lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZmmcvUM9mjBSf7-6@pengutronix.de>
Date: Wed, 12 Jun 2024 15:03:57 +0200
From: "s.hauer@...gutronix.de" <s.hauer@...gutronix.de>
To: Marcel Ziswiler <marcel.ziswiler@...adex.com>
Cc: "kvalo@...nel.org" <kvalo@...nel.org>,
	"linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>,
	"francesco@...cini.it" <francesco@...cini.it>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"briannorris@...omium.org" <briannorris@...omium.org>,
	"yu-hao.lin@....com" <yu-hao.lin@....com>
Subject: Re: [PATCH] wifi: mwifiex: increase max_num_akm_suites

On Tue, Jun 11, 2024 at 01:12:26PM +0000, Marcel Ziswiler wrote:
> Hi Sascha
> 
> On Mon, 2024-06-10 at 09:27 +0200, Sascha Hauer wrote:
> > On Thu, Jun 06, 2024 at 12:25:48PM +0000, Kalle Valo wrote:
> > > Sascha Hauer <s.hauer@...gutronix.de> wrote:
> > > 
> > > > The maximum number of AKM suites will be set to two if not specified by
> > > > the driver. Set it to CFG80211_MAX_NUM_AKM_SUITES to let userspace
> > > > specify up to ten AKM suites in the akm_suites array.
> > > > 
> > > > Without only the first two AKM suites will be used, further ones are
> > > > ignored.
> > > > 
> > > > Signed-off-by: Sascha Hauer <s.hauer@...gutronix.de>
> > > 
> > > I assume you that you have also tested this on a real device, right?
> > 
> > Sure. It was tested with a MAYA-W161-00B module from u-blox with a IW416
> > chipset.
> > 
> > BTW I haven't mentioned this, but It fixes the same problem as mentioned here:
> > 
> > https://lore.kernel.org/linux-kernel/20240523081428.2852276-1-s.hauer@pengutronix.de/T/
> 
> As we are also using the IW416 albeit from the MAYA-W160-00B module on our Verdin AM62, we were wondering about
> the exact use case this patch helps solving. Could you reveal some more details around this? Thanks!

You'll need this patch once wpa_supplicant specifies more than two akm
suites in the key_mgmt (in AP mode).

With the current mainline driver using NetworkManager to setup a hotspot
with:

nmcli device wifi hotspot con-name leica ssid mywifi band bg password hallo123

NetworkManager ends up setting the key_mgmt option to 'WPA-PSK WPA-PSK-SHA256'.
These are two entries and this works fine.

However, when the patches adding host mlme support are applied (see
https://lore.kernel.org/lkml/Zk6TklTIbxZxIWyb@google.com/T/),
NetworkManager will set key_mgmt to 'WPA-PSK WPA-PSK-SHA256 SAE'. These
are three entries and thus exceed the current array size of two. The
effect is that SAE is ignored by the driver and SAE is not enabled in
the device.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ