[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZYK/C3LzK8LMOjER@home.paul.comp>
Date: Wed, 20 Dec 2023 13:16:43 +0300
From: Paul Fertser <fercerpav@...il.com>
To: Hector Martin <marcan@...can.st>
Cc: Arend van Spriel <aspriel@...il.com>, Franky Lin <franky.lin@...adcom.com>,
Hante Meuleman <hante.meuleman@...adcom.com>,
Kalle Valo <kvalo@...nel.org>, Daniel Berlin <dberlin@...rlin.org>,
linux-wireless@...r.kernel.org, brcm80211-dev-list.pdl@...adcom.com,
SHA-cyfmac-dev-list@...ineon.com, linux-kernel@...r.kernel.org,
asahi@...ts.linux.dev
Subject: Re: [PATCH] wifi: brcmfmac: cfg80211: Use WSEC to set SAE password
Hey Hector,
On Tue, Nov 07, 2023 at 03:05:31PM +0900, Hector Martin wrote:
> Using the WSEC command instead of sae_password seems to be the supported
> mechanism on newer firmware, and also how the brcmdhd driver does it.
>
> According to user reports [1], the sae_password codepath doesn't actually
> work on machines with Cypress chips anyway, so no harm in removing it.
I'm sorry to disappoint you but I've just tested this patch on a
"Pinebook Pro" which has AP6255 module and it broke WPA3 Personal.
No error messages are emitted to the kernel log, just iwctl saying it
can't establish connection.
This is using "Cypress" firmware from the Linux firmware tree [0]
renamed to "brcmfmac43455-sdio.bin" which has the following features
(extracted from last two lines):
43455c0-roml/43455_sdio-pno-aoe-pktfilter-pktctx-wfds-mfp-dfsradar-wowlpf-idsup-idauth-noclminc-clm_min-obss-obssdump-swdiv-gtkoe-roamprof-txbf-ve-sae-dpp-sr-okc-bpd Version: 7.45.234 (4ca95bb CY) CRC: 212e223d Date: Thu 2021-04-15 03:06:00 PDT Ucode Ver: 1043.2161 FWID 01-996384e2
DVID 01-1fda2915
This module is used on many SBCs, including some RaspberryPi
boards. The reason RaspberryPi owners complain about lack of WPA3
Personal support is that most of them are using obscure downstream
distros which ship brcmfmac firmware from somewhere else rather than
the Linux firmware tree, so they lack the "sae" feature. Another is
that it only works with iwd while default is wpa_supplicant.
So far all known reports of those who tried the right firmware on
RaspberryPi boards confirm WPA3 Personal was working with iwd [1].
I'll be happy to do more testing if needed. Thank you very much for
your hard and insightful work!
[0] https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/plain/cypress/cyfmac43455-sdio.bin
[1] https://github.com/raspberrypi/linux/issues/4718#issuecomment-1279951709
--
Be free, use free (http://www.gnu.org/philosophy/free-sw.html) software!
mailto:fercerpav@...il.com
Powered by blists - more mailing lists