Re: [PATCH V2] rsi: fix AP mode with WPA failure due to encrypted EAPOL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Martin Fuzzey <martin.fuzzey@flowbird.group> wrote:

> In AP mode WPA2-PSK connections were not established.
> 
> The reason was that the AP was sending the first message
> of the 4 way handshake encrypted, even though no pairwise
> key had (correctly) yet been set.
> 
> Encryption was enabled if the "security_enable" driver flag
> was set and encryption was not explicitly disabled by
> IEEE80211_TX_INTFL_DONT_ENCRYPT.
> 
> However security_enable was set when *any* key, including
> the AP GTK key, had been set which was causing unwanted
> encryption even if no key was avaialble for the unicast
> packet to be sent.
> 
> Fix this by adding a check that we have a key and drop
> the old security_enable driver flag which is insufficient
> and redundant.
> 
> The Redpine downstream out of tree driver does it this way too.
> 
> Regarding the Fixes tag the actual code being modified was
> introduced earlier, with the original driver submission, in
> dad0d04fa7ba ("rsi: Add RS9113 wireless driver"), however
> at that time AP mode was not yet supported so there was
> no bug at that point.
> 
> So I have tagged the introduction of AP support instead
> which was part of the patch set "rsi: support for AP mode" [1]
> 
> It is not clear whether AP WPA has ever worked, I can see nothing
> on the kernel side that broke it afterwards yet the AP support
> patch series says "Tests are performed to confirm aggregation,
> connections in WEP and WPA/WPA2 security."
> 
> One possibility is that the initial tests were done with a modified
> userspace (hostapd).
> 
> [1] https://www.spinics.net/lists/linux-wireless/msg165302.html
> 
> Signed-off-by: Martin Fuzzey <martin.fuzzey@flowbird.group>
> Fixes: 38ef62353acb ("rsi: security enhancements for AP mode")
> CC: stable@xxxxxxxxxxxxxxx

Patch applied to wireless-drivers-next.git, thanks.

314538041b56 rsi: fix AP mode with WPA failure due to encrypted EAPOL

-- 
https://patchwork.kernel.org/project/linux-wireless/patch/1622564459-24430-1-git-send-email-martin.fuzzey@flowbird.group/

https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches




[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux