diff mbox series

[2/2] package/wpa_supplicant: revert upstream commit to fix brcmfmac

Message ID 20240818203134.1512793-3-geomatsi@gmail.com
State Accepted
Headers show
Series package/wpa_supplicant: follow-up fixes for v2.11 | expand

Commit Message

Sergey Matyukevich Aug. 18, 2024, 8:31 p.m. UTC 
Revert the upstream wpa_supplicant commit 41638606054 ("Mark
authorization completed on driver indication during 4-way HS offload").
That commit breaks WPA2-PSK and WPA3-SAE for brcfmac driver in upstream
Linux kernels. For details refer to the hostapd mailing list discussion
and redhat bugzilla:
- http://lists.infradead.org/pipermail/hostap/2024-August/042893.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2302577

Alternative option would be to disable offload in brcmfmac driver
adding "brcmfmac.feature_disable=0x82000" to Linux command line.

Final decision is not yet agreed upon on the hostapd mailing list,
but reporter and maintainer are inclined to revert the patch. So this
change adds revert to Buildroot to improve user experience for such
boards as Orange Pi Zero Plus2, BananaPro, and others. Later on the
patch will be updated according to hostapd upstream changes.

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
---
 ...orization-completed-on-driver-indica.patch | 55 +++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 package/wpa_supplicant/0001-Revert-Mark-authorization-completed-on-driver-indica.patch

Comments

Thomas Petazzoni Aug. 19, 2024, 11:06 a.m. UTC | #1 
On Sun, 18 Aug 2024 23:31:30 +0300
Sergey Matyukevich <geomatsi@gmail.com> wrote:

> Revert the upstream wpa_supplicant commit 41638606054 ("Mark
> authorization completed on driver indication during 4-way HS offload").
> That commit breaks WPA2-PSK and WPA3-SAE for brcfmac driver in upstream
> Linux kernels. For details refer to the hostapd mailing list discussion
> and redhat bugzilla:
> - http://lists.infradead.org/pipermail/hostap/2024-August/042893.html
> - https://bugzilla.redhat.com/show_bug.cgi?id=2302577
> 
> Alternative option would be to disable offload in brcmfmac driver
> adding "brcmfmac.feature_disable=0x82000" to Linux command line.
> 
> Final decision is not yet agreed upon on the hostapd mailing list,
> but reporter and maintainer are inclined to revert the patch. So this
> change adds revert to Buildroot to improve user experience for such
> boards as Orange Pi Zero Plus2, BananaPro, and others. Later on the
> patch will be updated according to hostapd upstream changes.
> 
> Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
> ---
>  ...orization-completed-on-driver-indica.patch | 55 +++++++++++++++++++
>  1 file changed, 55 insertions(+)
>  create mode 100644 package/wpa_supplicant/0001-Revert-Mark-authorization-completed-on-driver-indica.patch

Applied to master, thanks.

Thomas
diff mbox series

Patch

diff --git a/package/wpa_supplicant/0001-Revert-Mark-authorization-completed-on-driver-indica.patch b/package/wpa_supplicant/0001-Revert-Mark-authorization-completed-on-driver-indica.patch
new file mode 100644
index 0000000000..89954eb7c5
--- /dev/null
+++ b/package/wpa_supplicant/0001-Revert-Mark-authorization-completed-on-driver-indica.patch
@@ -0,0 +1,55 @@ 
+From 170d8a433308ee39f87af94acaef461f8e80b67b Mon Sep 17 00:00:00 2001
+From: Janne Grunau <janne-fdr@jannau.net>
+Date: Sun, 4 Aug 2024 13:24:42 +0200
+Subject: [PATCH] Revert "Mark authorization completed on driver indication during 4-way HS offload"
+
+This reverts commit 41638606054a09867fe3f9a2b5523aa4678cbfa5.
+
+Signed-off-by: Janne Grunau <janne-fdr@jannau.net>
+Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
+
+Upstream: not yet sent, ongoing discussion http://lists.infradead.org/pipermail/hostap/2024-August/042893.html
+
+---
+ wpa_supplicant/events.c | 25 ++++++++-----------------
+ 1 file changed, 8 insertions(+), 17 deletions(-)
+
+diff --git a/wpa_supplicant/events.c b/wpa_supplicant/events.c
+index 49917f7aa..bbb3a3eda 100644
+--- a/wpa_supplicant/events.c
++++ b/wpa_supplicant/events.c
+@@ -4327,23 +4327,14 @@ static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
+ 		eapol_sm_notify_eap_success(wpa_s->eapol, true);
+ 	} else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
+ 		   wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
+-		if (already_authorized) {
+-			/*
+-			 * We are done; the driver will take care of RSN 4-way
+-			 * handshake.
+-			 */
+-			wpa_supplicant_cancel_auth_timeout(wpa_s);
+-			wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
+-			eapol_sm_notify_portValid(wpa_s->eapol, true);
+-			eapol_sm_notify_eap_success(wpa_s->eapol, true);
+-		} else {
+-			/* Update port, WPA_COMPLETED state from the
+-			 * EVENT_PORT_AUTHORIZED handler when the driver is done
+-			 * with the 4-way handshake.
+-			 */
+-			wpa_msg(wpa_s, MSG_DEBUG,
+-				"ASSOC INFO: wait for driver port authorized indication");
+-		}
++		/*
++		 * We are done; the driver will take care of RSN 4-way
++		 * handshake.
++		 */
++		wpa_supplicant_cancel_auth_timeout(wpa_s);
++		wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
++		eapol_sm_notify_portValid(wpa_s->eapol, true);
++		eapol_sm_notify_eap_success(wpa_s->eapol, true);
+ 	} else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
+ 		   wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
+ 		/*
+-- 
+2.45.2
+