* rt2500usb: WPA2 TKIP+AES does not work with HW encryption @ 2010-06-22 10:38 Ondrej Zary 2010-06-22 19:35 ` Gertjan van Wingerde 0 siblings, 1 reply; 5+ messages in thread From: Ondrej Zary @ 2010-06-22 10:38 UTC (permalink / raw) To: Ivo Van Doorn; +Cc: rt2x00 Users List, linux-wireless Hello, I'm (again) trying to solve (debug) a weird problem with Asus WL-167G: 0b05:1706 ASUSTek Computer, Inc. WL-167G v1 802.11g Adapter [Ralink RT2500USB] The problem only appears when HW encryption is enabled and connecting to an AP configured as WPA2 TKIP+AES. HW encryption works when the AP is configured as TKIP-only or AES-only. It also works when AP is configured as TKIP+AES but wpa_supplicant is forced to use TKIP as pairwise cipher (pairwise=TKIP) SW encryption works always. The problem is that no packets are transmitted. I can't see DHCP broadcasts on other machine using tcpdump. But when I run tcpdump on the rt2500usb, I see broadcasts from the other machine, so receive seems to work fine. Added some printk()s to the driver, 6 packets from unsuccessful DHCP: [ 371.760073] rt2500usb_write_tx_desc: key_idx=0 [ 371.852062] rt2500usb_write_tx_desc: key_idx=0 [ 371.944054] rt2500usb_write_tx_desc: key_idx=0 [ 372.036068] rt2500usb_write_tx_desc: key_idx=0 [ 372.128056] rt2500usb_write_tx_desc: key_idx=0 [ 372.220053] rt2500usb_write_tx_desc: key_idx=0 [ 372.312053] rt2500usb_write_tx_desc: key_idx=0 [ 372.404055] rt2500usb_write_tx_desc: key_idx=0 [ 372.496101] rt2500usb_write_tx_desc: key_idx=0 [ 372.588077] rt2500usb_write_tx_desc: key_idx=0 [ 372.688073] rt2500usb_write_tx_desc: key_idx=0 [ 373.272513] wlan1: authenticate with 00:13:d4:0f:f3:19 (try 1) [ 373.272552] rt2500usb_write_tx_desc: key_idx=0 [ 373.274533] wlan1: authenticated [ 373.274564] wlan1: associate with 00:13:d4:0f:f3:19 (try 1) [ 373.274581] rt2500usb_write_tx_desc: key_idx=0 [ 373.277696] wlan1: RX AssocResp from 00:13:d4:0f:f3:19 (capab=0x411 status=0 aid=1) [ 373.277704] wlan1: associated [ 373.308247] rt2500usb_write_tx_desc: key_idx=0 [ 373.308392] rt2500usb_write_tx_desc: key_idx=0 [ 373.315999] rt2500usb_write_tx_desc: key_idx=0 [ 373.340306] rt2x00crypto_key_to_cipher: ALG_CCMP [ 373.340318] rt2500usb_config_key key->hw_key_idx=0 SET_KEY hw_key_idx = 0 OK [ 373.344521] rt2x00crypto_key_to_cipher: ALG_TKIP [ 373.344527] rt2500usb_config_key key->hw_key_idx=0 SET_KEY hw_key_idx = 1 OK [ 373.412083] rt2500usb_write_tx_desc: key_idx=0 [ 375.160233] rt2x00crypto_key_to_cipher: ALG_CCMP [ 375.160246] rt2x00crypto_tx_overhead=8 [ 375.160254] rt2500usb_write_tx_desc: key_idx=0 [ 375.240078] rt2500usb_write_tx_desc: key_idx=0 [ 381.163494] rt2x00crypto_key_to_cipher: ALG_CCMP [ 381.163507] rt2x00crypto_tx_overhead=8 [ 381.163515] rt2500usb_write_tx_desc: key_idx=0 [ 381.244066] rt2500usb_write_tx_desc: key_idx=0 [ 388.165180] rt2x00crypto_key_to_cipher: ALG_CCMP [ 388.165194] rt2x00crypto_tx_overhead=8 [ 388.165201] rt2500usb_write_tx_desc: key_idx=0 [ 388.244069] rt2500usb_write_tx_desc: key_idx=0 [ 399.169468] rt2x00crypto_key_to_cipher: ALG_CCMP [ 399.169481] rt2x00crypto_tx_overhead=8 [ 399.169489] rt2500usb_write_tx_desc: key_idx=0 [ 399.248067] rt2500usb_write_tx_desc: key_idx=0 [ 404.080428] rt2500usb_write_tx_desc: key_idx=0 [ 404.180066] rt2500usb_write_tx_desc: key_idx=0 [ 410.168836] rt2x00crypto_key_to_cipher: ALG_CCMP [ 410.168850] rt2x00crypto_tx_overhead=8 [ 410.168858] rt2500usb_write_tx_desc: key_idx=0 [ 410.248068] rt2500usb_write_tx_desc: key_idx=0 [ 414.374545] rt2500usb_write_tx_desc: key_idx=0 [ 414.472061] rt2500usb_write_tx_desc: key_idx=0 [ 422.169686] rt2x00crypto_key_to_cipher: ALG_CCMP [ 422.169699] rt2x00crypto_tx_overhead=8 [ 422.169706] rt2500usb_write_tx_desc: key_idx=0 [ 422.252069] rt2500usb_write_tx_desc: key_idx=0 Seems that it's trying to use CCMP, which is good. I wonder if the keys are properly handled in rt2500usb_config_key. They seem to be uploaded to the HW correctly (one at index 0, one at 1) - but can't tell without any HW docs. I did some framedumps before but don't know what to do with them (what to look for): http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-bad.txt http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-good.txt Anything else I can try? -- Ondrej Zary ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: rt2500usb: WPA2 TKIP+AES does not work with HW encryption 2010-06-22 10:38 rt2500usb: WPA2 TKIP+AES does not work with HW encryption Ondrej Zary @ 2010-06-22 19:35 ` Gertjan van Wingerde 2010-06-22 21:46 ` Ondrej Zary 0 siblings, 1 reply; 5+ messages in thread From: Gertjan van Wingerde @ 2010-06-22 19:35 UTC (permalink / raw) To: Ondrej Zary; +Cc: Ivo Van Doorn, rt2x00 Users List, linux-wireless On 06/22/10 12:38, Ondrej Zary wrote: > Hello, > I'm (again) trying to solve (debug) a weird problem with Asus WL-167G: > 0b05:1706 ASUSTek Computer, Inc. WL-167G v1 802.11g Adapter [Ralink RT2500USB] > > The problem only appears when HW encryption is enabled and connecting to an AP > configured as WPA2 TKIP+AES. > > HW encryption works when the AP is configured as TKIP-only or AES-only. It > also works when AP is configured as TKIP+AES but wpa_supplicant is forced to > use TKIP as pairwise cipher (pairwise=TKIP) > > SW encryption works always. > > The problem is that no packets are transmitted. I can't see DHCP broadcasts on > other machine using tcpdump. But when I run tcpdump on the rt2500usb, I see > broadcasts from the other machine, so receive seems to work fine. > > Added some printk()s to the driver, 6 packets from unsuccessful DHCP: > [ 371.760073] rt2500usb_write_tx_desc: key_idx=0 > [ 371.852062] rt2500usb_write_tx_desc: key_idx=0 > [ 371.944054] rt2500usb_write_tx_desc: key_idx=0 > [ 372.036068] rt2500usb_write_tx_desc: key_idx=0 > [ 372.128056] rt2500usb_write_tx_desc: key_idx=0 > [ 372.220053] rt2500usb_write_tx_desc: key_idx=0 > [ 372.312053] rt2500usb_write_tx_desc: key_idx=0 > [ 372.404055] rt2500usb_write_tx_desc: key_idx=0 > [ 372.496101] rt2500usb_write_tx_desc: key_idx=0 > [ 372.588077] rt2500usb_write_tx_desc: key_idx=0 > [ 372.688073] rt2500usb_write_tx_desc: key_idx=0 > [ 373.272513] wlan1: authenticate with 00:13:d4:0f:f3:19 (try 1) > [ 373.272552] rt2500usb_write_tx_desc: key_idx=0 > [ 373.274533] wlan1: authenticated > [ 373.274564] wlan1: associate with 00:13:d4:0f:f3:19 (try 1) > [ 373.274581] rt2500usb_write_tx_desc: key_idx=0 > [ 373.277696] wlan1: RX AssocResp from 00:13:d4:0f:f3:19 (capab=0x411 status=0 aid=1) > [ 373.277704] wlan1: associated > [ 373.308247] rt2500usb_write_tx_desc: key_idx=0 > [ 373.308392] rt2500usb_write_tx_desc: key_idx=0 > [ 373.315999] rt2500usb_write_tx_desc: key_idx=0 > [ 373.340306] rt2x00crypto_key_to_cipher: ALG_CCMP > [ 373.340318] rt2500usb_config_key key->hw_key_idx=0 SET_KEY hw_key_idx = 0 OK > [ 373.344521] rt2x00crypto_key_to_cipher: ALG_TKIP > [ 373.344527] rt2500usb_config_key key->hw_key_idx=0 SET_KEY hw_key_idx = 1 OK > [ 373.412083] rt2500usb_write_tx_desc: key_idx=0 > [ 375.160233] rt2x00crypto_key_to_cipher: ALG_CCMP > [ 375.160246] rt2x00crypto_tx_overhead=8 > [ 375.160254] rt2500usb_write_tx_desc: key_idx=0 > [ 375.240078] rt2500usb_write_tx_desc: key_idx=0 > [ 381.163494] rt2x00crypto_key_to_cipher: ALG_CCMP > [ 381.163507] rt2x00crypto_tx_overhead=8 > [ 381.163515] rt2500usb_write_tx_desc: key_idx=0 > [ 381.244066] rt2500usb_write_tx_desc: key_idx=0 > [ 388.165180] rt2x00crypto_key_to_cipher: ALG_CCMP > [ 388.165194] rt2x00crypto_tx_overhead=8 > [ 388.165201] rt2500usb_write_tx_desc: key_idx=0 > [ 388.244069] rt2500usb_write_tx_desc: key_idx=0 > [ 399.169468] rt2x00crypto_key_to_cipher: ALG_CCMP > [ 399.169481] rt2x00crypto_tx_overhead=8 > [ 399.169489] rt2500usb_write_tx_desc: key_idx=0 > [ 399.248067] rt2500usb_write_tx_desc: key_idx=0 > [ 404.080428] rt2500usb_write_tx_desc: key_idx=0 > [ 404.180066] rt2500usb_write_tx_desc: key_idx=0 > [ 410.168836] rt2x00crypto_key_to_cipher: ALG_CCMP > [ 410.168850] rt2x00crypto_tx_overhead=8 > [ 410.168858] rt2500usb_write_tx_desc: key_idx=0 > [ 410.248068] rt2500usb_write_tx_desc: key_idx=0 > [ 414.374545] rt2500usb_write_tx_desc: key_idx=0 > [ 414.472061] rt2500usb_write_tx_desc: key_idx=0 > [ 422.169686] rt2x00crypto_key_to_cipher: ALG_CCMP > [ 422.169699] rt2x00crypto_tx_overhead=8 > [ 422.169706] rt2500usb_write_tx_desc: key_idx=0 > [ 422.252069] rt2500usb_write_tx_desc: key_idx=0 > > Seems that it's trying to use CCMP, which is good. I wonder if the keys are > properly handled in rt2500usb_config_key. They seem to be uploaded to the HW > correctly (one at index 0, one at 1) - but can't tell without any HW docs. > > I did some framedumps before but don't know what to do with them (what to > look for): > http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-bad.txt > http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-good.txt > > Anything else I can try? > Hi Ondrej, Did you also test what happens if you configure the AP to be TKIP+AES and force wpa-supplicant to use AES pairwise key? If my analysis below is correct then that may work as well. If my reading of the rt2570 data sheet is correct, then the rt2570 will only support one encryption mechanism at the time. That means that it is not possible to upload 1 TKIP key and 1 AES key at the same time to the hardware. All the configured keys have to be of the same encryption algorithm. Presumably this is why the HW encryption engine fails, as the keys are set with mixed settings. Based on that, I don't think that rt2500usb can support this TKIP+AES setting on wpa-supplicant. --- Gertjan. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: rt2500usb: WPA2 TKIP+AES does not work with HW encryption 2010-06-22 19:35 ` Gertjan van Wingerde @ 2010-06-22 21:46 ` Ondrej Zary 2010-06-23 10:57 ` [PATCH] rt2500usb: fallback to SW encryption for TKIP+AES Ondrej Zary 0 siblings, 1 reply; 5+ messages in thread From: Ondrej Zary @ 2010-06-22 21:46 UTC (permalink / raw) To: Gertjan van Wingerde; +Cc: Ivo Van Doorn, rt2x00 Users List, linux-wireless On Tuesday 22 June 2010 21:35:18 Gertjan van Wingerde wrote: > On 06/22/10 12:38, Ondrej Zary wrote: > > Hello, > > I'm (again) trying to solve (debug) a weird problem with Asus WL-167G: > > 0b05:1706 ASUSTek Computer, Inc. WL-167G v1 802.11g Adapter [Ralink > > RT2500USB] > > > > The problem only appears when HW encryption is enabled and connecting to > > an AP configured as WPA2 TKIP+AES. > > > > HW encryption works when the AP is configured as TKIP-only or AES-only. > > It also works when AP is configured as TKIP+AES but wpa_supplicant is > > forced to use TKIP as pairwise cipher (pairwise=TKIP) > > > > SW encryption works always. > > > > The problem is that no packets are transmitted. I can't see DHCP > > broadcasts on other machine using tcpdump. But when I run tcpdump on the > > rt2500usb, I see broadcasts from the other machine, so receive seems to > > work fine. > > > > Added some printk()s to the driver, 6 packets from unsuccessful DHCP: > > [ 371.760073] rt2500usb_write_tx_desc: key_idx=0 > > [ 371.852062] rt2500usb_write_tx_desc: key_idx=0 > > [ 371.944054] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.036068] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.128056] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.220053] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.312053] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.404055] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.496101] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.588077] rt2500usb_write_tx_desc: key_idx=0 > > [ 372.688073] rt2500usb_write_tx_desc: key_idx=0 > > [ 373.272513] wlan1: authenticate with 00:13:d4:0f:f3:19 (try 1) > > [ 373.272552] rt2500usb_write_tx_desc: key_idx=0 > > [ 373.274533] wlan1: authenticated > > [ 373.274564] wlan1: associate with 00:13:d4:0f:f3:19 (try 1) > > [ 373.274581] rt2500usb_write_tx_desc: key_idx=0 > > [ 373.277696] wlan1: RX AssocResp from 00:13:d4:0f:f3:19 (capab=0x411 > > status=0 aid=1) [ 373.277704] wlan1: associated > > [ 373.308247] rt2500usb_write_tx_desc: key_idx=0 > > [ 373.308392] rt2500usb_write_tx_desc: key_idx=0 > > [ 373.315999] rt2500usb_write_tx_desc: key_idx=0 > > [ 373.340306] rt2x00crypto_key_to_cipher: ALG_CCMP > > [ 373.340318] rt2500usb_config_key key->hw_key_idx=0 SET_KEY hw_key_idx > > = 0 OK [ 373.344521] rt2x00crypto_key_to_cipher: ALG_TKIP > > [ 373.344527] rt2500usb_config_key key->hw_key_idx=0 SET_KEY hw_key_idx > > = 1 OK [ 373.412083] rt2500usb_write_tx_desc: key_idx=0 > > [ 375.160233] rt2x00crypto_key_to_cipher: ALG_CCMP > > [ 375.160246] rt2x00crypto_tx_overhead=8 > > [ 375.160254] rt2500usb_write_tx_desc: key_idx=0 > > [ 375.240078] rt2500usb_write_tx_desc: key_idx=0 > > [ 381.163494] rt2x00crypto_key_to_cipher: ALG_CCMP > > [ 381.163507] rt2x00crypto_tx_overhead=8 > > [ 381.163515] rt2500usb_write_tx_desc: key_idx=0 > > [ 381.244066] rt2500usb_write_tx_desc: key_idx=0 > > [ 388.165180] rt2x00crypto_key_to_cipher: ALG_CCMP > > [ 388.165194] rt2x00crypto_tx_overhead=8 > > [ 388.165201] rt2500usb_write_tx_desc: key_idx=0 > > [ 388.244069] rt2500usb_write_tx_desc: key_idx=0 > > [ 399.169468] rt2x00crypto_key_to_cipher: ALG_CCMP > > [ 399.169481] rt2x00crypto_tx_overhead=8 > > [ 399.169489] rt2500usb_write_tx_desc: key_idx=0 > > [ 399.248067] rt2500usb_write_tx_desc: key_idx=0 > > [ 404.080428] rt2500usb_write_tx_desc: key_idx=0 > > [ 404.180066] rt2500usb_write_tx_desc: key_idx=0 > > [ 410.168836] rt2x00crypto_key_to_cipher: ALG_CCMP > > [ 410.168850] rt2x00crypto_tx_overhead=8 > > [ 410.168858] rt2500usb_write_tx_desc: key_idx=0 > > [ 410.248068] rt2500usb_write_tx_desc: key_idx=0 > > [ 414.374545] rt2500usb_write_tx_desc: key_idx=0 > > [ 414.472061] rt2500usb_write_tx_desc: key_idx=0 > > [ 422.169686] rt2x00crypto_key_to_cipher: ALG_CCMP > > [ 422.169699] rt2x00crypto_tx_overhead=8 > > [ 422.169706] rt2500usb_write_tx_desc: key_idx=0 > > [ 422.252069] rt2500usb_write_tx_desc: key_idx=0 > > > > Seems that it's trying to use CCMP, which is good. I wonder if the keys > > are properly handled in rt2500usb_config_key. They seem to be uploaded to > > the HW correctly (one at index 0, one at 1) - but can't tell without any > > HW docs. > > > > I did some framedumps before but don't know what to do with them (what to > > look for): > > http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-bad.txt > > http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-good.txt > > > > Anything else I can try? > > Hi Ondrej, > > Did you also test what happens if you configure the AP to be TKIP+AES and > force wpa-supplicant to use AES pairwise key? > If my analysis below is correct then that may work as well. That does not work - it's probably the same case as default options (TKIP group key + AES pairwise key). > If my reading of the rt2570 data sheet is correct, then the rt2570 will > only support one encryption mechanism at the time. That means that it is > not possible to upload 1 TKIP key and 1 AES key at the same time to the > hardware. All the configured keys have to be of the same encryption > algorithm. > Presumably this is why the HW encryption engine fails, as the keys are set > with mixed settings. > Based on that, I don't think that rt2500usb can support this TKIP+AES > setting on wpa-supplicant. If this is true, then the driver should fall back to SW encryption in this case. -- Ondrej Zary ^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH] rt2500usb: fallback to SW encryption for TKIP+AES 2010-06-22 21:46 ` Ondrej Zary @ 2010-06-23 10:57 ` Ondrej Zary 2010-06-24 6:15 ` Gertjan van Wingerde 0 siblings, 1 reply; 5+ messages in thread From: Ondrej Zary @ 2010-06-23 10:57 UTC (permalink / raw) To: Gertjan van Wingerde; +Cc: Ivo Van Doorn, rt2x00 Users List, linux-wireless On Tuesday 22 June 2010, Ondrej Zary wrote: > On Tuesday 22 June 2010 21:35:18 Gertjan van Wingerde wrote: > > On 06/22/10 12:38, Ondrej Zary wrote: > > > Hello, > > > I'm (again) trying to solve (debug) a weird problem with Asus WL-167G: > > > 0b05:1706 ASUSTek Computer, Inc. WL-167G v1 802.11g Adapter [Ralink > > > RT2500USB] > > > > > > The problem only appears when HW encryption is enabled and connecting > > > to an AP configured as WPA2 TKIP+AES. > > > > > > HW encryption works when the AP is configured as TKIP-only or AES-only. > > > It also works when AP is configured as TKIP+AES but wpa_supplicant is > > > forced to use TKIP as pairwise cipher (pairwise=TKIP) > > > > > > SW encryption works always. > > > > > > The problem is that no packets are transmitted. I can't see DHCP > > > broadcasts on other machine using tcpdump. But when I run tcpdump on > > > the rt2500usb, I see broadcasts from the other machine, so receive > > > seems to work fine. > > > > > > Added some printk()s to the driver, 6 packets from unsuccessful DHCP: > > > [ 371.760073] rt2500usb_write_tx_desc: key_idx=0 > > > [ 371.852062] rt2500usb_write_tx_desc: key_idx=0 > > > [ 371.944054] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.036068] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.128056] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.220053] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.312053] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.404055] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.496101] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.588077] rt2500usb_write_tx_desc: key_idx=0 > > > [ 372.688073] rt2500usb_write_tx_desc: key_idx=0 > > > [ 373.272513] wlan1: authenticate with 00:13:d4:0f:f3:19 (try 1) > > > [ 373.272552] rt2500usb_write_tx_desc: key_idx=0 > > > [ 373.274533] wlan1: authenticated > > > [ 373.274564] wlan1: associate with 00:13:d4:0f:f3:19 (try 1) > > > [ 373.274581] rt2500usb_write_tx_desc: key_idx=0 > > > [ 373.277696] wlan1: RX AssocResp from 00:13:d4:0f:f3:19 (capab=0x411 > > > status=0 aid=1) [ 373.277704] wlan1: associated > > > [ 373.308247] rt2500usb_write_tx_desc: key_idx=0 > > > [ 373.308392] rt2500usb_write_tx_desc: key_idx=0 > > > [ 373.315999] rt2500usb_write_tx_desc: key_idx=0 > > > [ 373.340306] rt2x00crypto_key_to_cipher: ALG_CCMP > > > [ 373.340318] rt2500usb_config_key key->hw_key_idx=0 SET_KEY > > > hw_key_idx = 0 OK [ 373.344521] rt2x00crypto_key_to_cipher: ALG_TKIP > > > [ 373.344527] rt2500usb_config_key key->hw_key_idx=0 SET_KEY > > > hw_key_idx = 1 OK [ 373.412083] rt2500usb_write_tx_desc: key_idx=0 > > > [ 375.160233] rt2x00crypto_key_to_cipher: ALG_CCMP > > > [ 375.160246] rt2x00crypto_tx_overhead=8 > > > [ 375.160254] rt2500usb_write_tx_desc: key_idx=0 > > > [ 375.240078] rt2500usb_write_tx_desc: key_idx=0 > > > [ 381.163494] rt2x00crypto_key_to_cipher: ALG_CCMP > > > [ 381.163507] rt2x00crypto_tx_overhead=8 > > > [ 381.163515] rt2500usb_write_tx_desc: key_idx=0 > > > [ 381.244066] rt2500usb_write_tx_desc: key_idx=0 > > > [ 388.165180] rt2x00crypto_key_to_cipher: ALG_CCMP > > > [ 388.165194] rt2x00crypto_tx_overhead=8 > > > [ 388.165201] rt2500usb_write_tx_desc: key_idx=0 > > > [ 388.244069] rt2500usb_write_tx_desc: key_idx=0 > > > [ 399.169468] rt2x00crypto_key_to_cipher: ALG_CCMP > > > [ 399.169481] rt2x00crypto_tx_overhead=8 > > > [ 399.169489] rt2500usb_write_tx_desc: key_idx=0 > > > [ 399.248067] rt2500usb_write_tx_desc: key_idx=0 > > > [ 404.080428] rt2500usb_write_tx_desc: key_idx=0 > > > [ 404.180066] rt2500usb_write_tx_desc: key_idx=0 > > > [ 410.168836] rt2x00crypto_key_to_cipher: ALG_CCMP > > > [ 410.168850] rt2x00crypto_tx_overhead=8 > > > [ 410.168858] rt2500usb_write_tx_desc: key_idx=0 > > > [ 410.248068] rt2500usb_write_tx_desc: key_idx=0 > > > [ 414.374545] rt2500usb_write_tx_desc: key_idx=0 > > > [ 414.472061] rt2500usb_write_tx_desc: key_idx=0 > > > [ 422.169686] rt2x00crypto_key_to_cipher: ALG_CCMP > > > [ 422.169699] rt2x00crypto_tx_overhead=8 > > > [ 422.169706] rt2500usb_write_tx_desc: key_idx=0 > > > [ 422.252069] rt2500usb_write_tx_desc: key_idx=0 > > > > > > Seems that it's trying to use CCMP, which is good. I wonder if the keys > > > are properly handled in rt2500usb_config_key. They seem to be uploaded > > > to the HW correctly (one at index 0, one at 1) - but can't tell without > > > any HW docs. > > > > > > I did some framedumps before but don't know what to do with them (what > > > to look for): > > > http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-bad.txt > > > http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-good.tx > > >t > > > > > > Anything else I can try? > > > > Hi Ondrej, > > > > Did you also test what happens if you configure the AP to be TKIP+AES and > > force wpa-supplicant to use AES pairwise key? > > If my analysis below is correct then that may work as well. > > That does not work - it's probably the same case as default options (TKIP > group key + AES pairwise key). > > > If my reading of the rt2570 data sheet is correct, then the rt2570 will > > only support one encryption mechanism at the time. That means that it is > > not possible to upload 1 TKIP key and 1 AES key at the same time to the > > hardware. All the configured keys have to be of the same encryption > > algorithm. > > Presumably this is why the HW encryption engine fails, as the keys are > > set with mixed settings. > > Based on that, I don't think that rt2500usb can support this TKIP+AES > > setting on wpa-supplicant. > > If this is true, then the driver should fall back to SW encryption in this > case. HW crypto in rt2500usb does not seem to support keys with different ciphers, which breaks TKIP+AES mode. Fall back to software encryption to fix it. This should fix long-standing problems with rt2500usb and WPA, such as: http://rt2x00.serialmonkey.com/phpBB/viewtopic.php?f=4&t=4834 https://bugzilla.redhat.com/show_bug.cgi?id=484888 Also tested that it does not break WEP, TKIP-only and AES-only modes. Signed-off-by: Ondrej Zary <linux@rainbow-software.org> diff -urp linux-2.6.35-rc3-orig/drivers/net/wireless/rt2x00/rt2500usb.c linux-2.6.35-rc3/drivers/net/wireless/rt2x00/rt2500usb.c --- linux-2.6.35-rc3-orig/drivers/net/wireless/rt2x00/rt2500usb.c 2010-06-12 04:14:04.000000000 +0200 +++ linux-2.6.35-rc3/drivers/net/wireless/rt2x00/rt2500usb.c 2010-06-23 12:18:43.000000000 +0200 @@ -348,6 +348,7 @@ static int rt2500usb_config_key(struct r int timeout; u32 mask; u16 reg; + enum cipher curr_cipher; if (crypto->cmd == SET_KEY) { /* @@ -358,6 +359,7 @@ static int rt2500usb_config_key(struct r mask = TXRX_CSR0_KEY_ID.bit_mask; rt2500usb_register_read(rt2x00dev, TXRX_CSR0, ®); + curr_cipher = rt2x00_get_field16(reg, TXRX_CSR0_ALGORITHM); reg &= mask; if (reg && reg == mask) @@ -366,6 +368,14 @@ static int rt2500usb_config_key(struct r reg = rt2x00_get_field16(reg, TXRX_CSR0_KEY_ID); key->hw_key_idx += reg ? ffz(reg) : 0; + /* + * Hardware requires that all keys use the same cipher + * (e.g. TKIP-only, AES-only, but not TKIP+AES). + * If this is not the first key, compare the cipher with the + * first one and fall back to SW crypto if not the same. + */ + if (key->hw_key_idx > 0 && crypto->cipher != curr_cipher) + return -EOPNOTSUPP; /* * The encryption key doesn't fit within the CSR cache, -- Ondrej Zary ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] rt2500usb: fallback to SW encryption for TKIP+AES 2010-06-23 10:57 ` [PATCH] rt2500usb: fallback to SW encryption for TKIP+AES Ondrej Zary @ 2010-06-24 6:15 ` Gertjan van Wingerde 0 siblings, 0 replies; 5+ messages in thread From: Gertjan van Wingerde @ 2010-06-24 6:15 UTC (permalink / raw) To: Ondrej Zary; +Cc: Ivo Van Doorn, rt2x00 Users List, linux-wireless On 06/23/10 12:57, Ondrej Zary wrote: > On Tuesday 22 June 2010, Ondrej Zary wrote: >> On Tuesday 22 June 2010 21:35:18 Gertjan van Wingerde wrote: >>> On 06/22/10 12:38, Ondrej Zary wrote: >>>> Hello, >>>> I'm (again) trying to solve (debug) a weird problem with Asus WL-167G: >>>> 0b05:1706 ASUSTek Computer, Inc. WL-167G v1 802.11g Adapter [Ralink >>>> RT2500USB] >>>> >>>> The problem only appears when HW encryption is enabled and connecting >>>> to an AP configured as WPA2 TKIP+AES. >>>> >>>> HW encryption works when the AP is configured as TKIP-only or AES-only. >>>> It also works when AP is configured as TKIP+AES but wpa_supplicant is >>>> forced to use TKIP as pairwise cipher (pairwise=TKIP) >>>> >>>> SW encryption works always. >>>> >>>> The problem is that no packets are transmitted. I can't see DHCP >>>> broadcasts on other machine using tcpdump. But when I run tcpdump on >>>> the rt2500usb, I see broadcasts from the other machine, so receive >>>> seems to work fine. >>>> >>>> Added some printk()s to the driver, 6 packets from unsuccessful DHCP: >>>> [ 371.760073] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 371.852062] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 371.944054] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.036068] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.128056] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.220053] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.312053] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.404055] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.496101] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.588077] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 372.688073] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 373.272513] wlan1: authenticate with 00:13:d4:0f:f3:19 (try 1) >>>> [ 373.272552] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 373.274533] wlan1: authenticated >>>> [ 373.274564] wlan1: associate with 00:13:d4:0f:f3:19 (try 1) >>>> [ 373.274581] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 373.277696] wlan1: RX AssocResp from 00:13:d4:0f:f3:19 (capab=0x411 >>>> status=0 aid=1) [ 373.277704] wlan1: associated >>>> [ 373.308247] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 373.308392] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 373.315999] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 373.340306] rt2x00crypto_key_to_cipher: ALG_CCMP >>>> [ 373.340318] rt2500usb_config_key key->hw_key_idx=0 SET_KEY >>>> hw_key_idx = 0 OK [ 373.344521] rt2x00crypto_key_to_cipher: ALG_TKIP >>>> [ 373.344527] rt2500usb_config_key key->hw_key_idx=0 SET_KEY >>>> hw_key_idx = 1 OK [ 373.412083] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 375.160233] rt2x00crypto_key_to_cipher: ALG_CCMP >>>> [ 375.160246] rt2x00crypto_tx_overhead=8 >>>> [ 375.160254] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 375.240078] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 381.163494] rt2x00crypto_key_to_cipher: ALG_CCMP >>>> [ 381.163507] rt2x00crypto_tx_overhead=8 >>>> [ 381.163515] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 381.244066] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 388.165180] rt2x00crypto_key_to_cipher: ALG_CCMP >>>> [ 388.165194] rt2x00crypto_tx_overhead=8 >>>> [ 388.165201] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 388.244069] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 399.169468] rt2x00crypto_key_to_cipher: ALG_CCMP >>>> [ 399.169481] rt2x00crypto_tx_overhead=8 >>>> [ 399.169489] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 399.248067] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 404.080428] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 404.180066] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 410.168836] rt2x00crypto_key_to_cipher: ALG_CCMP >>>> [ 410.168850] rt2x00crypto_tx_overhead=8 >>>> [ 410.168858] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 410.248068] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 414.374545] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 414.472061] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 422.169686] rt2x00crypto_key_to_cipher: ALG_CCMP >>>> [ 422.169699] rt2x00crypto_tx_overhead=8 >>>> [ 422.169706] rt2500usb_write_tx_desc: key_idx=0 >>>> [ 422.252069] rt2500usb_write_tx_desc: key_idx=0 >>>> >>>> Seems that it's trying to use CCMP, which is good. I wonder if the keys >>>> are properly handled in rt2500usb_config_key. They seem to be uploaded >>>> to the HW correctly (one at index 0, one at 1) - but can't tell without >>>> any HW docs. >>>> >>>> I did some framedumps before but don't know what to do with them (what >>>> to look for): >>>> http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-bad.txt >>>> http://www.rainbow-software.org/linux_files/rt2500usb/dump-wpa2-good.tx >>>> t >>>> >>>> Anything else I can try? >>> >>> Hi Ondrej, >>> >>> Did you also test what happens if you configure the AP to be TKIP+AES and >>> force wpa-supplicant to use AES pairwise key? >>> If my analysis below is correct then that may work as well. >> >> That does not work - it's probably the same case as default options (TKIP >> group key + AES pairwise key). >> >>> If my reading of the rt2570 data sheet is correct, then the rt2570 will >>> only support one encryption mechanism at the time. That means that it is >>> not possible to upload 1 TKIP key and 1 AES key at the same time to the >>> hardware. All the configured keys have to be of the same encryption >>> algorithm. >>> Presumably this is why the HW encryption engine fails, as the keys are >>> set with mixed settings. >>> Based on that, I don't think that rt2500usb can support this TKIP+AES >>> setting on wpa-supplicant. >> >> If this is true, then the driver should fall back to SW encryption in this >> case. > > HW crypto in rt2500usb does not seem to support keys with different ciphers, > which breaks TKIP+AES mode. Fall back to software encryption to fix it. > > This should fix long-standing problems with rt2500usb and WPA, such as: > http://rt2x00.serialmonkey.com/phpBB/viewtopic.php?f=4&t=4834 > https://bugzilla.redhat.com/show_bug.cgi?id=484888 > > Also tested that it does not break WEP, TKIP-only and AES-only modes. > > Signed-off-by: Ondrej Zary <linux@rainbow-software.org> Yes, this seems to be the right thing to do. Acked-by: Gertjan van Wingerde <gwingerde@gmail.com> > > diff -urp linux-2.6.35-rc3-orig/drivers/net/wireless/rt2x00/rt2500usb.c linux-2.6.35-rc3/drivers/net/wireless/rt2x00/rt2500usb.c > --- linux-2.6.35-rc3-orig/drivers/net/wireless/rt2x00/rt2500usb.c 2010-06-12 04:14:04.000000000 +0200 > +++ linux-2.6.35-rc3/drivers/net/wireless/rt2x00/rt2500usb.c 2010-06-23 12:18:43.000000000 +0200 > @@ -348,6 +348,7 @@ static int rt2500usb_config_key(struct r > int timeout; > u32 mask; > u16 reg; > + enum cipher curr_cipher; > > if (crypto->cmd == SET_KEY) { > /* > @@ -358,6 +359,7 @@ static int rt2500usb_config_key(struct r > mask = TXRX_CSR0_KEY_ID.bit_mask; > > rt2500usb_register_read(rt2x00dev, TXRX_CSR0, ®); > + curr_cipher = rt2x00_get_field16(reg, TXRX_CSR0_ALGORITHM); > reg &= mask; > > if (reg && reg == mask) > @@ -366,6 +368,14 @@ static int rt2500usb_config_key(struct r > reg = rt2x00_get_field16(reg, TXRX_CSR0_KEY_ID); > > key->hw_key_idx += reg ? ffz(reg) : 0; > + /* > + * Hardware requires that all keys use the same cipher > + * (e.g. TKIP-only, AES-only, but not TKIP+AES). > + * If this is not the first key, compare the cipher with the > + * first one and fall back to SW crypto if not the same. > + */ > + if (key->hw_key_idx > 0 && crypto->cipher != curr_cipher) > + return -EOPNOTSUPP; > > /* > * The encryption key doesn't fit within the CSR cache, > > ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2010-06-24 6:15 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2010-06-22 10:38 rt2500usb: WPA2 TKIP+AES does not work with HW encryption Ondrej Zary 2010-06-22 19:35 ` Gertjan van Wingerde 2010-06-22 21:46 ` Ondrej Zary 2010-06-23 10:57 ` [PATCH] rt2500usb: fallback to SW encryption for TKIP+AES Ondrej Zary 2010-06-24 6:15 ` Gertjan van Wingerde
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).