wpa_supplicant 2.11 breaks WPA2-PSK / WPA3-SAE authentication on Linux' brcmfmac
Janne Grunau
j at jannau.net
Sun Aug 4 05:23:56 PDT 2024
Hej,
wpa_supplicant 2.11 on Linux's 6.9.y / 6.10.y brcmfmac driver runs in
authentication timeouts with WPA2-PSK and WPA3-SAE. This was reported
with Apple silicon devices using Fedora Asahi remix with a patched
driver as well as other devices without additional brcmfmac patches. See
https://bugzilla.redhat.com/show_bug.cgi?id=2302577 for some reports.
I've bisected this to
https://w1.fi/cgit/hostap/commit/?id=41638606054a09867fe3f9a2b5523aa4678cbfa5
"Mark authorization completed on driver indication during 4-way HS
offload". Reverting this commit on top of hostap_2_11 properly
authenticates the connections. Looking at that change and the code it
looks clearly broken to to me. As far as I can see is
`assoc_info.authorized` for the nl80211 driver only set when
QCA_WLAN_VENDOR_ATTR_ROAM_AUTH_AUTHORIZED is set (in main, I did not
check older revisions). This doesn't seem appropriate to expect this on
chipsets from different vendors.
A revert looks to me like a possible/proper fix. I can send that later
if no alternative materializes.
Thanks and best regards,
Janne
More information about the Hostap
mailing list