wpa_supplicant 2.10 - Scan failed

Étienne Morice neon.emorice at mail.com
Thu Jan 27 04:06:02 PST 2022 

Hi,

Following the update from 2.9 to 2.10 in arch, we had some scan failures reported.

Original report is here:

https://bugs.archlinux.org/task/73495

Upon updating and restarting wpa_supplicant, scan starts to fail with a log of this kind:

> systemd[1]: Started WPA supplicant daemon (interface-specific version).
> Jan 26 22:33:45 ... wpa_supplicant[422]: Successfully initialized wpa_supplicant
> Jan 26 22:33:45 ... wpa_supplicant[422]: wlp3s0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1
> Jan 26 22:33:46 ... wpa_supplicant[422]: wlp3s0: CTRL-EVENT-SCAN-FAILED ret=-22 retry=1

In one case at least bisecting the problem was possible, here are the conclusions pasted from the arch thread:

=====================================

For me the first commits that make it stop working are:
a11804724 MSCS: Add support to send MSCS Request frames
c005283c4 SCS: Sending of SCS Request frames

These introduced in wpa_supplicant/wpa_supplicant.c, in wpas_ext_capab_byte, two new flags:
```
case 6: /* Bits 48-55 */
		*pos |= 0x40; /* Bit 54 - SCS */
```
and
```
case 10: /* Bits 80-87 */
		*pos |= 0x20; /* Bit 85 - Mirrored SCS */
```

If I comment these out, or set mscs = scs = false at the beginning of the function:
```
diff --git a/wpa_supplicant/wpa_supplicant.c b/wpa_supplicant/wpa_supplicant.c
index d37a994f9..561e5f3ed 100644
--- a/wpa_supplicant/wpa_supplicant.c
+++ b/wpa_supplicant/wpa_supplicant.c
@@ -1883,7 +1883,7 @@ int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,

  static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
  {
-       bool scs = true, mscs = true;
+       bool scs = false, mscs = false;

         *pos = 0x00;
```
I get it to work again. I'm posting from hostap_2_10 with this modification right now.

Also, commenting the rest of the first breaking commit made no
difference, so it seems to me that it's really these flags that cause
the problem for me and not the rest of code depending on them introduced
at the same time.

Now the problem is, I have no idea what these actually do and how they cause the scan to fail.

Most crucially, I don't know at all if wpa_supplicant is doing something
wrong here, or if that code is actually correct but these flags are
somehow propagated down the stack to components (drivers ?) that cannot
handle them yet. So I'm not even sure if this should be fixed upstream
here or in other packages.

======================================

Any idea how to proceed from here ?

Best,

Étienne Morice

More information about the Hostap mailing list