iwlwifi WPA-TKIP crypto failure after group rekeying

iwlwifi WPA-TKIP crypto failure after group rekeying

[Ben Hutchings]

[-- Attachment #1: Type: text/plain, Size: 583 bytes --]

Several Debian users (cc'd) have reported a regression in iwlagn in
Linux 3.1, not fixed in 3.2.  The full bug log is at:

http://bugs.debian.org/651199

To summarise, a WPA-TKIP managed connection stops passing traffic and
the kernel log shows the message "WPA: Group rekeying".  This apparently
doesn't happen if the connection is in heavy use at the time or with
module parameter swcrypto=1.  WPA2 is not affected either.

Ben.

-- 
Ben Hutchings
Q.  Which is the greater problem in the world today, ignorance or apathy?
A.  I don't know and I couldn't care less.

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 828 bytes --]

Re: iwlwifi WPA-TKIP crypto failure after group rekeying

[Johannes Berg]

Hi Ben,

Thanks for the report.

On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:
> Several Debian users (cc'd) have reported a regression in iwlagn in
> Linux 3.1, not fixed in 3.2.  The full bug log is at:
> 
> http://bugs.debian.org/651199
> 
> To summarise, a WPA-TKIP managed connection stops passing traffic and
> the kernel log shows the message "WPA: Group rekeying".  This apparently
> doesn't happen if the connection is in heavy use at the time or with
> module parameter swcrypto=1.  WPA2 is not affected either.

I think this is due to my patch "iwlagn: rewrite HW crypto" which
accidentally broke key *removal* (of all things), which causes issues
when the first GTK is removed on the second rekeying.

This patch
http://git.kernel.org/?p=linux/kernel/git/iwlwifi/iwlwifi.git;a=commitdiff;h=5dcbf480473f6c3f06ad2426b7517038a2a18911

should fix it. Wey has sent it to John, but he hasn't picked it up yet
for some reason -- it's also marked for stable.

It'd be great to get confirmation that this is the problem, I'm not sure
I'll find time today to reproduce the problem.

johannes

Re: iwlwifi WPA-TKIP crypto failure after group rekeying

[Guy, Wey-Yi]

Hi Ben/Johannes,

On Mon, 2012-02-27 at 10:02 +0100, Johannes Berg wrote:
> Hi Ben,
> 
> Thanks for the report.
> 
> On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:
> > Several Debian users (cc'd) have reported a regression in iwlagn in
> > Linux 3.1, not fixed in 3.2.  The full bug log is at:
> > 
> > http://bugs.debian.org/651199
> > 
> > To summarise, a WPA-TKIP managed connection stops passing traffic and
> > the kernel log shows the message "WPA: Group rekeying".  This apparently
> > doesn't happen if the connection is in heavy use at the time or with
> > module parameter swcrypto=1.  WPA2 is not affected either.
> 
> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
> 
> This patch
> http://git.kernel.org/?p=linux/kernel/git/iwlwifi/iwlwifi.git;a=commitdiff;h=5dcbf480473f6c3f06ad2426b7517038a2a18911
> 
> should fix it. Wey has sent it to John, but he hasn't picked it up yet
> for some reason -- it's also marked for stable.
> 
> It'd be great to get confirmation that this is the problem, I'm not sure
> I'll find time today to reproduce the problem.
> 
John merge the patch 5 days ago anf yuo can find it in wireless-testing
tree

authorJohannes Berg <johannes.berg@intel.com> Fri, 17 Feb 2012 17:47:14
+0000 (09:47 -0800) committerJohn W. Linville <linville@tuxdriver.com>
Tue, 21 Feb 2012 19:45:26 +0000 (14:45 -0500)
commit5dcbf480473f6c3f06ad2426b7517038a2a18911
tree66d2cbefee018ff46d499e0aeab573aa94558353tree | snapshot
parent7be081539e540517d5e1fcbf96b8080074afbf08commit | diff

Wey

> 

Re: iwlwifi WPA-TKIP crypto failure after group rekeying

[Jonathan Nieder]

[-- Attachment #1: Type: text/plain, Size: 1212 bytes --]

tags 651199 = upstream patch
quit

Johannes Berg wrote:

> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
>
> should fix it.

Thanks.  The fix is in Linville's wireless tree, hence in linux-next.
I've attached it as a patch against 3.2.y in case someone wants to
try it.

(Instructions:

 # prerequisites
 apt-get install git build-essential

 # get a copy of the kernel
 git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
 cd linux

 # fetch point releases
 git remote add -f stable \
  git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git
 
 # try 3.2.y
 git checkout stable/linux-3.2.y
 cp /boot/config-$(uname -r) .config; # current configuration
 make localmodconfig; # optional: minimize configuration
 make deb-pkg; # optionally with -j<num> for parallel build
 dpkg -i ../<name of package>
 reboot

 # hopefully it reproduces the problem, so try the patch:
 git am -3sc thepatch
 make deb-pkg; # maybe with -j4
 dpkg -i ../<name of package>
 reboot
)

[-- Attachment #2: iwlwifi-fix-key-removal.patch --]
[-- Type: text/plain, Size: 2245 bytes --]

From: Johannes Berg <johannes.berg@intel.com>
Date: Fri, 17 Feb 2012 09:47:14 -0800
Subject: iwlwifi: fix key removal

commit 5dcbf480473f6c3f06ad2426b7517038a2a18911 upstream.

When trying to remove a key, we always send key
flags just setting the key type, not including
the multicast flag and the key ID. As a result,
whenever any key was removed, the unicast key 0
would be removed, causing a complete connection
loss after the second rekey (the first doesn't
cause a key removal). Fix the key removal code
to include the key ID and multicast flag, thus
removing the correct key.

Reported-by: Alexander Schnaidt <alex.schnaidt@googlemail.com>
Tested-by: Alexander Schnaidt <alex.schnaidt@googlemail.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
---
 drivers/net/wireless/iwlwifi/iwl-agn-sta.c |   10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/drivers/net/wireless/iwlwifi/iwl-agn-sta.c b/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
index 4b2aa1da0953..5cfb3d17a2bc 100644
--- a/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
+++ b/drivers/net/wireless/iwlwifi/iwl-agn-sta.c
@@ -1211,6 +1211,7 @@ int iwl_remove_dynamic_key(struct iwl_priv *priv,
 	unsigned long flags;
 	struct iwl_addsta_cmd sta_cmd;
 	u8 sta_id = iwlagn_key_sta_id(priv, ctx->vif, sta);
+	__le16 key_flags;
 
 	/* if station isn't there, neither is the key */
 	if (sta_id == IWL_INVALID_STATION)
@@ -1236,7 +1237,14 @@ int iwl_remove_dynamic_key(struct iwl_priv *priv,
 		IWL_ERR(priv, "offset %d not used in uCode key table.\n",
 			keyconf->hw_key_idx);
 
-	sta_cmd.key.key_flags = STA_KEY_FLG_NO_ENC | STA_KEY_FLG_INVALID;
+	key_flags = cpu_to_le16(keyconf->keyidx << STA_KEY_FLG_KEYID_POS);
+	key_flags |= STA_KEY_FLG_MAP_KEY_MSK | STA_KEY_FLG_NO_ENC |
+		     STA_KEY_FLG_INVALID;
+
+	if (!(keyconf->flags & IEEE80211_KEY_FLAG_PAIRWISE))
+		key_flags |= STA_KEY_MULTICAST_MSK;
+
+	sta_cmd.key.key_flags = key_flags;
 	sta_cmd.key.key_offset = WEP_INVALID_OFFSET;
 	sta_cmd.sta.modify_mask = STA_MODIFY_KEY_MASK;
 	sta_cmd.mode = STA_CONTROL_MODIFY_MSK;
-- 
1.7.9.2

Re: iwlwifi WPA-TKIP crypto failure after group rekeying

[Jonathan Nieder]

Hi,

Johannes Berg wrote:
> On Mon, 2012-02-27 at 05:33 +0000, Ben Hutchings wrote:

>> To summarise, a WPA-TKIP managed connection stops passing traffic and
>> the kernel log shows the message "WPA: Group rekeying".  This apparently
>> doesn't happen if the connection is in heavy use at the time or with
>> module parameter swcrypto=1.  WPA2 is not affected either.
>
> I think this is due to my patch "iwlagn: rewrite HW crypto" which
> accidentally broke key *removal* (of all things), which causes issues
> when the first GTK is removed on the second rekeying.
>
> This patch
> [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
>
> should fix it. Wey has sent it to John
[...]
> it's also marked for stable.

Shawn Thompson (cc-ed) tested the patch against 3.2.9 and 3.3-rc6 and
found it to work[1].  What can interested people do to help usher this
into mainline?

(To recap, this was a regression introduced between 3.0 and 3.1,
presumably by v3.1-rc1~24^2~10^2^2~37.)

Thanks,
Jonathan

[1] http://bugs.debian.org/651199#147

Re: iwlwifi WPA-TKIP crypto failure after group rekeying

[Johannes Berg]

Hi,

> >> To summarise, a WPA-TKIP managed connection stops passing traffic and
> >> the kernel log shows the message "WPA: Group rekeying".  This apparently
> >> doesn't happen if the connection is in heavy use at the time or with
> >> module parameter swcrypto=1.  WPA2 is not affected either.
> >
> > I think this is due to my patch "iwlagn: rewrite HW crypto" which
> > accidentally broke key *removal* (of all things), which causes issues
> > when the first GTK is removed on the second rekeying.
> >
> > This patch
> > [...]h=5dcbf480473f6c3f06ad2426b7517038a2a18911
> >
> > should fix it. Wey has sent it to John
> [...]
> > it's also marked for stable.
> 
> Shawn Thompson (cc-ed) tested the patch against 3.2.9 and 3.3-rc6 and
> found it to work[1].  What can interested people do to help usher this
> into mainline?

Great, thanks for testing. The patch is already on the way into mainline
with a Cc:stable tag, so I don't think there's anything to do at this
point.

johannes