[Bug 264238] wpa_supplicant fails to associate to open unprotected 802.11n

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 264238] WiFi stops working after upgrade from 13.0 to 13.1, AR9285"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 23 Jun 2022 15:41:42 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264238

--- Comment #142 from Adrian Chadd <adrian@freebsd.org> ---
So, the way this works is:

* during scan the net80211 stack just stores the beacons itself as scan results
* then it passes them up to wpa_supplicant via an ioctl
* then wpa_s uses the initial scan results to issue a "join this BSS as a
station" ioctl
* <--- this is where we know the IEs are wrong
* then net80211 will do the join request, either via directly asking the wifi
firmware to do the join, or by crafting auth/assoc frames and sending them to
the AP to do the joining

Now, the IE contents between beacon, auth and assoc can be different as
different subsets of info are required in each. But the only info used by wpa_s
when joining a network is the contents of the scan result entry.

Ok, so!

Some NICs, like the intel NICs, don't send up beacon frames. Instead, they
actually do the scanning /in firmware/, and then they send up scan results.
That way the firmware can do stuff like background scanning without the
driver/stack needing to buffer traffic - it's all done in firmware.

Other NICs, like rtwn, ath, etc - they're fully softmac NICs, and everything is
done in the driver/stack. When you do a scan, the driver/stack will change
channels, configure to receive beacon frames from all MACs, and listen for a
bit.

Ok, so given that!

* For iwn, iwm, etc - they're the smart ones, tcpdump won't get the beacons.
You only get what the firmware returns.
* For ath, rtwn, etc - they're softmac, tcpdump in 80211 monitor mode will see
beacons.

ok, so!! :-P

* For AR9285, rtwn, etc you can run tcpdump -ni wlan0 -y IEEE802_11_RADIO
during a scan, and it SHOULD show the beacons coming in as it does a scan. You
can try it, see what happens.
* For iwn, iwm, etc - tcpdump won't help, and we'll have to use driver
debugging to dump the scan results messages as they come in to see what's in
there.

(For this reason I keep atheros NICs around for doing monitor mode sniffing,
since sometimes firmware/drivers on smart / fullmac devices get things subtly
weirdly wrong. :-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.