Re: iwx: device timeout

Mon, 05 Jan 2026 05:33:23 -0800 

On Thu, Jan 01, 2026 at 05:44:23PM +0100, Stefan Sperling wrote:
> On Thu, Jan 01, 2026 at 04:03:54PM +0000, Vitaliy Makkoveev wrote:
> > On Thu, Jan 01, 2026 at 10:43:21AM +0100, Stefan Sperling wrote:
> > > My best guess is that this AP is buggy and does not like the
> > > PFM-capabale bit being set in our assoc request.
> > > 
> > > Does this patch help?
> > > 
> > 
> > Yes, this fixed wifi on both machines. Thanks!
> 
> Good. I'm glad that we've found out where the problem is.
> 
> The code path we are touching here is also used to generate beacons
> in hostap mode. So I will need to figure out a way to make this change
> without breaking the use of PMF in hostap mode.
> None of our drivers combine PMF and hostap right now, but the stack
> should not prevent hostap and PMF from working together.
> 
> I will try to take a closer look at this next week. Currently in
> vacation mode.

I am going to commit this:

M  sys/net80211/ieee80211_output.c  |  15+  2-

1 file changed, 15 insertions(+), 2 deletions(-)

commit - 32dd3676ace5111f40a82f0365663c9854d1d8ac
commit + 8c18b9cd547490538f81e304fa40e1954ae0a5f1
blob - eda5b7fe673517d2c260850131f5ee732501b3ef
blob + fc176fc708d69d0f3add4b691f321b3f2971b8ea
--- sys/net80211/ieee80211_output.c
+++ sys/net80211/ieee80211_output.c
@@ -1049,6 +1049,7 @@ ieee80211_add_rsn_body(u_int8_t *frm, struct ieee80211
        const u_int8_t *oui = wpa ? MICROSOFT_OUI : IEEE80211_OUI;
        u_int8_t *pcount;
        u_int16_t count, rsncaps;
+       int pmf = 0;
 
        /* write Version field */
        LE_WRITE_2(frm, 1); frm += 2;
@@ -1123,10 +1124,22 @@ ieee80211_add_rsn_body(u_int8_t *frm, struct ieee80211
        if (wpa)
                return frm;
 
+       if (ic->ic_caps & IEEE80211_C_MFP) {
+               /*
+                * When acting as client station, only announce PMF support
+                * to access points which support PMF. There are access points
+                * out there which do not support PMF and won't even initiate
+                * the 4-way handshake with us if the PMF-capable bit is set.
+                */
+               if (ic->ic_opmode != IEEE80211_M_STA ||
+                   (ni->ni_rsncaps & IEEE80211_RSNCAP_MFPC))
+                       pmf = 1;
+       }
+
        /* write RSN Capabilities field */
        rsncaps = (ni->ni_rsncaps & (IEEE80211_RSNCAP_PTKSA_RCNT_MASK |
            IEEE80211_RSNCAP_GTKSA_RCNT_MASK));
-       if (ic->ic_caps & IEEE80211_C_MFP) {
+       if (pmf) {
                rsncaps |= IEEE80211_RSNCAP_MFPC;
                if (ic->ic_flags & IEEE80211_F_MFPR)
                        rsncaps |= IEEE80211_RSNCAP_MFPR;
@@ -1143,7 +1156,7 @@ ieee80211_add_rsn_body(u_int8_t *frm, struct ieee80211
                frm += IEEE80211_PMKID_LEN;
        }
 
-       if (!(ic->ic_caps & IEEE80211_C_MFP))
+       if (!pmf)
                return frm;
 
        if ((ni->ni_flags & IEEE80211_NODE_PMKID) == 0) {

Reply via email to