FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Kernel

 
 
LinkBack Thread Tools
 
Old 02-27-2012, 04:33 AM
Ben Hutchings
 
Default Bug#651199: iwlwifi WPA-TKIP crypto failure after group rekeying

Several Debian users (cc'd) have reported a regression in iwlagn in
Linux 3.1, not fixed in 3.2. The full bug log is at:

http://bugs.debian.org/651199

To summarise, a WPA-TKIP managed connection stops passing traffic and
the kernel log shows the message "WPA: Group rekeying". This apparently
doesn't happen if the connection is in heavy use at the time or with
module parameter swcrypto=1. WPA2 is not affected either.

Ben.

--
Ben Hutchings
Q. Which is the greater problem in the world today, ignorance or apathy?
A. I don't know and I couldn't care less.
 
Old 02-27-2012, 08:02 AM
Johannes Berg
 
Default Bug#651199: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi Ben,

Thanks for the report.

On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:
> Several Debian users (cc'd) have reported a regression in iwlagn in
> Linux 3.1, not fixed in 3.2. The full bug log is at:
>
> http://bugs.debian.org/651199
>
> To summarise, a WPA-TKIP managed connection stops passing traffic and
> the kernel log shows the message "WPA: Group rekeying". This apparently
> doesn't happen if the connection is in heavy use at the time or with
> module parameter swcrypto=1. WPA2 is not affected either.

I think this is due to my patch "iwlagn: rewrite HW crypto" which
accidentally broke key *removal* (of all things), which causes issues
when the first GTK is removed on the second rekeying.

This patch
http://git.kernel.org/?p=linux/kernel/git/iwlwifi/iwlwifi.git;a=commitdiff;h=5dcbf480473f6c3f06ad242 6b7517038a2a18911

should fix it. Wey has sent it to John, but he hasn't picked it up yet
for some reason -- it's also marked for stable.

It'd be great to get confirmation that this is the problem, I'm not sure
I'll find time today to reproduce the problem.

johannes




--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1330333354.3483.6.camel@jlt3.sipsolutions.net">htt p://lists.debian.org/1330333354.3483.6.camel@jlt3.sipsolutions.net
 
Old 02-27-2012, 12:59 PM
"Guy, Wey-Yi"
 
Default Bug#651199: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi Ben/Johannes,

On Mon, 2012-02-27 at 10:02 +0100, Johannes Berg wrote:
> Hi Ben,
>
> Thanks for the report.
>
> On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:
> > Several Debian users (cc'd) have reported a regression in iwlagn in
> > Linux 3.1, not fixed in 3.2. The full bug log is at:
> >
> > http://bugs.debian.org/651199
> >
> > To summarise, a WPA-TKIP managed connection stops passing traffic and
> > the kernel log shows the message "WPA: Group rekeying". This apparently
> > doesn't happen if the connection is in heavy use at the time or with
> > module parameter swcrypto=1. WPA2 is not affected either.
>
> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> http://git.kernel.org/?p=linux/kernel/git/iwlwifi/iwlwifi.git;a=commitdiff;h=5dcbf480473f6c3f06ad242 6b7517038a2a18911
>
> should fix it. Wey has sent it to John, but he hasn't picked it up yet
> for some reason -- it's also marked for stable.
>
> It'd be great to get confirmation that this is the problem, I'm not sure
> I'll find time today to reproduce the problem.
>
John merge the patch 5 days ago anf yuo can find it in wireless-testing
tree

authorJohannes Berg <johannes.berg@intel.com> Fri, 17 Feb 2012 17:47:14
+0000 (09:47 -0800) committerJohn W. Linville <linville@tuxdriver.com>
Tue, 21 Feb 2012 19:45:26 +0000 (14:45 -0500)
commit5dcbf480473f6c3f06ad2426b7517038a2a18911
tree66d2cbefee018ff46d499e0aeab573aa94558353tree | snapshot
parent7be081539e540517d5e1fcbf96b8080074afbf08comm it | diff

Wey

>





--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1330351178.12612.3.camel@wwguy-huron">http://lists.debian.org/1330351178.12612.3.camel@wwguy-huron
 
Old 02-28-2012, 01:02 AM
Jonathan Nieder
 
Default Bug#651199: iwlwifi WPA-TKIP crypto failure after group rekeying

tags 651199 = upstream patch
quit

Johannes Berg wrote:

> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
>
> should fix it.

Thanks. The fix is in Linville's wireless tree, hence in linux-next.
I've attached it as a patch against 3.2.y in case someone wants to
try it.

(Instructions:

# prerequisites
apt-get install git build-essential

# get a copy of the kernel
git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
cd linux

# fetch point releases
git remote add -f stable
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git

# try 3.2.y
git checkout stable/linux-3.2.y
cp /boot/config-$(uname -r) .config; # current configuration
make localmodconfig; # optional: minimize configuration
make deb-pkg; # optionally with -j<num> for parallel build
dpkg -i ../<name of package>
reboot

# hopefully it reproduces the problem, so try the patch:
git am -3sc thepatch
make deb-pkg; # maybe with -j4
dpkg -i ../<name of package>
reboot
)
From: Johannes Berg <johannes.berg@intel.com>
Date: Fri, 17 Feb 2012 09:47:14 -0800
Subject: iwlwifi: fix key removal

commit 5dcbf480473f6c3f06ad2426b7517038a2a18911 upstream.

When trying to remove a key, we always send key
flags just setting the key type, not including
the multicast flag and the key ID. As a result,
whenever any key was removed, the unicast key 0
would be removed, causing a complete connection
loss after the second rekey (the first doesn't
cause a key removal). Fix the key removal code
to include the key ID and multicast flag, thus
removing the correct key.

Reported-by: Alexander Schnaidt <alex.schnaidt@googlemail.com>
Tested-by: Alexander Schnaidt <alex.schnaidt@googlemail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
---
drivers/net/wireless/iwlwifi/iwl-agn-sta.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/drivers/net/wireless/iwlwifi/iwl-agn-sta.c b/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
index 4b2aa1da0953..5cfb3d17a2bc 100644
--- a/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
+++ b/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
@@ -1211,6 +1211,7 @@ int iwl_remove_dynamic_key(struct iwl_priv *priv,
unsigned long flags;
struct iwl_addsta_cmd sta_cmd;
u8 sta_id = iwlagn_key_sta_id(priv, ctx->vif, sta);
+ __le16 key_flags;

/* if station isn't there, neither is the key */
if (sta_id == IWL_INVALID_STATION)
@@ -1236,7 +1237,14 @@ int iwl_remove_dynamic_key(struct iwl_priv *priv,
IWL_ERR(priv, "offset %d not used in uCode key table.
",
keyconf->hw_key_idx);

- sta_cmd.key.key_flags = STA_KEY_FLG_NO_ENC | STA_KEY_FLG_INVALID;
+ key_flags = cpu_to_le16(keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
+ key_flags |= STA_KEY_FLG_MAP_KEY_MSK | STA_KEY_FLG_NO_ENC |
+ STA_KEY_FLG_INVALID;
+
+ if (!(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE))
+ key_flags |= STA_KEY_MULTICAST_MSK;
+
+ sta_cmd.key.key_flags = key_flags;
sta_cmd.key.key_offset = WEP_INVALID_OFFSET;
sta_cmd.sta.modify_mask = STA_MODIFY_KEY_MASK;
sta_cmd.mode = STA_CONTROL_MODIFY_MSK;
--
1.7.9.2
 
Old 03-05-2012, 12:35 AM
Shawn Thompson
 
Default Bug#651199: iwlwifi WPA-TKIP crypto failure after group rekeying

Just tried the patch from message #133 and it worked against 3.2.9 as well as 3.3.0-rc6 (master as of the time I cloned earlier today) with no other modifications to the instructions contained in that message. The patch appears to be holding up, after at least two successful rekeyings the connection continued to remain active.


Thanks!Shawn "prjktdtnt" Thompson
 
Old 03-05-2012, 03:53 AM
Jonathan Nieder
 
Default Bug#651199: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi,

Johannes Berg wrote:
> On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:

>> To summarise, a WPA-TKIP managed connection stops passing traffic and
>> the kernel log shows the message "WPA: Group rekeying". This apparently
>> doesn't happen if the connection is in heavy use at the time or with
>> module parameter swcrypto=1. WPA2 is not affected either.
>
> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
>
> should fix it. Wey has sent it to John
[...]
> it's also marked for stable.

Shawn Thompson (cc-ed) tested the patch against 3.2.9 and 3.3-rc6 and
found it to work[1]. What can interested people do to help usher this
into mainline?

(To recap, this was a regression introduced between 3.0 and 3.1,
presumably by v3.1-rc1~24^2~10^2^2~37.)

Thanks,
Jonathan

[1] http://bugs.debian.org/651199#147



--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20120305045334.GF30344@burratino">http://lists.debian.org/20120305045334.GF30344@burratino
 
Old 03-05-2012, 05:52 AM
Johannes Berg
 
Default Bug#651199: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi,

> >> To summarise, a WPA-TKIP managed connection stops passing traffic and
> >> the kernel log shows the message "WPA: Group rekeying". This apparently
> >> doesn't happen if the connection is in heavy use at the time or with
> >> module parameter swcrypto=1. WPA2 is not affected either.
> >
> > I think this is due to my patch "iwlagn: rewrite HW crypto" which
> > accidentally broke key *removal* (of all things), which causes issues
> > when the first GTK is removed on the second rekeying.
> >
> > This patch
> > [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
> >
> > should fix it. Wey has sent it to John
> [...]
> > it's also marked for stable.
>
> Shawn Thompson (cc-ed) tested the patch against 3.2.9 and 3.3-rc6 and
> found it to work[1]. What can interested people do to help usher this
> into mainline?

Great, thanks for testing. The patch is already on the way into mainline
with a Cc:stable tag, so I don't think there's anything to do at this
point.

johannes




--
To UNSUBSCRIBE, email to debian-kernel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1330930343.3545.1.camel@jlt3.sipsolutions.net">htt p://lists.debian.org/1330930343.3545.1.camel@jlt3.sipsolutions.net
 

Thread Tools




All times are GMT. The time now is 09:52 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org