kern/154237: [ath] AR9280 w/ AES-CCMP (WPA2) group key does not work

Sun, 23 Jan 2011 03:40:22 -0800 

>Number:         154237
>Category:       kern
>Synopsis:       [ath] AR9280 w/ AES-CCMP (WPA2) group key does not work
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 23 11:40:11 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Adrian Chadd
>Release:        HEAD r217687
>Organization:
>Environment:
FreeBSD i386
>Description:
Associating to my local TP-Link WN-1043ND running OpenWRT works, but no traffic 
is passed.

Turning on the keycache debugging (athdebug +keycache) shows that the group 
keys are being installed in slots 1+2 (alternating for each group rekey), with 
the unicast key in slot 4.

Associating to the AP in WPA1 mode w/ TKIP as the group key shows no issue.

One important part - the MAC of the device is 94:0c:6d:fe:4f:20; notice the 
high bit of the MAC address is set. This is apparently a sign to the keycache 
that the key is a multicast key.

Just as a side-note; Working AES-CCMP WPA/WPA2 is required for 802.11n.
>How-To-Repeat:

>Fix:
If an AES group key is not installed in the shared key space (key 0->3), the 
problem goes away.

I'm not sure whether AR_KEYTABLE_VALID in the keycache entry is supposed to be 
involved here or not. I need to do some further digging.

This seems to fix it:

Index: if_ath.c
===================================================================
--- if_ath.c    (revision 217719)
+++ if_ath.c    (working copy)
@@ -2223,6 +2223,11 @@
 {
        struct ath_softc *sc = vap->iv_ic->ic_ifp->if_softc;
 
+       /* Station mode? Don't use the group keys for AES/CCMP */
+       if (vap->iv_opmode == IEEE80211_M_STA && sc->sc_mcastkey && 
k->wk_cipher->ic_cipher == IEEE80211_CIPHER_AES_CCM) {
+               return key_alloc_single(sc, keyix, rxkeyix);
+       }
+
        /*
         * Group key allocation must be handled specially for
         * parts that do not support multicast key cache search


>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

Reply via email to