On Mon, Jul 05, 2021 at 02:11:36PM -0700, Greg Steuck wrote:
> Do I need to figure out the state machines behind iwx and iee80211 now? :)
This AP seems to use TKIP for the groupcipher and the iwx
setkey task doesn't handle this case properly.
Can you try this?
diff 7faf78381a333a9545f245f931e6a51077ba6762 /usr/src
blob - bdf8ce3e1afa332f698e3dc56af77e6acb4f8689
file + sys/dev/pci/if_iwx.c
--- sys/dev/pci/if_iwx.c
+++ sys/dev/pci/if_iwx.c
@@ -6677,11 +6677,24 @@ iwx_set_key(struct ieee80211com *ic, struct ieee80211_
struct ieee80211_key *k)
{
struct iwx_softc *sc = ic->ic_softc;
+ struct iwx_node *in = (void *)ni;
struct iwx_setkey_task_arg *a;
+ const int want_keymask = (IWX_NODE_FLAG_HAVE_PAIRWISE_KEY |
+ IWX_NODE_FLAG_HAVE_GROUP_KEY);
+ int err;
if (k->k_cipher != IEEE80211_CIPHER_CCMP) {
+ if (k->k_flags & IEEE80211_KEY_GROUP)
+ in->in_flags |= IWX_NODE_FLAG_HAVE_GROUP_KEY;
/* Fallback to software crypto for other ciphers. */
- return (ieee80211_set_key(ic, ni, k));
+ err = ieee80211_set_key(ic, ni, k);
+ if (!err && (in->in_flags & want_keymask) == want_keymask) {
+ DPRINTF(("marking port %s valid\n",
+ ether_sprintf(ni->ni_macaddr)));
+ ni->ni_port_valid = 1;
+ ieee80211_set_link_state(ic, LINK_STATE_UP);
+ }
+ return err;
}
if (sc->setkey_nkeys >= nitems(sc->setkey_arg))
