> To: [email protected]
matthieu castet wrote:
> Hi,
>
> I added wpa support to airo driver some years ago, but I maintain the
> support as a OutOfTreeDrivers [1]. I use it everyday in wpa mode.
>
> It can't be merged in main because the wpa support is selected by a
> module option. I did this because supporting wpa and other mode together
> may need a large rewrite of the driver (when I did first
> experimentation, I got firmware hang if I mix wpa command that use a new
> firmware API and wep command that use old firmware API).
>
>
> But they have been some work to make it ok for main Linux tree [2], but
> it failed because of some issues [3].
>
> I don't have time nor interest to continue the work made in [2].
> May be somebody is interested.
>
> Matthieu
>
> [1]
> https://gna.org/projects/airo-wpa/ and
> http://svn.gna.org/viewcvs/airo-wpa/branches/kernel/
>
> [2]
> http://svn.gna.org/viewcvs/airo-wpa/branches/kernel-merge/
>
> [3]
> Dan Williams :
> One problem I have is that after setting the TKIP key, I always get a
> sequence of 3 bad MICs, and then the MAC sends a status of 0x8117 which
> causes the driver to send a disconnection event to userspace, which
> makes wpa_supplicant fail the connection. If I comment out the 'goto
> badrx;' in the interrupt handler where the WPA mic is checked,
> everything works great and I can complete the 4-way handshake. It needs
> more investigation, but do you have any thoughts on what might be going
> on here?
>
matthieu castet wrote:
>> [2]
>> http://svn.gna.org/viewcvs/airo-wpa/branches/kernel-merge/
>>
>> [3]
>> Dan Williams :
>> One problem I have is that after setting the TKIP key, I always get a
>> sequence of 3 bad MICs, and then the MAC sends a status of 0x8117 which
>> causes the driver to send a disconnection event to userspace, which
>> makes wpa_supplicant fail the connection. If I comment out the 'goto
>> badrx;' in the interrupt handler where the WPA mic is checked,
>> everything works great and I can complete the 4-way handshake. It needs
>> more investigation, but do you have any thoughts on what might be going
>> on here?
I had a quick look at [2].
The WPA support is similar to that posted for the orinoco driver last weekend. The driver calculates the MIC using the current software keys and appends it to the packet to be transmitted; the firmware/hardware encrypts the packet with the keys set in hardware.
For orinoco the TKIP changing code waits until the card has finished transmitting queued packets before changing the keys [4]. This prevents the software keys from getting out of step with the hardware keys. Orinoco makes use of a RID to determine if there's anything in the TX queue, but I don't think this is necessary.
Might a similar change work for the airo driver?
Regards,
Dave.
[4] <http://marc.info/?l=linux-wireless&m=121467838917394&w=4>