current-users: Re: WPA regression (was: CVS commit: src/dist/wpa)

Subject: Re: WPA regression (was: CVS commit: src/dist/wpa)
To: None <>
From: None <>
List: current-users
Date: 02/01/2008 14:00:07
Quoting Jukka Salmi <j+nbsd@2008.salmi.ch>:

> Stephen M. Rumble --> current-users (2008-01-29 13:23:44 -0500):
>> Quoting Jukka Salmi <j+nbsd@2008.salmi.ch>:
> [...]
>>> Does it stop working exactly when the first GTK rekeying takes place?
>>> If yes, it's probably the same problem I'm trying to debug ATM (using
>>> hostapd(8) and wpa_supplicant(8) with ath(4) on NetBSD/i386 current).
>>
>> I have no idea. Is there an easy way to check?
>>
>> wpa_cli's `status' command just says COMPLETED, I think.
>
> Is your access point running hostapd(8)? If yes, try setting
> wpa_group_rekey to a small value, e.g. 60 (default is 600) to not have
> to wait for ten minutes until rekeying takes place... Then start hostapd
> with option -dd (and without -B), and as soon as you see "ath0: Setup
> of interface done." start wpa_supplicant; authentication should work.
> Wait for a minute, and hostapd should print "ath0: WPA rekeying GTK",
> followed by several "EAPOL-Key timeout" lines, and finally
>
> ath0: STA [...] IEEE 802.11: deauthenticated due to local deauth request
> ath0: STA [...] IEEE 802.11: deassociated
>
> If your AP doesn't run hostapd or you don't have access to it, try
> running wpa_supplicant with option -dd and without -B; as soon as
> rekeying fails you should see "Added BSSID XXX into blacklist", where
> XXX is your AP's BSSID.
>
> At least that's what I'm currently seeing, as soon as the first rekeying
> takes place...

I've tried to reproduce this, but have been unable to. After  
downgrading to 0.4.9 and then switching back to 0.6.2, I've not run  
into any of the same problems. I'm a little bit stumped, as 0.6.2  
definitely was not working very well before and was perfectly  
consistent in its malfunctioning.

>> ath0 does timeout a lot (and I commented out the printf in the driver),
>
> Does setting hw.ath0.txintrperiod=1 instead help?

Yes, it helps considerably. Is anyone opposed to the following patch,  
which trims down txintrperiod automatically in the face of timeouts?  
It may be a bit kludgey, but it works well for me.

Index: ath.c
===================================================================
RCS file: /cvsroot/src/sys/dev/ic/ath.c,v
retrieving revision 1.98
diff -u -r1.98 ath.c
--- ath.c       4 Jan 2008 21:17:54 -0000       1.98
+++ ath.c       1 Feb 2008 18:55:37 -0000
@@ -5099,7 +5099,10 @@
                         ;
                 else if (--axq->axq_timer == 0) {
                         ATH_TXQ_UNLOCK(axq);
-                       if_printf(ifp, "device timeout (txq %d)\n", i);
+                       if_printf(ifp, "device timeout (txq %d, "
+                           "txintrperiod %d)\n", i, sc->sc_txintrperiod);
+                       if (sc->sc_txintrperiod > 1)
+                               sc->sc_txintrperiod--;
                         ath_reset(ifp);
                         ifp->if_oerrors++;
                         sc->sc_stats.ast_watchdog++;

Regards,
Steve

>
> Regards, Jukka
>
> --
> bashian roulette:
> $ ((RANDOM%6)) || rm -rf ~
>