Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Sergey Matyukevich <geomatsi@gmail.com>
To: Yegor Yefremov <yegorslists@googlemail.com>
Cc: Matt Weber <matthew.weber@collins.com>,
	buildroot <buildroot@buildroot.org>
Subject: Re: [Buildroot] [PATCH 1/2] package/wpa_supplicant: bump version to 2.10
Date: Tue, 1 Feb 2022 13:46:15 +0300	[thread overview]
Message-ID: <YfkPd6po3cYygwok@curiosity> (raw)
In-Reply-To: <CAGm1_kse4gtvY0pMo+12RoFMM_u09LwLq6RW42HMv_jfjK4N=w@mail.gmail.com>

> Hi Sergey,
> 
> On Tue, Feb 1, 2022 at 9:53 AM Sergey Matyukevich <geomatsi@gmail.com> wrote:
> >
> > Hi Yegor,
> >
> > > On Mon, Jan 31, 2022 at 9:38 PM Sergey Matyukevich <geomatsi@gmail.com> wrote:
> > > >
> > > > Hello Yegor,
> > > >
> > > > > Hi Sergey,
> > > > >
> > > > > On Mon, Jan 31, 2022 at 8:48 PM Sergey Matyukevich <geomatsi@gmail.com> wrote:
> > > > > >
> > > > > > Update wpa_supplicant to the latest release v2.10. Drop all the patches
> > > > > > as they have already been upstreamed. Remove from .mk file all the
> > > > > > WPA_SUPPLICANT_IGNORE_CVES records since those CVEs will not be
> > > > > > reported against the new version.
> > > > > >
> > > > > > Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
> > > >
> > > > ...
> > > >
> > > > > Have you tried to build wpa_supplicant without
> > > > > BR2_PACKAGE_WPA_SUPPLICANT_WPA3 and enabled
> > > > > BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING? I've got a linking error.
> > > > > I have also sent a quick and dirty patch to the hostap mailing list
> > > > > [1] but still got no answer.
> > > > >
> > > > > [1] http://lists.infradead.org/pipermail/hostap/2022-January/040181.html
> > > >
> > > > So far I have not observed that problem. I think we can handle it
> > > > independently from the revision update, adding fixup patches if needed.
> > > >
> > > > I tried to reproduce it using the following wpa_supplicant configuration:
> > > >
> > > > BR2_PACKAGE_WPA_SUPPLICANT=y
> > > > BR2_PACKAGE_WPA_SUPPLICANT_NL80211=y
> > > > BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT=y
> > > > BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING=y
> > > >
> > > > However build succeeded. Could you please post your wpa_supplicant
> > > > configuration snippet ? Probably the root cause is in openssl and some
> > > > of its features need to be enabled in package/wpa_supplicant/Config.in.
> > >
> > > I have pinned it down:
> > >
> > > BR2_PACKAGE_WPA_SUPPLICANT=y
> > > BR2_PACKAGE_WPA_SUPPLICANT_NL80211=y
> > > BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT=y
> > > BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING=y
> > > BR2_PACKAGE_WPA_SUPPLICANT_EAP=y
> > >
> > > It is BR2_PACKAGE_WPA_SUPPLICANT_EAP option the selects NEED_SHA384.
> >
> > Thanks ! I reproduced the problem using your wpa_supplicant config snippet.
> > Looking into Makefile of wpa_supplicant:
> > - CONFIG_MESH for some reason needs SAE, so it enables CONFIG_SAE
> > - CONFIG_SAE enables only HMAC_SHA256_KDF, which is apparently not enough
> >
> > It turns out that at least HMAC_SHA384_KDF is required for successful build.
> > Here is a minimal patch for wpa_supplicant that fixes build for your snippet:
> >
> > diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
> > index cb66defac..c8e53a3c9 100644
> > --- a/wpa_supplicant/Makefile
> > +++ b/wpa_supplicant/Makefile
> > @@ -246,6 +246,7 @@ endif
> >  ifdef CONFIG_MESH
> >  NEED_80211_COMMON=y
> >  NEED_AES_SIV=y
> > +NEED_HMAC_SHA384_KDF=y
> >  CONFIG_SAE=y
> >  CONFIG_AP=y
> >  CFLAGS += -DCONFIG_MESH
> >
> >
> > In fact, it looks like wpa_supplicant build would fail for any configuration
> > when we enable SAE without DPP. However in Buildroot we enable all WPA3
> > support at once which includes OWE/SAE/DPP. Meanwhile DPP enables all
> > the NEED_HMAC_SHA***_KDF options.
> 
> Would you then add this patch to the version bump? I'll keep an eye on
> what happens with the official solution on the hostap mailing list.

I will send it separately on top of version update patches.

Regards,
Sergey
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

  reply	other threads:[~2022-02-01 10:46 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-31 19:48 [Buildroot] [PATCH 1/2] package/wpa_supplicant: bump version to 2.10 Sergey Matyukevich
2022-01-31 19:48 ` [Buildroot] [PATCH 2/2] package/hostapd: " Sergey Matyukevich
2022-02-01 17:22   ` Yegor Yefremov via buildroot
2022-01-31 20:14 ` [Buildroot] [PATCH 1/2] package/wpa_supplicant: " Yegor Yefremov via buildroot
2022-01-31 20:38   ` Sergey Matyukevich
2022-01-31 21:32     ` Yegor Yefremov via buildroot
2022-02-01  8:53       ` Sergey Matyukevich
2022-02-01 10:25         ` Yegor Yefremov via buildroot
2022-02-01 10:46           ` Sergey Matyukevich [this message]
2022-02-01 17:22 ` Yegor Yefremov via buildroot
2022-02-12 13:45 ` Arnout Vandecappelle

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YfkPd6po3cYygwok@curiosity \
    --to=geomatsi@gmail.com \
    --cc=buildroot@buildroot.org \
    --cc=matthew.weber@collins.com \
    --cc=yegorslists@googlemail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox