2012-02-27 05:33:24

by Ben Hutchings

[permalink] [raw]
Subject: iwlwifi WPA-TKIP crypto failure after group rekeying

Several Debian users (cc'd) have reported a regression in iwlagn in
Linux 3.1, not fixed in 3.2. The full bug log is at:

http://bugs.debian.org/651199

To summarise, a WPA-TKIP managed connection stops passing traffic and
the kernel log shows the message "WPA: Group rekeying". This apparently
doesn't happen if the connection is in heavy use at the time or with
module parameter swcrypto=1. WPA2 is not affected either.

Ben.

--
Ben Hutchings
Q. Which is the greater problem in the world today, ignorance or apathy?
A. I don't know and I couldn't care less.


Attachments:
signature.asc (828.00 B)
This is a digitally signed message part

2012-02-27 15:10:50

by Wey-Yi Guy

[permalink] [raw]
Subject: Re: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi Ben/Johannes,

On Mon, 2012-02-27 at 10:02 +0100, Johannes Berg wrote:
> Hi Ben,
>
> Thanks for the report.
>
> On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:
> > Several Debian users (cc'd) have reported a regression in iwlagn in
> > Linux 3.1, not fixed in 3.2. The full bug log is at:
> >
> > http://bugs.debian.org/651199
> >
> > To summarise, a WPA-TKIP managed connection stops passing traffic and
> > the kernel log shows the message "WPA: Group rekeying". This apparently
> > doesn't happen if the connection is in heavy use at the time or with
> > module parameter swcrypto=1. WPA2 is not affected either.
>
> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> http://git.kernel.org/?p=linux/kernel/git/iwlwifi/iwlwifi.git;a=commitdiff;h=5dcbf480473f6c3f06ad2426b7517038a2a18911
>
> should fix it. Wey has sent it to John, but he hasn't picked it up yet
> for some reason -- it's also marked for stable.
>
> It'd be great to get confirmation that this is the problem, I'm not sure
> I'll find time today to reproduce the problem.
>
John merge the patch 5 days ago anf yuo can find it in wireless-testing
tree

authorJohannes Berg <[email protected]> Fri, 17 Feb 2012 17:47:14
+0000 (09:47 -0800) committerJohn W. Linville <[email protected]>
Tue, 21 Feb 2012 19:45:26 +0000 (14:45 -0500)
commit5dcbf480473f6c3f06ad2426b7517038a2a18911
tree66d2cbefee018ff46d499e0aeab573aa94558353tree | snapshot
parent7be081539e540517d5e1fcbf96b8080074afbf08commit | diff

Wey

>



2012-02-27 09:02:42

by Johannes Berg

[permalink] [raw]
Subject: Re: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi Ben,

Thanks for the report.

On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:
> Several Debian users (cc'd) have reported a regression in iwlagn in
> Linux 3.1, not fixed in 3.2. The full bug log is at:
>
> http://bugs.debian.org/651199
>
> To summarise, a WPA-TKIP managed connection stops passing traffic and
> the kernel log shows the message "WPA: Group rekeying". This apparently
> doesn't happen if the connection is in heavy use at the time or with
> module parameter swcrypto=1. WPA2 is not affected either.

I think this is due to my patch "iwlagn: rewrite HW crypto" which
accidentally broke key *removal* (of all things), which causes issues
when the first GTK is removed on the second rekeying.

This patch
http://git.kernel.org/?p=linux/kernel/git/iwlwifi/iwlwifi.git;a=commitdiff;h=5dcbf480473f6c3f06ad2426b7517038a2a18911

should fix it. Wey has sent it to John, but he hasn't picked it up yet
for some reason -- it's also marked for stable.

It'd be great to get confirmation that this is the problem, I'm not sure
I'll find time today to reproduce the problem.

johannes


2012-02-28 02:02:33

by Jonathan Nieder

[permalink] [raw]
Subject: Re: iwlwifi WPA-TKIP crypto failure after group rekeying

tags 651199 = upstream patch
quit

Johannes Berg wrote:

> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
>
> should fix it.

Thanks. The fix is in Linville's wireless tree, hence in linux-next.
I've attached it as a patch against 3.2.y in case someone wants to
try it.

(Instructions:

# prerequisites
apt-get install git build-essential

# get a copy of the kernel
git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
cd linux

# fetch point releases
git remote add -f stable \
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git

# try 3.2.y
git checkout stable/linux-3.2.y
cp /boot/config-$(uname -r) .config; # current configuration
make localmodconfig; # optional: minimize configuration
make deb-pkg; # optionally with -j<num> for parallel build
dpkg -i ../<name of package>
reboot

# hopefully it reproduces the problem, so try the patch:
git am -3sc thepatch
make deb-pkg; # maybe with -j4
dpkg -i ../<name of package>
reboot
)


Attachments:
(No filename) (1.18 kB)
iwlwifi-fix-key-removal.patch (2.19 kB)
Download all attachments

2012-03-05 04:53:43

by Jonathan Nieder

[permalink] [raw]
Subject: Re: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi,

Johannes Berg wrote:
> On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:

>> To summarise, a WPA-TKIP managed connection stops passing traffic and
>> the kernel log shows the message "WPA: Group rekeying". This apparently
>> doesn't happen if the connection is in heavy use at the time or with
>> module parameter swcrypto=1. WPA2 is not affected either.
>
> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
>
> should fix it. Wey has sent it to John
[...]
> it's also marked for stable.

Shawn Thompson (cc-ed) tested the patch against 3.2.9 and 3.3-rc6 and
found it to work[1]. What can interested people do to help usher this
into mainline?

(To recap, this was a regression introduced between 3.0 and 3.1,
presumably by v3.1-rc1~24^2~10^2^2~37.)

Thanks,
Jonathan

[1] http://bugs.debian.org/651199#147

2012-03-05 06:52:39

by Johannes Berg

[permalink] [raw]
Subject: Re: iwlwifi WPA-TKIP crypto failure after group rekeying

Hi,

> >> To summarise, a WPA-TKIP managed connection stops passing traffic and
> >> the kernel log shows the message "WPA: Group rekeying". This apparently
> >> doesn't happen if the connection is in heavy use at the time or with
> >> module parameter swcrypto=1. WPA2 is not affected either.
> >
> > I think this is due to my patch "iwlagn: rewrite HW crypto" which
> > accidentally broke key *removal* (of all things), which causes issues
> > when the first GTK is removed on the second rekeying.
> >
> > This patch
> > [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
> >
> > should fix it. Wey has sent it to John
> [...]
> > it's also marked for stable.
>
> Shawn Thompson (cc-ed) tested the patch against 3.2.9 and 3.3-rc6 and
> found it to work[1]. What can interested people do to help usher this
> into mainline?

Great, thanks for testing. The patch is already on the way into mainline
with a Cc:stable tag, so I don't think there's anything to do at this
point.

johannes