Encryption problems with nl80211

Dan Williams dcbw at redhat.com
Wed Oct 28 08:02:09 PDT 2015


On Tue, 2015-10-27 at 15:05 -0500, Dan Williams wrote:
> On Wed, 2015-10-28 at 00:54 +0530, Krishna Chaitanya wrote:
> > On Wed, Oct 28, 2015 at 12:11 AM, Dan Williams <dcbw at redhat.com> wrote:
> > > On Tue, 2015-10-27 at 18:16 +0100, simo wrote:
> > >> Hi, I am Simon and I am new in this mail list.
> > >>
> > >> I am experiencing problems enabling encryption key after creating an
> > >> IBSS network through wpa_supplicant.
> > >
> > > It looks like the error is coming from the kernel mac80211/cfg80211 WiFi
> > > stack in nl80211_key_allowed().  That function returns an error if there
> > > is not yet any "current_bss", which is probably the case here.  To me it
> > > looks like a mismatch in expectations between the kernel and
> > > wpa_supplicant about how IBSS WEP is supposed to be configured.
> > >
> > > wpas_start_assoc_cb() - sets up parameters for IBSS create/join
> > > -- kernel cfg80211 has current_bss = NULL
> > > wpas_start_assoc_cb() calls wpa_set_wep_keys()
> > > -- kernel cfg80211 rejects set_keys request because current_bss == NULL
> > > wpas_start_assoc_cb() calls wpa_drv_associate() to being association
> > > -- kernel driver creates new IBSS, sends EVENT_IBSS_JOINED
> > > -- kernel cfg80211 calls __cfg80211_ibss_joined() and sets current_bss
> > >
> > > What's odd is that none of this code in the kernel or supplicant has
> > > really changed since early 2013, so its either been broken for a long
> > > time, or I'm missing something completely about when current_bss gets
> > > set.
> > >
> > > Dan
> > >
> > >> wlan0: Trying to associate with SSID 'my-net-302'
> > >> wlan0: Cancelling scan request
> > >> wlan0: WPA: clearing own WPA/RSN IE
> > >> wlan0: Automatic auth_alg selection: 0x1
> > >> wlan0: WPA: clearing AP WPA IE
> > >> wlan0: WPA: clearing AP RSN IE
> > >> wlan0: WPA: clearing own WPA/RSN IE
> > >> wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=1 addr=(nil) key_idx=0
> > >> set_tx=1 seq_len=0 key_len=5
> > >> nl80211: KEY_DATA - hexdump(len=5): [REMOVED]
> > >> nl80211: set_key failed; err=-67 Link has been severed)
> > >
> > > ^^^ the error
> > > <snip>
> > >
> > >> nl80211: Event message available
> > >> nl80211: Drv Event 43 (NL80211_CMD_JOIN_IBSS) received for wlan0
> > >> nl80211: IBSS 12:24:21:59:87:d0 joined
> > >> nl80211: IBSS-joined on 2412 MHz
> > >> nl80211: Operating frequency for the associated BSS from scan results:
> > >> 2412 MHz
> > >> nl80211: IBSS on frequency 2412 MHz
> > >> wlan0: Event ASSOC (0) received
> > >> wlan0: State: ASSOCIATING -> ASSOCIATED
> > >
> > > Then reports success creating/joining the adhoc network.  But of course,
> > > since the key set failed, the network is not encrypted.
> > set_key after association is successful, the failure before association
> > can be ignored. This is not a problem.
> > 
> > 
> > wlan0: State: ASSOCIATED -> COMPLETED
> > wlan0: Radio work 'connect'@0xfab20 done in 0.603215 seconds
> > wlan0: CTRL-EVENT-CONNECTED - Connection to 12:24:21:59:87:d0 completed
> > [id=0 id_str=]
> > nl80211: Set wlan0 operstate 0->1 (UP)
> > netlink: Operstate: ifindex=3 linkmode=-1 (no change), operstate=6
> > (IF_OPER_UP)
> > wlan0: Cancelling scan request
> > wpa_driver_nl80211_set_key: ifindex=3 (wlan0) alg=1 addr=(nil) key_idx=0
> > set_tx=1 seq_len=0 key_len=5
> > nl80211: KEY_DATA - hexdump(len=5): [REMOVED]
> > RTM_NEWLINK: ifi_index=3 ifname=wlan0 operstate=6 linkmode=1
> > ifi_family=0 ifi_flags=0x11043 ([UP][RUNNING][LOWER_
> 
> Ah, you are correct.  IIRC some drivers don't really support setting the
> keys after IBSS create though, since they don't have a great way to
> update the IEs after the join has already happened.  I wonder what
> driver the reporter is using?

Before I wrote the above I was actually writing about how some drivers
don't allow setting the encryption key after the IBSS has been
created/joined, using libertas as an example.  libertas firmware
requires the key to be given before/during the join operation otherwise
the IBSS beacons don't have any security stuff in them.

And guess what?  The reporter is using the 'libertas' driver...
cfg80211 support got added to the driver a while back, but I guess it
was somewhat incomplete.  But also, it seems that wpa_supplicant expects
all nl80211/cfg80211 capable drivers to be able to set the key after a
join.  So yay, this just isn't going to work.

Simo, the only recourse here is to use "-D wext" instead of "-D
nl80211", unfortunately...

Dan




More information about the Hostap mailing list