Re: [BUG?] b43: can't connect to WPA3 network (nohwcrypt=1)

[Larry Finger <Larry.Finger@xxxxxxxxxxxx>]

On 5/19/20 9:18 AM, Rui Salvaterra wrote:
> Hi, everyone!
>
> I've been trying to connect to a WPA3 (personal, not enterprise)
> network but, as expected, the connection always fails with hardware
> encryption (most likely due to mandatory MFP, which the hardware won't
> do). What I didn't expect was to have the exact same problem when
> using software crypto. I've tried with other devices, and they work
> fine. One thing I noticed is this: for example, a Ralink RT2790
> device, on another machine, shows the following supported cyphers with
> hardware crypto…
>
>          * WEP40 (00-0f-ac:1)
>          * WEP104 (00-0f-ac:5)
>          * TKIP (00-0f-ac:2)
>          * CCMP-128 (00-0f-ac:4)
>          * CCMP-256 (00-0f-ac:10)
>          * GCMP-128 (00-0f-ac:8)
>          * GCMP-256 (00-0f-ac:9)
>
> … and with software crypto…
>
>          * WEP40 (00-0f-ac:1)
>          * WEP104 (00-0f-ac:5)
>          * TKIP (00-0f-ac:2)
>          * CCMP-128 (00-0f-ac:4)
>          * CCMP-256 (00-0f-ac:10)
>          * GCMP-128 (00-0f-ac:8)
>          * GCMP-256 (00-0f-ac:9)
>          * CMAC (00-0f-ac:6)
>          * CMAC-256 (00-0f-ac:13)
>          * GMAC-128 (00-0f-ac:11)
>          * GMAC-256 (00-0f-ac:12)
>
> … while b43 shows exactly the same in both modes…
>
>          * WEP40 (00-0f-ac:1)
>          * WEP104 (00-0f-ac:5)
>          * TKIP (00-0f-ac:2)
>          * CCMP-128 (00-0f-ac:4)
>          * CCMP-256 (00-0f-ac:10)
>          * GCMP-128 (00-0f-ac:8)
>          * GCMP-256 (00-0f-ac:9)
>
> This is a BCM4318 device (PCI ID 14e4:4318), but I don't know if
> that's relevant.
> Is this behaviour expected?
>
> Thanks in advance,
> Rui

Rui,

From other drivers, it appears that handling WPA3 might be as simple as setting 
MFP_CAPABLE in the hardware capabilities. Please try this patch:

diff --git a/drivers/net/wireless/broadcom/b43/main.c 
b/drivers/net/wireless/broadcom/b43/main.c
index 39da1a4c30ac..e944fe2e9ac7 100644
--- a/drivers/net/wireless/broadcom/b43/main.c
+++ b/drivers/net/wireless/broadcom/b43/main.c
@@ -4162,8 +4162,11 @@ static int b43_op_set_key(struct ieee80211_hw *hw, enum 
set_key_cmd cmd,
        int err;
        static const u8 bcast_addr[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 
0xff };

-       if (modparam_nohwcrypt)
+       if (modparam_nohwcrypt) {
+               /* User disabled HW-crypto - enable MFP (WPA3) */
+               ieee80211_hw_set(hw, MFP_CAPABLE);
                return -ENOSPC; /* User disabled HW-crypto */
+       }

        if ((vif->type == NL80211_IFTYPE_ADHOC ||
             vif->type == NL80211_IFTYPE_MESH_POINT) &&

I have no way of testing other than to compile.

Larry