0 key_len=0 Using interface wlx000e8e9082a7 with hwaddr 00:0e:8e:90:82:a7 and ssid "H2.0 EAP-SIM" wlx000e8e9082a7: RADIUS Authentication server 127.0.0.1:1812 RADIUS local address: 127.0.0.1:36862 random: Got 13/20 random bytes random: Only 13/20 bytes of strong random data available random: Not enough entropy pool available for secure operations WPA: Not enough entropy in random pool for secure operations - update keys later when the first station connects GMK - hexdump(len=32): [REMOVED] Key Counter - hexdump(len=32): [REMOVED] WPA: Delay group state machine start until Beacon frames have been configured nl80211: Set beacon (beacon_set=0) nl80211: Beacon head - hexdump(len=63): 80 00 00 00 ff ff ff ff ff ff 00 0e 8e 90 82 a7 00 0e 8e 90 82 a7 00 00 00 00 00 00 00 00 00 00 64 00 11 00 00 0c 48 32 2e 30 20 45 41 50 2d 53 49 4d 01 08 8c 12 98 24 b0 48 60 6c 03 01 30 nl80211: Beacon tail - hexdump(len=205): 07 2e 43 41 20 24 01 17 26 01 17 28 01 17 2a 01 17 2c 01 17 2e 01 17 30 01 17 95 01 1e 97 01 1e 99 01 1e 9b 01 1e 9d 01 1e 9f 01 1e a1 02 1e 00 30 18 01 00 00 0f ac 04 01 00 00 0f ac 04 02 00 00 0f ac 01 00 0f ac 05 8c 00 2d 1a 0c 00 13 ff ff 00 00 01 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 3d 16 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7f 08 00 00 00 80 00 40 00 40 6b 03 04 02 01 6c 02 7f 00 bf 0c 00 00 00 00 ff ff 00 00 ff ff 00 00 c0 05 00 00 00 fc ff c3 02 00 2e dd 18 00 50 f2 02 01 01 01 00 03 a4 00 00 27 a4 00 00 42 43 5e 00 62 32 2f 00 dd 07 50 6f 9a 10 24 00 00 nl80211: ifindex=4 nl80211: beacon_int=100 nl80211: beacon_rate=0 nl80211: rate_type=0 nl80211: dtim_period=2 nl80211: ssid=H2.0 EAP-SIM * beacon_int=100 * dtim_period=2 nl80211: hidden SSID not in use nl80211: privacy=1 nl80211: auth_algs=0x1 nl80211: wpa_version=0x2 nl80211: key_mgmt_suites=0x81 nl80211: pairwise_ciphers=0x10 nl80211: group_cipher=0x10 nl80211: SMPS mode - off nl80211: beacon_ies - hexdump(len=28): 7f 08 00 00 00 80 00 40 00 40 6b 03 04 02 01 6c 02 7f 00 dd 07 50 6f 9a 10 24 00 00 nl80211: proberesp_ies - hexdump(len=28): 7f 08 00 00 00 80 00 40 00 40 6b 03 04 02 01 6c 02 7f 00 dd 07 50 6f 9a 10 24 00 00 nl80211: assocresp_ies - hexdump(len=10): 7f 08 00 00 00 80 00 40 00 40 nl80211: multicast to unicast disabled on interface wlx000e8e9082a7 WPA: Start group state machine to set initial keys WPA: group state machine entering state GTK_INIT (VLAN-ID 0) GTK - hexdump(len=16): [REMOVED] IGTK - hexdump(len=16): [REMOVED] WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0) wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=3 addr=0x561270d06058 key_idx=1 set_tx=1 seq_len=0 key_len=16 nl80211: KEY_DATA - hexdump(len=16): [REMOVED] broadcast key wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=4 addr=0x561270d06058 key_idx=4 set_tx=1 seq_len=0 key_len=16 nl80211: KEY_DATA - hexdump(len=16): [REMOVED] broadcast key nl80211: set_key failed; err=-22 Invalid argument) WPA: group state machine entering state FATAL_FAILURE wlx000e8e9082a7: Flushing old station entries nl80211: flush -> DEL_STATION wlx000e8e9082a7 (all) wlx000e8e9082a7: Deauthenticate all stations nl80211: send_mlme - da= ff:ff:ff:ff:ff:ff noack=0 freq=0 no_cck=0 offchanok=0 wait_time=0 fc=0xc0 (WLAN_FC_STYPE_DEAUTH) nlmode=3 nl80211: send_mlme -> send_frame nl80211: send_frame - Use bss->freq=5240 nl80211: send_frame -> send_frame_cmd wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=0 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=1 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=2 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=3 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=4 set_tx=0 seq_len=0 key_len=0 wpa_driver_nl80211_set_key: ifindex=4 (wlx000e8e9082a7) alg=0 addr=(nil) key_idx=5 set_tx=0 seq_len=0 key_len=0 hostapd_free_hapd_data(wlx000e8e9082a7) Interface initialization failed wlx000e8e9082a7: interface state COUNTRY_UPDATE->DISABLED wlx000e8e9082a7: AP-DISABLED wlx000e8e9082a7: Unable to setup interface. hostapd_interface_deinit_free(0x561271ea9ef0) hostapd_interface_deinit_free: num_bss=1 conf->num_bss=1 hostapd_interface_deinit(0x561271ea9ef0) wlx000e8e9082a7: interface state DISABLED->DISABLED hostapd_bss_deinit: deinit bss wlx000e8e9082a7 wlx000e8e9082a7: Deauthenticate all stations nl80211: send_mlme - da= ff:ff:ff:ff:ff:ff noack=0 freq=0 no_cck=0 offchanok=0 wait_time=0 fc=0xc0 (WLAN_FC_STYPE_DEAUTH) nlmode=3 nl80211: send_mlme -> send_frame nl80211: send_frame - Use bss->freq=5240 nl80211: send_frame -> send_frame_cmd wlx000e8e9082a7: AP-DISABLED hostapd_cleanup(hapd=0x561271eab1c0 (wlx000e8e9082a7)) wlx000e8e9082a7: CTRL-EVENT-TERMINATING hostapd_free_hapd_data: Interface wlx000e8e9082a7 wasn't started hostapd_interface_deinit_free: driver=0x561270f4bca0 drv_priv=0x561271eaf700 -> hapd_deinit nl80211: deinit ifname=wlx000e8e9082a7 disabled_11b_rates=0 nl80211: Remove monitor interface: refcount=0 nl80211: Remove beacon (ifindex=4) netlink: Operstate: ifindex=4 linkmode=0 (kernel-control), operstate=6 (IF_OPER_UP) nl80211: Set mode ifindex 4 iftype 2 (STATION) nl80211: Failed to set interface 4 to mode 2: -16 (Device or resource busy) nl80211: Try mode change after setting interface down nl80211: Set mode ifindex 4 iftype 2 (STATION) nl80211: Mode change succeeded while interface is down nl80211: Teardown AP(wlx000e8e9082a7) - device_ap_sme=0 use_monitor=0 nl80211: Unsubscribe mgmt frames handle 0x8888de9af9639189 (AP teardown) hostapd_interface_free(0x561271ea9ef0) hostapd_interface_free: free hapd 0x561271eab1c0 hostapd_cleanup_iface(0x561271ea9ef0) hostapd_cleanup_iface_partial(0x561271ea9ef0) hostapd_cleanup_iface: free iface=0x561271ea9ef0' Thank you On Mon, Jan 20, 2020 at 3:10 PM Jouni Malinen <j@xxxxx> wrote: > > On Mon, Jan 20, 2020 at 02:21:53PM -0500, François Vergès wrote: > > I am using a Samsung Galaxy S4 running Android 5 to do my testing. I > > was also trying to connect with an iPhone Xe running the latest iOS > > release. > > My hostapd didn't have PMF enabled though. So it could make sense. > > Ah, in that case the AP configuration is not compliant with the > requirements. You'll have to enable PMF (ieee80211w=1) in AP > configuration whenever operating a Hotspot 2.0 Rel 2 or newer AP. > > > When I enable PMF in my configurations, the hostapd doesn't start and > > I get the error mentioned below. > > What is the error message when hostapd does not start with PMF enabled? > > -- > Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
