Search Linux Wireless

Re: brcmfmac SAE/WPA3 negotiation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



James,

I was messing with this some more. I was able to pull the latest
iwd-git that already has your patch in it and can confirm that using
iwd and the latest kernel that it will connect.
If I use iwctl, it works fine. If I use connmanctl, it does not unless
I have already connected using iwctl.

What happens, I think, in connmanctl is that it initiates a
connection, then says connected, but does not actually grab the dhcp
address.

connmanctl> agent on
Agent registered
connmanctl> connect wifi_d83addd2ae3c_6465736b534145_managed_psk
Agent RequestInput wifi_d83addd2ae3c_6465736b534145_managed_psk
  Passphrase = [ Type=psk, Requirement=mandatory ]
Passphrase? *******
connmanctl> services
  c deskSAE              wifi_d83addd2ae3c_6465736b534145_managed_psk
Connected wifi_d83addd2ae3c_6465736b534145_managed_psk
connmanctl> services
*AR deskSAE              wifi_d83addd2ae3c_6465736b534145_managed_psk

but no DHCP address:
# ifconfig wlan0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 169.254.182.158  netmask 255.255.0.0  broadcast 169.254.255.255
        inet6 fe80::da3a:ddff:fed2:ae3c  prefixlen 64  scopeid 0x20<link>
        ether d8:3a:dd:d2:ae:3c  txqueuelen 4000  (Ethernet)
        RX packets 1631  bytes 167645 (163.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 349  bytes 47812 (46.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

if I initiate the connection using iwctl, it works, connects, gets a
DHCP and I can ping the AP. The problem is something between connman
and iwd, I think.

I have tried this on the Pi3 with a v8 kernel and a pi5 using a 2712
kernel. Both have the latest firmware from infineon.
These are the versions of iwd and connman (I think they are up to date):
iwd-git/now 3.3.r0.g4b535cee-1 arm64 [installed,local]
connman-git/now 1.43.r4.g263e151f-1 arm64 [installed,local]
I thought I saw this behavior on the Pi3b+, but was unable to check it
as in depth as I have here on the Pi5.

Do you need a log or journal to debug what is going on?


On Thu, Dec 19, 2024 at 8:22 AM KeithG <ys3al35l@xxxxxxxxx> wrote:
>
> So, how do we get these in the rpi kernel source?
>
> I was testing this using a firmware from Infineon's repository which
> is a rev newer than what is in the RPi image. I will try it again
> tonight, but with the firmware which is shipped in the current,
> Bookworm RPi image. It is a rev back from the version I was using here
> to test this. It still does have external auth, so it may work as
> well. I'll let you know.
>
> Keith
>
> On Thu, Dec 19, 2024 at 7:43 AM James Prestwood <prestwoj@xxxxxxxxx> wrote:
> >
> > Hi Keith,
> >
> > On 12/19/24 5:38 AM, KeithG wrote:
> > > On Thu, Dec 19, 2024 at 6:46 AM James Prestwood <prestwoj@xxxxxxxxx> wrote:
> > >> Hi Keith,
> > >>
> > >> On 12/18/24 5:46 PM, KeithG wrote:
> > >>> On Wed, Dec 18, 2024 at 8:10 AM KeithG <ys3al35l@xxxxxxxxx> wrote:
> > >>>> On Wed, Dec 18, 2024 at 4:21 AM Arend van Spriel
> > >>>> <arend.vanspriel@xxxxxxxxxxxx> wrote:
> > >>>>> On 12/18/2024 1:21 AM, KeithG wrote:
> > >>>>>> On Tue, Dec 17, 2024 at 7:47 AM Arend van Spriel
> > >>>>>> <arend.vanspriel@xxxxxxxxxxxx> wrote:
> > >>>>>>>
> > >>>>>>> On 12/17/2024 1:13 AM, KeithG wrote:
> > >>>>>>>> On Mon, Dec 16, 2024 at 1:50 PM Arend van Spriel
> > >>>>>>>> <arend.vanspriel@xxxxxxxxxxxx> wrote:
> > >>>>>>>>> On 12/16/2024 1:21 PM, KeithG wrote:
> > >>>>>>>>>> On Mon, Dec 16, 2024 at 3:47 AM Arend van Spriel
> > >>>>>>>>>> <arend.vanspriel@xxxxxxxxxxxx> wrote:
> > >>>>>>>>>>> On 12/16/2024 10:43 AM, Arend van Spriel wrote:
> > >>>>>>>>>>>> On 12/16/2024 1:17 AM, KeithG wrote:
> > >>>>>>>>>>>>> On Sun, Dec 15, 2024 at 11:33 AM Arend Van Spriel
> > >>>>>>>>>>>>> <arend.vanspriel@xxxxxxxxxxxx> wrote:
> > >>>>>>>>>>>>>> On December 15, 2024 5:08:12 PM KeithG <ys3al35l@xxxxxxxxx> wrote:
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> On Sun, Dec 15, 2024 at 6:12 AM Arend van Spriel
> > >>>>>>>>>>>>>>> <arend.vanspriel@xxxxxxxxxxxx> wrote:
> > >>>>>>>>>>>>>>>> On 12/14/2024 2:34 PM, KeithG wrote:
> > >>>>>>>>>>>>>>>>> Arend,
> > >>>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>>> I looked through the info where I got the latest firmware:
> > >>>>>>>>>>>>>>>>> https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/Wi-Fi-
> > >>>>>>>>>>>>>>>>> A-class-Linux-Driver-release-FMAC-2024-11-21-Documents/td-p/905045
> > >>>>>>>>>>>>>>>>> https://community.infineon.com/t5/AIROC-Wi-Fi-and-Wi-Fi-Bluetooth/
> > >>>>>>>>>>>>>>>>> Cypress-Linux-WiFi-Driver-Release-FMAC-2024-11-21/td-p/902888
> > >>>>>>>>>>>>>>>>> and did not find anything, but I really do not know what I am
> > >>>>>>>>>>>>>>>>> looking for.
> > >>>>>>>>>>>>>>>> I think I had a bit more luck and maybe found the needle. I sent out
> > >>>>>>>>>>>>>>>> another RFT patch which hopefully gets rid of the BCME_BADLEN error.
> > >>>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>>> Regards,
> > >>>>>>>>>>>>>>>> Arend
> > >>>>>>>>>>>>>>> Arend,
> > >>>>>>>>>>>>>>>
> > >>>>>>>>>>>>>>> Can you send me a link to that patch? I want to try it.
> > >>>>>>>>>>>>>> Hmm. I explicitly sent it to you, but here is a link to patchwork:
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> https://patchwork.kernel.org/project/linux-wireless/
> > >>>>>>>>>>>>>> patch/20241215120401.238320-1-arend.vanspriel@xxxxxxxxxxxx/
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> You can apply it on top of the other 3 patches.
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>>> Regards,
> > >>>>>>>>>>>>>> Arend
> > >>>>>>>>>>>>>>
> > >>>>>>>>>>>>> Thanks! I got it.
> > >>>>>>>>>>>>> I am building now and have tried to apply what I think are the correct
> > >>>>>>>>>>>>> patches. They do not apply cleanly and I had to hand edit things. My
> > >>>>>>>>>>>>> guess is I messed something up.
> > >>>>>>>>>>>>> I will see what happens when I reboot. It'll take a few hours to build
> > >>>>>>>>>>>>> on my Pi4 then for me to install it on the 3b+ to test.
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> I hope I understand which are the '3 other' patches.
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> This is the one I got from your link:
> > >>>>>>>>>>>>> RFT-brcmfmac-Fix-structure-size-for-WPA3-external-SAE.diff
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> These are what I understand are the '3 other patches'
> > >>>>>>>>>>>>> RFT-v2-1-3-wifi-brcmfmac-support-per-vendor-cfg80211-callbacks-and-
> > >>>>>>>>>>>>> firmware-events.patch.diff
> > >>>>>>>>>>>>> RFT-v2-2-3-wifi-brcmfmac-make-per-vendor-event-map-const.patch.diff
> > >>>>>>>>>>>>> RFT-v2-3-3-wifi-brcmfmac-cyw-support-external-SAE-authentication-in-
> > >>>>>>>>>>>>> station-mode.patch.diff
> > >>>>>>>>>>>>>
> > >>>>>>>>>>>>> If they are not correct could you send me links to them and I'll try
> > >>>>>>>>>>>>> again.
> > >>>>>>>>>>>> You got it right. Kuddos.
> > >>>>>>>>>>> Ignored my spelling checker, but apparently it should be "kudos".
> > >>>>>>>>>>> Another lesson learned today.
> > >>>>>>>>>>>
> > >>>>>>>>>>> Regards,
> > >>>>>>>>>>> Arend
> > >>>>>>>>>> Arend,
> > >>>>>>>>>>
> > >>>>>>>>>> Thanks for the confirmation. My attempt at a hand edit to apply the
> > >>>>>>>>>> rejected portions resulted in a failed build with the current RPiOS
> > >>>>>>>>>> kernel in the git repo:
> > >>>>>>>>>> # uname -a
> > >>>>>>>>>> Linux jackrune 6.6.64-v8+ #6 SMP PREEMPT Sun Dec 15 23:55:30 CST 2024
> > >>>>>>>>>> aarch64 GNU/Linux
> > >>>>>>>>>>
> > >>>>>>>>>> When I try to apply them, I get this:
> > >>>>>>>>>> $ patch -Np1 -i
> > >>>>>>>>>> RFT-v2-1-3-wifi-brcmfmac-support-per-vendor-cfg80211-callbacks-and-firmware-events.patch.diff
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> > >>>>>>>>>> Hunk #1 FAILED at 6752.
> > >>>>>>>>>> 1 out of 1 hunk FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c
> > >>>>>>>>>> Hunk #1 succeeded at 524 (offset 33 lines).
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c
> > >>>>>>>>>> Hunk #1 FAILED at 1359.
> > >>>>>>>>>> 1 out of 1 hunk FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c
> > >>>>>>>>>> Hunk #1 succeeded at 74 (offset -1 lines).
> > >>>>>>>>>> Hunk #2 succeeded at 336 (offset -70 lines).
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwvid.h
> > >>>>>>>>>> Hunk #1 FAILED at 15.
> > >>>>>>>>>> Hunk #2 succeeded at 47 with fuzz 1 (offset -9 lines).
> > >>>>>>>>>> 1 out of 2 hunks FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwvid.h.rej
> > >>>>>>>>>> $ patch -Np1 -i RFT-v2-
> > >>>>>>>>>> RFT-v2-1-3-wifi-brcmfmac-support-per-vendor-cfg80211-callbacks-and-firmware-events.patch.diff
> > >>>>>>>>>> RFT-v2-2-3-wifi-brcmfmac-make-per-vendor-event-map-const.patch.diff
> > >>>>>>>>>> RFT-v2-3-3-wifi-brcmfmac-cyw-support-external-SAE-authentication-in-station-mode.patch.diff
> > >>>>>>>>>> $ patch -Np1 -i
> > >>>>>>>>>> RFT-v2-2-3-wifi-brcmfmac-make-per-vendor-event-map-const.patch.diff
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.h
> > >>>>>>>>>> Hunk #1 FAILED at 337.
> > >>>>>>>>>> 1 out of 1 hunk FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.h.rej
> > >>>>>>>>>> $ patch -Np1 -i
> > >>>>>>>>>> RFT-v2-3-3-wifi-brcmfmac-cyw-support-external-SAE-authentication-in-station-mode.patch.diff
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c
> > >>>>>>>>>> Hunk #1 succeeded at 75 (offset 1 line).
> > >>>>>>>>>> Hunk #2 FAILED at 1940.
> > >>>>>>>>>> Hunk #3 FAILED at 2158.
> > >>>>>>>>>> Hunk #4 FAILED at 2216.
> > >>>>>>>>>> Hunk #5 succeeded at 5522 (offset 22 lines).
> > >>>>>>>>>> Hunk #6 succeeded at 5697 (offset 90 lines).
> > >>>>>>>>>> Hunk #7 succeeded at 6126 (offset 125 lines).
> > >>>>>>>>>> Hunk #8 succeeded at 7596 with fuzz 1 (offset 255 lines).
> > >>>>>>>>>> Hunk #9 FAILED at 7647.
> > >>>>>>>>>> 4 out of 9 hunks FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h
> > >>>>>>>>>> Hunk #3 succeeded at 243 (offset 15 lines).
> > >>>>>>>>>> Hunk #4 FAILED at 244.
> > >>>>>>>>>> Hunk #5 succeeded at 507 (offset 18 lines).
> > >>>>>>>>>> 1 out of 5 hunks FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.h.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/cyw/core.c
> > >>>>>>>>>> Hunk #1 FAILED at 8.
> > >>>>>>>>>> Hunk #2 FAILED at 39.
> > >>>>>>>>>> Hunk #3 FAILED at 49.
> > >>>>>>>>>> 3 out of 3 hunks FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/cyw/core.c.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/cyw/fwil_types.h
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c
> > >>>>>>>>>> Hunk #1 FAILED at 42.
> > >>>>>>>>>> 1 out of 1 hunk FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.c.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/feature.h
> > >>>>>>>>>> Hunk #1 succeeded at 32 with fuzz 2 (offset 1 line).
> > >>>>>>>>>> Hunk #2 succeeded at 60 with fuzz 1 (offset 2 lines).
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c
> > >>>>>>>>>> Hunk #1 FAILED at 450.
> > >>>>>>>>>> 1 out of 1 hunk FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.h
> > >>>>>>>>>> Hunk #1 FAILED at 94.
> > >>>>>>>>>> 1 out of 1 hunk FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.h.rej
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwvid.h
> > >>>>>>>>>> Hunk #1 FAILED at 15.
> > >>>>>>>>>> Hunk #2 succeeded at 47 with fuzz 1 (offset -11 lines).
> > >>>>>>>>>> 1 out of 2 hunks FAILED -- saving rejects to file
> > >>>>>>>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwvid.h.r
> > >>>>>>>>>> $ patch -Np1 -i RFT-brcmfmac-Fix-structure-size-for-WPA3-external-SAE.diff
> > >>>>>>>>>> patching file drivers/net/wireless/broadcom/brcm80211/brcmfmac/cyw/fwil_types.h
> > >>>>>>>>>>
> > >>>>>>>>>> Is there another missing patch?
> > >>>>>>>>>>
> > >>>>>>>>>> The kernel for the RPi is at this commit:
> > >>>>>>>>>> commit 80533a952218696c0ef1b346bab50dc401e6b74c (HEAD -> rpi-6.6.y,
> > >>>>>>>>>> origin/rpi-6.6.y, origin/HEAD)
> > >>>>>>> So what repository does origin refer to. Can you share the URL?
> > >>>>>>>
> > >>>>>>> I will check if I posted any patches between 6.6 and 6.10+ Get back to
> > >>>>>>> this later o
> > >>>>>>>
> > >>>>>>> Regards,
> > >>>>>>> Arend
> > >>>>>> Arend,
> > >>>>>>
> > >>>>>> I am using the RaspberryPi repo:
> > >>>>>> https://github.com/raspberrypi/linux
> > >>>>> I was afraid you would say that. So we need to determine what brcmfmac
> > >>>>> patches are in there compared to upstream kernel. So checking the code I
> > >>>>> think you should apply only the "Fix-structure-size" patch to
> > >>>>> drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil_types.h. Let me
> > >>>>> know if that works for you.
> > >>>>>
> > >>>>> Gr. AvS
> > >>>> Arend,
> > >>>>
> > >>>> That patch applied to the file in the folder you suggested. I am
> > >>>> building a kernel now and will see any changes this evening. Thanks
> > >>>> for the help.
> > >>>>
> > >>>> Regards,
> > >>>>
> > >>>> Keith
> > >>> Arend,
> > >>>
> > >>> Thanks for the guidance and help.
> > >>>
> > >>> I tried with the patched kernel and was unable to connect. The 2
> > >>> attached files are the log with brcmfmac debugging and iwd debugging
> > >>> turned o. and the other is an iwmon capture of an attempt to connect.
> > >>> This time, though, I get no IP address at all. Just an error out when
> > >>> I try to connect using iwctl. I get:
> > >>>
> > >>> [iwd]# station wlan0 connect deskSAE
> > >>> Type the network passphrase for deskSAE psk.
> > >>> Passphrase: *********
> > >>> Operation failed
> > >>> NetworkConfigurationEnabled: enabled
> > >>> StateDirectory: /var/lib/iwd
> > >>> Version: 3.1
> > >>> This is with kernel:
> > >>> Linux jackrune 6.6.66-v8+ #7 SMP PREEMPT Wed Dec 18 10:18:01 CST 2024
> > >>> aarch64 GNU/Linux
> > >>> and this firmware:
> > >>> Dec 18 19:37:08 jackrune kernel: brcmfmac: brcmf_fw_alloc_request:
> > >>> using brcm/brcmfmac43455-sdio for chip BCM4345/6
> > >>> Dec 18 19:37:08 jackrune kernel: usbcore: registered new interface
> > >>> driver brcmfmac
> > >>> Dec 18 19:37:09 jackrune kernel: brcmfmac: brcmf_c_process_txcap_blob:
> > >>> no txcap_blob available (err=-2)
> > >>> Dec 18 19:37:09 jackrune kernel: brcmfmac: brcmf_c_preinit_dcmds:
> > >>> Firmware: BCM4345/6 wl0: Oct 28 2024 23:27:00 version 7.45.286
> > >>> (be70ab3 CY) FWID 01-95efe7fa
> > >> Even closer this time. I've just sent a patch to the IWD mailing list.
> > >> Please try that along with Arend's kernel patch.
> > >>
> > >> Thanks,
> > >>
> > >> James
> > >>
> > >>> Keith
> > > James,
> > >
> > > It worked. I built iwd then tried to connect via iwctl and it
> > > connected to a WPA3 AP. I got an IP and I can ping the AP from the
> > > RPi.! It is a first! Woot Woot!
> > >
> > > [iwd]# station wlan0 connect deskSAE
> > >                                 Available networks
> > > --------------------------------------------------------------------------------
> > >        Network name                      Security            Signal
> > > --------------------------------------------------------------------------------
> > >        deskSAE                           psk                 ****
> > >
> > > Type the network passphrase for deskSAE psk.
> > > Passphrase: *********
> > >
> > > When I go to connman, it shows connected and I can ping.
> > >
> > > (clear out configs and reboot)
> > > When I tried from connmanctl it also connects! Seems with this patch
> > > to iwd and Arend's patch to the driver that WPA3 now works with RPis
> > >
> > > I had to apply Arend's patch to the 6.6.y source which has the
> > > brcm80211 structured a bit differently and the file to patch is in a
> > > different folder. the patch, corrected for 6.6.y, is attached.
> >
> > Great! That's good to hear. It took a while but glad its finally
> > working. We'll get that patch to IWD upstreamed, or at least some
> > version of it. And thanks Arend for providing the support on the kernel
> > side of things.
> >
> > Thanks,
> >
> > James
> >
> > >
> > > Keith





[Index of Archives]     [Linux Host AP]     [ATH6KL]     [Linux Wireless Personal Area Network]     [Linux Bluetooth]     [Wireless Regulations]     [Linux Netdev]     [Kernel Newbies]     [Linux Kernel]     [IDE]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Hiking]     [MIPS Linux]     [ARM Linux]     [Linux RAID]

  Powered by Linux