Search Linux Wireless

Re: brcmfmac SAE/WPA3 negotiation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Dec 13, 2024 at 11:35 AM Arend Van Spriel
<arend.vanspriel@xxxxxxxxxxxx> wrote:
>
> On December 13, 2024 4:13:17 PM KeithG <ys3al35l@xxxxxxxxx> wrote:
>
> > On Thu, Dec 12, 2024 at 2:17 PM Arend van Spriel
> > <arend.vanspriel@xxxxxxxxxxxx> wrote:
> >>
> >> On 12/12/2024 3:24 PM, KeithG wrote:
> >>> Based on a hunch that brcmfmac dbug might reveal something, I turned
> >>> it on to see what turned up. I attempted the same as before: using iwd
> >>> to connect to the WPA3 AP.
> >>>
> >>> [iwd]# station wlan0 connect deskSAE
> >>> Type the network passphrase for deskSAE psk.
> >>> Passphrase: *********
> >>> [iwd]# station wlan0 show
> >>>                            Station: wlan0
> >>> --------------------------------------------------------------------------------
> >>> Settable  Property              Value
> >>> --------------------------------------------------------------------------------
> >>>       Scanning              no
> >>>       State                 connecting
> >>>       Connected network     deskSAE
> >>>       IPv4 address          169.254.203.147
> >>>
> >>> the attached log shows brcmfmac debug
> >>>
> >>> it always shows 'State connecting' never connected.
> >>>
> >>> Is one of these what is causing it to error out:
> >>> Dec 09 18:11:06 jackrune kernel: brcmfmac: brcmf_fil_cmd_data Firmware
> >>> error: BCME_UNSUPPORTED (-23)
> >>> Dec 09 18:11:06 jackrune kernel: brcmfmac: brcmf_fil_iovar_data_get
> >>> ifidx=0, name=tdls_sta_info, len=296, err=-52
> >>> ...
> >>> Dec 09 18:11:06 jackrune kernel: brcmfmac: brcmf_fil_cmd_data Firmware
> >>> error: BCME_BADADDR (-21)
> >>> Dec 09 18:11:06 jackrune kernel: brcmfmac: brcmf_fil_iovar_data_get
> >>> ifidx=0, name=sta_info, len=296, err=-52
> >>> ...
> >>> Dec 09 18:33:32 jackrune kernel: ieee80211 phy0:
> >>> brcmf_cfg80211_get_station: GET STA INFO failed, -52
> >>>
> >>> I do not know what BCME is.
> >>
> >> BCME are the error codes produced by the firmware. Without debug prints
> >> you will only see a generic error code, ie. -52 (-EBADE). So you always
> >> see the "Firmware error" message following by the "generic" error
> >> message. It is not truly generic as it mentions the command name. So the
> >> above says the command "tdls_sta_info" is unsupported and the mac
> >> address provided in the "sta_info" command is not found in firmware.
> >>
> >> Looking at the log I see periodically:
> >>
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_fil_cmd_data Firmware
> >> error: BCME_NOTASSOCIATED (-17)
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_fil_cmd_data_get
> >> ifidx=0, cmd=23, len=6, err=-52
> >>
> >> According fwil.h the driver sends BRCMF_C_GET_BSSID command. When
> >> associated is returns the BSSID of your AP. As you are not yet
> >> associated it fails. Not really related to the external auth procedure I
> >> think.
> >>
> >> The following is more interesting:
> >>
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_cfg80211_external_auth
> >> Enter
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_fil_iovar_data_set
> >> ifidx=0, name=auth_status, len=44
> >> Dec 09 18:32:55 jackrune kernel: brcmutil: data
> >> Dec 09 18:32:55 jackrune kernel: 00000000: 04 00 d8 3a dd 60 a3 0c 07 00
> >> 00 00 64 65 73 6b  ...:.`......desk
> >> Dec 09 18:32:55 jackrune kernel: 00000010: 53 41 45 00 00 00 00 00 00 00
> >> 00 00 00 00 00 00  SAE.............
> >> Dec 09 18:32:55 jackrune kernel: 00000020: 00 00 00 00 00 00 00 00 00 00
> >> 00 00              ............
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_sdio_bus_txctl Enter
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_sdio_bus_rxctl Enter
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_sdio_isr Enter
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_sdio_bus_rxctl resumed
> >> on rxctl frame, got 72 expected 72
> >> Dec 09 18:32:55 jackrune kernel: brcmfmac: brcmf_fil_cmd_data Firmware
> >> error: BCME_BADLEN (-24)
> >> Dec 09 18:32:55 jackrune kernel: ieee80211 phy0:
> >> brcmf_cfg80211_external_auth: auth_status iovar failed: ret=-52
> >>
> >> So the "auth_status" command fails and the firmware error code indicates
> >> the length is invalid. The length of the "auth_status" command as sent
> >> by the driver to the device is 44 and apparently the firmware expects
> >> some other length. Here is what I did in my patch:
> >>
> >> +static int
> >> +brcmf_cyw_external_auth(struct wiphy *wiphy, struct net_device *dev,
> >> +                       struct cfg80211_external_auth_params *params)
> >> +{
> >> +       struct brcmf_if *ifp;
> >> +       struct brcmf_pub *drvr;
> >> +       struct brcmf_auth_req_status_le auth_status;
> >> +       int ret = 0;
> >> +
> >> +       brcmf_dbg(TRACE, "Enter\n");
> >> +
> >> +       ifp = netdev_priv(dev);
> >> +       drvr = ifp->drvr;
> >> +       if (params->status == WLAN_STATUS_SUCCESS) {
> >> +               auth_status.flags = cpu_to_le16(BRCMF_EXTAUTH_SUCCESS);
> >> +       } else {
> >> +               bphy_err(drvr, "External authentication failed: status=%d\n",
> >> +                        params->status);
> >> +               auth_status.flags = cpu_to_le16(BRCMF_EXTAUTH_FAIL);
> >> +       }
> >> +
> >> +       memcpy(auth_status.peer_mac, params->bssid, ETH_ALEN);
> >> +       auth_status.ssid_len = cpu_to_le32(min_t(u8, params->ssid.ssid_len,
> >> +                                                IEEE80211_MAX_SSID_LEN));
> >> +       memcpy(auth_status.ssid, params->ssid.ssid, auth_status.ssid_len);
> >> +
> >> +       ret = brcmf_fil_iovar_data_set(ifp, "auth_status", &auth_status,
> >> +                                      sizeof(auth_status));
> >> +       if (ret < 0)
> >> +               bphy_err(drvr, "auth_status iovar failed: ret=%d\n", ret);
> >> +
> >> +       return ret;
> >> +}
> >>
> >> So the type struct brcmf_auth_req_status_le is used for external auth
> >> request and for auth_status. Maybe for the "auth_status" it only needs a
> >> subset of fields. Here is the struct declaration:
> >>
> >> +/**
> >> + * struct brcmf_auth_req_status_le - external auth request and status
> >> update
> >> + *
> >> + * @flags: flags for external auth status
> >> + * @peer_mac: peer MAC address
> >> + * @ssid_len: length of ssid
> >> + * @ssid: ssid characters
> >> + */
> >> +struct brcmf_auth_req_status_le {
> >> +       __le16 flags;
> >> +       u8 peer_mac[ETH_ALEN];
> >> +       __le32 ssid_len;
> >> +       u8 ssid[IEEE80211_MAX_SSID_LEN];
> >> +};
> >>
> >> Maybe flags and peer_mac is sufficient? That would be 8 bytes so can you
> >> try and change brcmf_cyw_external_auth() such that it does:
> >>
> >> +       ret = brcmf_fil_iovar_data_set(ifp, "auth_status", &auth_status, 8);
> >>
> >> Without firmware source code we can only guess.
> >>
> >> Regards,
> >> Arend
> >>
> >>> On Mon, Dec 9, 2024 at 8:30 AM KeithG <ys3al35l@xxxxxxxxx> wrote:
> >>>>
> >>>> I poked at this a while back and decided to try it again over the weekend.
> >>>>
> >>>> Infineon has released a new firmware:
> >>>> Firmware: BCM4345/6 wl0: Oct 28 2024 23:27:00 version 7.45.286
> >>>> (be70ab3 CY) FWID 01-95efe7fa
> >>>> it is not in the RPiOS release, yet, but I installed it on a Pi3B+ and
> >>>> decided to give it a try. I have an AP running WPA3 personal on a
> >>>> desktop in the home and can connect to it with my phone as proof that
> >>>> it 'works'.
> >>>>
> >>>> I tried to connect to it once again from the Pi while running this new
> >>>> firmware. It gets closer than last time I checked, but it does not
> >>>> actually negotiate a functional connection.
> >>>> I tried with connman/iwd, NetworkManager/iwd and it gets close, but
> >>>> still errors out. I get a number of these in the iwmon log:
> >>>>
> >>>>> Response: Get Station (0x11) len 4                                  38.439787
> >>>> Status: Invalid exchange (52)
> >>>>
> >>>> Can I probe this further to assist in diagnosing the cause and
> >>>> potentially help with a solution?
> >>>> The log is attached.
> >>>>
> >>>> Regards,
> >>>>
> >>>> Keith
> > Arend,
> >
> > Does this iwmon log help at all.
>
> Probably not. The issue seems to be between driver and firmware.
>
> If there is anyone out there that successfully used the ext_auth with
> downstream ifx driver they could create the same log and see what length
> the auth_status command uses.
>
> I'll see what I can find.
>
> Regards,
> Arend

Arend,

I took a look anyway.

Don't know exactly what I am looking at, but it seems that this is
where it goes sideways:

> Event: Frame (0x3b) len 120                                          7.530849
    Wiphy: 0 (0x00000000)
    Interface Index: 3 (0x00000003)
    Wireless Device: 1 (0x0000000000000001)
    Wiphy Frequency: 2412 (0x0000096c)
    Unknown: 290 len 4
        00 00 00 00                                      ....
    Frame: len 64
        Frame Type: 0x00b0
            Type: Management (0)
            Authentication:
                Frame Control: protocol: 00 type: 00 subtype: 11 to:
00 from: 00 more_frags: 00
                    retry: 00 power_mgmt: 00 more_data: 00 protected:
00 order: 00
                Duration: 0
                Address 1 (RA): B8:27:EB:A4:6E:0F
                Address 2 (TA): D8:3A:DD:60:A3:0C
                Address 3: 00:00:00:00:00:00
                Fragment Number: 0
                Sequence Number: 0
                Algorithm: SAE (seq: 2, status: 0)
                IEs: len 34
                    Error decoding Supported rates IE len 0: Invalid
argument (-22)
        b0 00 00 00 b8 27 eb a4 6e 0f d8 3a dd 60 a3 0c  .....'..n..:.`..
        00 00 00 00 00 00 00 00 03 00 02 00 00 00 01 00  ................
        b3 a1 af e2 4c 57 c9 0d 5e 56 0d 70 91 58 e1 53  ....LW..^V.p.X.S
        5c 1c 6c 20 05 78 9b d9 81 ce b9 b8 f4 8b a8 c7  \.l .x..........
    RX Management Flags: 2 (0x00000002)
< Request: External Auth (0x7f) len 40 [ack]                           7.531125
    Interface Index: 3 (0x00000003)
    Status Code: 0 (0x0000)
    SSID: len 7
        64 65 73 6b 53 41 45                             deskSAE
    BSSID D8:3A:DD:60:A3:0C
> Response: External Auth (0x7f) len 4                                 7.531626
    Status: Invalid exchange (52)
< Request: Get Station (0x11) len 20 [ack]                             8.410689
    Interface Index: 3 (0x00000003)
    MAC Address D8:3A:DD:60:A3:0C
> Response: Get Station (0x11) len 4                                   8.415045
    Status: Invalid exchange (52)





[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux