ath11k/WCN6855 neighbor report request made immediately after connection gets no response (with MFP)

[James Prestwood]

Hi,

I noticed an issue when we started putting ath11k clients on a WPA3 
network which seems to be related to the fact that management frame 
protection is enabled (works fine on WPA2 no MFP). Immediately after an 
initial association a neighbor report request goes out and we get no 
response from the AP. After getting a PCAP in one case we noticed the 
neighbor report request went out unencrypted, though still had the CCMP 
IV parameter. The content of the request was the unencrypted request, 
and something like 15 bytes of 0x00 padding. I will say, this initial 
PCAP was made through the AP vendor so perhaps it automatically added 
the right keys to decrypt the frame, this could be a red herring. I 
tried on my home network and it was hit or miss, sometimes I would get a 
response but sometimes I wouldn't, but I did see the frame was always 
encrypted in my home network case though when adding the PMK directly in 
wireshark I couldn't decrypt it, where on other hardware like iwlwifi I 
could.

Some time after the connection neighbor reports work fine. I'm not sure 
of a time frame or delay required that gets them working, but it makes 
me suspect that ath11k doesn't have the keys fully added in the firmware 
before userspace gets signaled as "connected". Running the same scenario 
on ath10k or iwlwifi has no issues. This neighbor report request 
immediately after connecting is IWD's default behavior, so its 
relatively easy to test by just restarting IWD.

Since the neighbor reports work fine after some time its not really a 
critical issue but I wanted to bring it up just in case.

Thanks,

James