From: James Prestwood <prestwoj@gmail.com>
To: "open list:MEDIATEK MT76 WIRELESS LAN DRIVER"
<linux-wireless@vger.kernel.org>
Cc: "ath11k@lists.infradead.org" <ath11k@lists.infradead.org>
Subject: ath11k/WCN6855 neighbor report request made immediately after connection gets no response (with MFP)
Date: Thu, 19 Sep 2024 05:21:45 -0700 [thread overview]
Message-ID: <eb41d8ec-c4f1-474e-a938-099f27aa94e3@gmail.com> (raw)
Hi,
I noticed an issue when we started putting ath11k clients on a WPA3
network which seems to be related to the fact that management frame
protection is enabled (works fine on WPA2 no MFP). Immediately after an
initial association a neighbor report request goes out and we get no
response from the AP. After getting a PCAP in one case we noticed the
neighbor report request went out unencrypted, though still had the CCMP
IV parameter. The content of the request was the unencrypted request,
and something like 15 bytes of 0x00 padding. I will say, this initial
PCAP was made through the AP vendor so perhaps it automatically added
the right keys to decrypt the frame, this could be a red herring. I
tried on my home network and it was hit or miss, sometimes I would get a
response but sometimes I wouldn't, but I did see the frame was always
encrypted in my home network case though when adding the PMK directly in
wireshark I couldn't decrypt it, where on other hardware like iwlwifi I
could.
Some time after the connection neighbor reports work fine. I'm not sure
of a time frame or delay required that gets them working, but it makes
me suspect that ath11k doesn't have the keys fully added in the firmware
before userspace gets signaled as "connected". Running the same scenario
on ath10k or iwlwifi has no issues. This neighbor report request
immediately after connecting is IWD's default behavior, so its
relatively easy to test by just restarting IWD.
Since the neighbor reports work fine after some time its not really a
critical issue but I wanted to bring it up just in case.
Thanks,
James
next reply other threads:[~2024-09-19 12:21 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-19 12:21 James Prestwood [this message]
2024-09-25 10:07 ` ath11k/WCN6855 neighbor report request made immediately after connection gets no response (with MFP) Baochen Qiang
2024-09-25 11:33 ` James Prestwood
2024-09-26 3:16 ` Baochen Qiang
2024-09-26 12:31 ` James Prestwood
2024-09-27 5:59 ` Baochen Qiang
2024-09-27 11:53 ` James Prestwood
2024-09-29 2:14 ` Baochen Qiang
2024-10-01 13:06 ` James Prestwood
2024-09-29 2:16 ` Baochen Qiang
2024-10-01 13:08 ` James Prestwood
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=eb41d8ec-c4f1-474e-a938-099f27aa94e3@gmail.com \
--to=prestwoj@gmail.com \
--cc=ath11k@lists.infradead.org \
--cc=linux-wireless@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox