diff mbox series

netdev: destroy auth-proto after external auth

Message ID 20241219181701.164349-1-prestwoj@gmail.com (mailing list archive)
State Accepted, archived
Headers show
Series netdev: destroy auth-proto after external auth | expand

Checks

Context Check Description
tedd_an/pre-ci_am success Success
prestwoj/iwd-alpine-ci-fetch success Fetch PR
prestwoj/iwd-ci-gitlint success GitLint
prestwoj/iwd-ci-fetch success Fetch PR
prestwoj/iwd-alpine-ci-setupell success Prep - Setup ELL
prestwoj/iwd-ci-setupell success Prep - Setup ELL
prestwoj/iwd-ci-incremental_build success Incremental build not run PASS
prestwoj/iwd-alpine-ci-makedistcheck success Make Distcheck
prestwoj/iwd-alpine-ci-incremental_build success Incremental build not run PASS
prestwoj/iwd-ci-build success Build - Configure
prestwoj/iwd-alpine-ci-build success Build - Configure
prestwoj/iwd-ci-clang success clang PASS
prestwoj/iwd-ci-makecheckvalgrind success Make Check w/Valgrind
prestwoj/iwd-ci-makecheck success Make Check
prestwoj/iwd-alpine-ci-makecheckvalgrind success Make Check w/Valgrind
prestwoj/iwd-alpine-ci-makecheck success Make Check
prestwoj/iwd-ci-makedistcheck success Make Distcheck
prestwoj/iwd-ci-testrunner success test-runner PASS

Commit Message

James Prestwood Dec. 19, 2024, 6:17 p.m. UTC 
With external auth there is no associate event meaning the auth proto
never gets freed, which prevents eapol from starting inside the
OCI callback. Check for this specific case and free the auth proto
after signaling that external auth has completed.
---
 src/netdev.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

James Prestwood Dec. 19, 2024, 6:18 p.m. UTC | #1 
Hi Keith,

On 12/19/24 10:17 AM, James Prestwood wrote:
> With external auth there is no associate event meaning the auth proto
> never gets freed, which prevents eapol from starting inside the
> OCI callback. Check for this specific case and free the auth proto
> after signaling that external auth has completed.
> ---
>   src/netdev.c | 7 +++++++
>   1 file changed, 7 insertions(+)
>
> diff --git a/src/netdev.c b/src/netdev.c
> index 02496c92..2a6d94fc 100644
> --- a/src/netdev.c
> +++ b/src/netdev.c
> @@ -3483,6 +3483,13 @@ static void netdev_external_auth_sae_tx_associate(void *user_data)
>   
>   	netdev_send_external_auth(netdev, MMPDU_STATUS_CODE_SUCCESS);
>   	netdev_ensure_eapol_registered(netdev);
> +
> +	/*
> +	 * Free the auth proto now. With external auth there is no associate
> +	 * event which is where this normally gets cleaned up.
> +	 */
> +	auth_proto_free(netdev->ap);
> +	netdev->ap = NULL;
>   }
>   
>   struct rtnl_data {

Could you give this version of the patch a try to verify it still works 
on brcmfmac? This is just a bit simpler and more straight forward.

Thanks,

James
KeithG Dec. 20, 2024, 3:57 a.m. UTC | #2 
On Thu, Dec 19, 2024 at 12:18 PM James Prestwood <prestwoj@gmail.com> wrote:
>
> Hi Keith,
>
> On 12/19/24 10:17 AM, James Prestwood wrote:
> > With external auth there is no associate event meaning the auth proto
> > never gets freed, which prevents eapol from starting inside the
> > OCI callback. Check for this specific case and free the auth proto
> > after signaling that external auth has completed.
> > ---
> >   src/netdev.c | 7 +++++++
> >   1 file changed, 7 insertions(+)
> >
> > diff --git a/src/netdev.c b/src/netdev.c
> > index 02496c92..2a6d94fc 100644
> > --- a/src/netdev.c
> > +++ b/src/netdev.c
> > @@ -3483,6 +3483,13 @@ static void netdev_external_auth_sae_tx_associate(void *user_data)
> >
> >       netdev_send_external_auth(netdev, MMPDU_STATUS_CODE_SUCCESS);
> >       netdev_ensure_eapol_registered(netdev);
> > +
> > +     /*
> > +      * Free the auth proto now. With external auth there is no associate
> > +      * event which is where this normally gets cleaned up.
> > +      */
> > +     auth_proto_free(netdev->ap);
> > +     netdev->ap = NULL;
> >   }
> >
> >   struct rtnl_data {
>
> Could you give this version of the patch a try to verify it still works
> on brcmfmac? This is just a bit simpler and more straight forward.
>
> Thanks,
>
> James
>
James,

This patch seems to work just like the previous one. I am able to get
a connection, collect a DHCP address and then ping the AP from the
RPi.

I use connman/iwd

Dec 19 21:49:45 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd022 fail, reason -52
Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd026 fail, reason -52
Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd02a fail, reason -52
Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd02e fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd034 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd038 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd03c fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd040 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd064 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd068 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd06c fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd070 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd074 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd078 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd07c fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd080 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd084 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd088 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd08c fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd090 fail, reason -52
Dec 19 21:49:48 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune connmand[454]: Adding configuration wifi_6465736b534145
Dec 19 21:49:49 jackrune connmand[454]: Adding service configuration
6465736b534145
Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
is association
Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 2 ipconfig method 1
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, ssid: deskSAE,
bss: d8:3a:dd:60:a3:0c, signal: -58, load: 0/255
Dec 19 21:49:49 jackrune iwd[346]: event: state, old:
autoconnect_full, new: connecting
Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
is configuration
Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 3 ipconfig method 1
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, External Auth
to SSID: deskSAE, bssid: d8:3a:dd:60:a3:0c
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {RX} 1 packets 121 bytes
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {TX} 0 packets 0 bytes
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {update} flags 69635 <UP,LOWER_UP>
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd074 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd078 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd07c fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd080 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd084 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd088 fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd08c fail, reason -52
Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
chanspec 0xd090 fail, reason -52
Dec 19 21:49:48 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune connmand[454]: Adding configuration wifi_6465736b534145
Dec 19 21:49:49 jackrune connmand[454]: Adding service configuration
6465736b534145
Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
is association
Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 2 ipconfig method 1
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, ssid: deskSAE,
bss: d8:3a:dd:60:a3:0c, signal: -58, load: 0/255
Dec 19 21:49:49 jackrune iwd[346]: event: state, old:
autoconnect_full, new: connecting
Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
is configuration
Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 3 ipconfig method 1
Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, External Auth
to SSID: deskSAE, bssid: d8:3a:dd:60:a3:0c
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {RX} 1 packets 121 bytes
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {TX} 0 packets 0 bytes
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {update} flags 69635 <UP,LOWER_UP>
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3
address B8:27:EB:A4:6E:0F mtu 1500
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3
operstate 5 <DORMANT>
Dec 19 21:49:49 jackrune systemd-networkd[163]: wlan0: Connected WiFi
access point: deskSAE (d8:3a:dd:60:a3:0c)
Dec 19 21:49:49 jackrune iwd[346]: hardware_rekey not supported
Dec 19 21:49:49 jackrune iwd[346]: event: state, old: connecting, new:
connecting (netconfig)
Dec 19 21:49:49 jackrune systemd-networkd[163]: wlan0: Gained carrier
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {RX} 3 packets 356 bytes
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {TX} 4 packets 652 bytes
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {update} flags 69699
<UP,RUNNING,LOWER_UP>
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3
address B8:27:EB:A4:6E:0F mtu 1500
Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3 operstate 6 <UP>
Dec 19 21:49:50 jackrune systemd-networkd[163]: wlan0: Gained IPv6LL
Dec 19 21:49:52 jackrune iwd[346]: event: state, old: connecting
(netconfig), new: connected
Dec 19 21:49:52 jackrune systemd-resolved[316]: wlan0: Bus client set
DNS server list to: 192.168.5.1
Dec 19 21:49:52 jackrune connmand[454]: wlan0 {add} address
192.168.5.207/24 label wlan0 family 2
Dec 19 21:49:53 jackrune kernel: sh (18913): drop_caches: 3
Dec 19 21:49:54 jackrune connmand[454]: rp_filter set to 2 (loose mode
routing), old value was 0
Dec 19 21:49:54 jackrune connmand[454]: Interface wlan0 [ wifi ] state is ready

# ping 192.168.5.1
PING 192.168.5.1 (192.168.5.1) 56(84) bytes of data.
64 bytes from 192.168.5.1: icmp_seq=1 ttl=64 time=26.7 ms
64 bytes from 192.168.5.1: icmp_seq=2 ttl=64 time=4.79 ms
64 bytes from 192.168.5.1: icmp_seq=3 ttl=64 time=4.39 ms
64 bytes from 192.168.5.1: icmp_seq=4 ttl=64 time=4.42 ms

# ifconfig wlan0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.5.207  netmask 255.255.255.0  broadcast 192.168.5.255
        ether b8:27:eb:a4:6e:0f  txqueuelen 1000  (Ethernet)
        RX packets 15  bytes 2718 (2.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 32  bytes 4668 (4.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
KeithG Dec. 20, 2024, 4:58 a.m. UTC | #3 
Just a further note, I reverted to the older firmware to give it a try:
Dec 19 22:04:36 jackrune kernel: brcmfmac: brcmf_c_preinit_dcmds:
Firmware: BCM4345/6 wl0: Aug 29 2023 01:47:08 version 7.45.265
(28bca26 CY) FWID 01-b677b91b
and now I no longer get a connection.

It appears that this works only with the latest firmware from Infineon
and only on the 3b+/4/5:
You need this firmware plus the patch to iwd and the patch to the 80211 driver:
Dec 19 22:16:58 jackrune kernel: brcmfmac: brcmf_c_preinit_dcmds:
Firmware: BCM4345/6 wl0: Oct 28 2024 23:27:00 version 7.45.286
(be70ab3 CY) FWID 01-95efe7fa

It does not appear that the wifi chip in the RPi_Zero and RPi_Zero2w
get any of this love, though:
Dec 19 22:32:44 kitchenrune kernel: brcmfmac: brcmf_c_preinit_dcmds:
Firmware: BCM43430/1 wl0: Jun 14 2023 07:27:45 version 7.45.96.s1
(gf031a129) FWID 01-70bd2af7 es7
This 43430 chip is not in the latest firmware zip from Infineon.

On Thu, Dec 19, 2024 at 9:57 PM KeithG <ys3al35l@gmail.com> wrote:
>
> On Thu, Dec 19, 2024 at 12:18 PM James Prestwood <prestwoj@gmail.com> wrote:
> >
> > Hi Keith,
> >
> > On 12/19/24 10:17 AM, James Prestwood wrote:
> > > With external auth there is no associate event meaning the auth proto
> > > never gets freed, which prevents eapol from starting inside the
> > > OCI callback. Check for this specific case and free the auth proto
> > > after signaling that external auth has completed.
> > > ---
> > >   src/netdev.c | 7 +++++++
> > >   1 file changed, 7 insertions(+)
> > >
> > > diff --git a/src/netdev.c b/src/netdev.c
> > > index 02496c92..2a6d94fc 100644
> > > --- a/src/netdev.c
> > > +++ b/src/netdev.c
> > > @@ -3483,6 +3483,13 @@ static void netdev_external_auth_sae_tx_associate(void *user_data)
> > >
> > >       netdev_send_external_auth(netdev, MMPDU_STATUS_CODE_SUCCESS);
> > >       netdev_ensure_eapol_registered(netdev);
> > > +
> > > +     /*
> > > +      * Free the auth proto now. With external auth there is no associate
> > > +      * event which is where this normally gets cleaned up.
> > > +      */
> > > +     auth_proto_free(netdev->ap);
> > > +     netdev->ap = NULL;
> > >   }
> > >
> > >   struct rtnl_data {
> >
> > Could you give this version of the patch a try to verify it still works
> > on brcmfmac? This is just a bit simpler and more straight forward.
> >
> > Thanks,
> >
> > James
> >
> James,
>
> This patch seems to work just like the previous one. I am able to get
> a connection, collect a DHCP address and then ping the AP from the
> RPi.
>
> I use connman/iwd
>
> Dec 19 21:49:45 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd022 fail, reason -52
> Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd026 fail, reason -52
> Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd02a fail, reason -52
> Dec 19 21:49:47 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd02e fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd034 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd038 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd03c fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd040 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd064 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd068 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd06c fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd070 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd074 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd078 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd07c fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd080 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd084 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd088 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd08c fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd090 fail, reason -52
> Dec 19 21:49:48 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune connmand[454]: Adding configuration wifi_6465736b534145
> Dec 19 21:49:49 jackrune connmand[454]: Adding service configuration
> 6465736b534145
> Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
> is association
> Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 2 ipconfig method 1
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, ssid: deskSAE,
> bss: d8:3a:dd:60:a3:0c, signal: -58, load: 0/255
> Dec 19 21:49:49 jackrune iwd[346]: event: state, old:
> autoconnect_full, new: connecting
> Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
> is configuration
> Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 3 ipconfig method 1
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, External Auth
> to SSID: deskSAE, bssid: d8:3a:dd:60:a3:0c
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {RX} 1 packets 121 bytes
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {TX} 0 packets 0 bytes
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {update} flags 69635 <UP,LOWER_UP>
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd074 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd078 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd07c fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd080 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd084 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd088 fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd08c fail, reason -52
> Dec 19 21:49:48 jackrune kernel: brcmfmac: brcmf_set_channel: set
> chanspec 0xd090 fail, reason -52
> Dec 19 21:49:48 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune connmand[454]: Adding configuration wifi_6465736b534145
> Dec 19 21:49:49 jackrune connmand[454]: Adding service configuration
> 6465736b534145
> Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
> is association
> Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 2 ipconfig method 1
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, FullMAC
> driver: brcmfmac using SAE.  Expect EXTERNAL_AUTH
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, ssid: deskSAE,
> bss: d8:3a:dd:60:a3:0c, signal: -58, load: 0/255
> Dec 19 21:49:49 jackrune iwd[346]: event: state, old:
> autoconnect_full, new: connecting
> Dec 19 21:49:49 jackrune connmand[454]: Interface wlan0 [ wifi ] state
> is configuration
> Dec 19 21:49:49 jackrune connmand[454]: ipconfig state 3 ipconfig method 1
> Dec 19 21:49:49 jackrune iwd[346]: event: connect-info, External Auth
> to SSID: deskSAE, bssid: d8:3a:dd:60:a3:0c
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {RX} 1 packets 121 bytes
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {TX} 0 packets 0 bytes
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {update} flags 69635 <UP,LOWER_UP>
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3
> address B8:27:EB:A4:6E:0F mtu 1500
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3
> operstate 5 <DORMANT>
> Dec 19 21:49:49 jackrune systemd-networkd[163]: wlan0: Connected WiFi
> access point: deskSAE (d8:3a:dd:60:a3:0c)
> Dec 19 21:49:49 jackrune iwd[346]: hardware_rekey not supported
> Dec 19 21:49:49 jackrune iwd[346]: event: state, old: connecting, new:
> connecting (netconfig)
> Dec 19 21:49:49 jackrune systemd-networkd[163]: wlan0: Gained carrier
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {RX} 3 packets 356 bytes
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {TX} 4 packets 652 bytes
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {update} flags 69699
> <UP,RUNNING,LOWER_UP>
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3
> address B8:27:EB:A4:6E:0F mtu 1500
> Dec 19 21:49:49 jackrune connmand[454]: wlan0 {newlink} index 3 operstate 6 <UP>
> Dec 19 21:49:50 jackrune systemd-networkd[163]: wlan0: Gained IPv6LL
> Dec 19 21:49:52 jackrune iwd[346]: event: state, old: connecting
> (netconfig), new: connected
> Dec 19 21:49:52 jackrune systemd-resolved[316]: wlan0: Bus client set
> DNS server list to: 192.168.5.1
> Dec 19 21:49:52 jackrune connmand[454]: wlan0 {add} address
> 192.168.5.207/24 label wlan0 family 2
> Dec 19 21:49:53 jackrune kernel: sh (18913): drop_caches: 3
> Dec 19 21:49:54 jackrune connmand[454]: rp_filter set to 2 (loose mode
> routing), old value was 0
> Dec 19 21:49:54 jackrune connmand[454]: Interface wlan0 [ wifi ] state is ready
>
> # ping 192.168.5.1
> PING 192.168.5.1 (192.168.5.1) 56(84) bytes of data.
> 64 bytes from 192.168.5.1: icmp_seq=1 ttl=64 time=26.7 ms
> 64 bytes from 192.168.5.1: icmp_seq=2 ttl=64 time=4.79 ms
> 64 bytes from 192.168.5.1: icmp_seq=3 ttl=64 time=4.39 ms
> 64 bytes from 192.168.5.1: icmp_seq=4 ttl=64 time=4.42 ms
>
> # ifconfig wlan0
> wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>         inet 192.168.5.207  netmask 255.255.255.0  broadcast 192.168.5.255
>         ether b8:27:eb:a4:6e:0f  txqueuelen 1000  (Ethernet)
>         RX packets 15  bytes 2718 (2.6 KiB)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 32  bytes 4668 (4.5 KiB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
Denis Kenzior Dec. 20, 2024, 5:57 a.m. UTC | #4 
Hi James,

On 12/19/24 12:17 PM, James Prestwood wrote:
> With external auth there is no associate event meaning the auth proto
> never gets freed, which prevents eapol from starting inside the
> OCI callback. Check for this specific case and free the auth proto
> after signaling that external auth has completed.
> ---
>   src/netdev.c | 7 +++++++
>   1 file changed, 7 insertions(+)
> 

Applied, thanks.

Regards,
-Denis
diff mbox series

Patch

diff --git a/src/netdev.c b/src/netdev.c
index 02496c92..2a6d94fc 100644
--- a/src/netdev.c
+++ b/src/netdev.c
@@ -3483,6 +3483,13 @@  static void netdev_external_auth_sae_tx_associate(void *user_data)
 
 	netdev_send_external_auth(netdev, MMPDU_STATUS_CODE_SUCCESS);
 	netdev_ensure_eapol_registered(netdev);
+
+	/*
+	 * Free the auth proto now. With external auth there is no associate
+	 * event which is where this normally gets cleaned up.
+	 */
+	auth_proto_free(netdev->ap);
+	netdev->ap = NULL;
 }
 
 struct rtnl_data {