Re: athn0 works in 6.6, fails in 6.7

classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Thu, Jun 11, 2020 at 10:14:34AM -0500, Tim Chase wrote:

> On booting 6.7 I see
>
> -----------------------------
> athn0: no link........
> athn0: no link... got link
> athn0: no link... sleeping
> -----------------------------
>
> which is not a surprise having seen the "no network" in the ifconfig
> output.
>
> I'm not sure how to go about diagnosing what changed here.

One thing you could do is adding 'debug' to your hostname.athn0 file,
or running 'ifconfig athn0 debug', and then trying to connect.
This should make debug messages appear in dmesg and /var/log/messages,
which might contain clues.

Perhaps the problem has already been fixed in -current? To verify this you
could boot a -current bsd.rd kernel and check if the interface works with it
(choose 'shell' at the initial prompt, then configure the interface manually
with ifconfig, and run 'dhclient athn0').

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Thu, Jun 11, 2020 at 06:08:31PM -0500, Tim Chase wrote:

> and it works fine there.  The big distinction is that after
>
>   sending msg 4/4 of the 4-way handshake
>
> my `ifconfig athn0 debug` output is giving me these two lines in the
> 6.6 bsd.rd:
>
>   received msg 1/2 of the group key handshake from [MAC]
>   sending msg 2/2 of the group key handshake to [same MAC]
>
> that never happen in the 6.7 (both -RELEASE and -CURRENT snap) output.

Can you please boot into 6.7, let it fail to connect, and then get the
output of the following command and show it to me?

        netstat -W athn0

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Fri, Jun 12, 2020 at 07:13:39AM -0500, Tim Chase wrote:
> On 2020-06-12 09:19, Stefan Sperling wrote:
> > Can you please boot into 6.7, let it fail to connect, and then get
> > the output of the following command and show it to me?
> >
> > netstat -W athn0
>
> The machine currently has a bit less than 13hr of uptime to put this
> output in perspective of frequency in case that matters.

It would help me to see what these counters look like after boot + 1 failed
connection attempt. What I'll be doing is go through the code and check where
relevenant counters get incremented. Then maybe, just maybe, I will be able
to deduce where your problem is coming from.

I'm not going to try to do that based on counters which have been updating
for 13 hours.

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Matej Nanut
> > On 2020-06-12 09:19, Stefan Sperling wrote:
> > > Can you please boot into 6.7, let it fail to connect, and then get
> > > the output of the following command and show it to me?
> > >
> > >     netstat -W athn0

Hello, I seem to have the same issue running latest -current from
ftp2.eu.openbsd.org:
$ uname -a
OpenBSD asus 6.7 GENERIC.MP#268 amd64

I executed the following two commands on a fresh boot:
$ doas ifconfig athn0 debug nwid **** wpakey **** up
$ doas dhclient athn0
and waited for "... sleeping".

My (greater than 0) counters from "netstat -W athn0" are:
14 input packets with mismatched channel
2 input eapol-key packets
1 active scan started
43 ccmp decryption errors
1 HT negotiation failure because peer does not support MCS 0-7

And here's an excerpt from "dmesg" after scans:
athn0: SCAN -> AUTH
athn0: sending auth to 00:23:69:ea:49:3d on channel 7 mode 11g
athn0: AUTH -> ASSOC
athn0: sending assoc_req to 00:23:69:ea:49:3d on channel 7 mode 11g
athn0: ASSOC -> RUN
athn0: associated with 00:23:69:ea:49:3d ssid "****" channel 7 start
1Mb long preamble short slot time
athn0: missed beacon threshold set to 30 beacons, beacon interval is 100 TU
athn0: received msg 1/4 of the 4-way handshake from 00:23:69:ea:49:3d
athn0: sending msg 2/4 of the 4-way handshake to 00:23:69:ea:49:3d
athn0: received msg 3/4 of the 4-way handshake from 00:23:69:ea:49:3d
athn0: sending msg 4/4 of the 4-way handshake to 00:23:69:ea:49:3d

I hope this is in any way useful.
Matej

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
In reply to this post by Stefan Sperling-5
On Wed, Jul 01, 2020 at 06:14:50PM -0500, Tim Chase wrote:
> Just wanted to check back in if there's anything else I can get you
> to help diagnose this.

Please try this patch. It fixes the issue for me.

It looks like my CCMP offload patch for athn(4) broke client mode,
even though it would occasionally work if the stars were aligned right.
It depends on the value the AP chooses for this client's "association ID".
That value factors into the slot we use in the on-device key table.
This is the correct approach when we are acting as AP ourselves and
choose the association IDs for our clients. But in client mode we should
be using the first key table slot only.

I am sorry about this. I should have tested client mode better :-/

Regarding "athn needs cold boot to work":
Code comments I've seen in Linux suggest that the key table is not cleared
automatically on some athn devices. There is code in our driver which is
supposed to clear the on-device crypto key table when the interface comes up.
This code ran very close in time after a full device reset. I suspect it could
have run while the device wasn't fully initialized yet, and hence fail to
reset keys which were installed earlier, or write garbage to the key table.
Combined with the above bug this would lead to hardware using bad key table
entries which results in decryption failures.
This patch should fix that problem as well. It clears the table later in the
startup sequence, and clears on-device keys when the interface is put down.

I have tested this fix on AR9280 (PCI) and AR9271 (USB), both in client and
in hostap mode.

diff refs/heads/master refs/heads/athn-ccmpfix
blob - 3a28d87bc88a0e7b9ed6c873bd7a07682cc91a0b
blob + 1d739529d7d214bea314e50e847594dc01021a41
--- sys/dev/ic/ar5008.c
+++ sys/dev/ic/ar5008.c
@@ -811,12 +811,20 @@ ar5008_ccmp_decap(struct athn_softc *sc, struct mbuf *
  /* Sanity checks to ensure this is really a key we installed. */
  entry = (uintptr_t)k->k_priv;
  if (k->k_flags & IEEE80211_KEY_GROUP) {
- if (k->k_id > IEEE80211_WEP_NKID ||
+ if (k->k_id >= IEEE80211_WEP_NKID ||
     entry != k->k_id)
  return 1;
- } else if (entry != IEEE80211_WEP_NKID +
-    IEEE80211_AID(ni->ni_associd))
- return 1;
+ } else {
+#ifndef IEEE80211_STA_ONLY
+ if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
+ if (entry != IEEE80211_WEP_NKID +
+    IEEE80211_AID(ni->ni_associd))
+ return 1;
+ } else
+#endif
+ if (entry != IEEE80211_WEP_NKID)
+ return 1;
+ }
 
  /* Check that ExtIV bit is set. */
  if (!(ivp[3] & IEEE80211_WEP_EXTIV))
blob - 40725b02c43b54e10a87de333acdfd3b8270534d
blob + f7aa77ba15cae787a42fdbffb8a9d9cd2d0226d2
--- sys/dev/ic/athn.c
+++ sys/dev/ic/athn.c
@@ -1037,12 +1037,17 @@ athn_set_key(struct ieee80211com *ic, struct ieee80211
  }
 
  if (!(k->k_flags & IEEE80211_KEY_GROUP)) {
- entry = IEEE80211_WEP_NKID + IEEE80211_AID(ni->ni_associd);
+#ifndef IEEE80211_STA_ONLY
+ if (ic->ic_opmode == IEEE80211_M_HOSTAP)
+ entry = IEEE80211_WEP_NKID + IEEE80211_AID(ni->ni_associd);
+ else
+#endif
+ entry = IEEE80211_WEP_NKID;
  if (entry >= sc->kc_entries - IEEE80211_WEP_NKID)
  return ENOSPC;
  } else {
  entry = k->k_id;
- if (entry > IEEE80211_WEP_NKID)
+ if (entry >= IEEE80211_WEP_NKID)
  return ENOSPC;
  }
  k->k_priv = (void *)entry;
@@ -3056,10 +3061,6 @@ athn_init(struct ifnet *ifp)
  else
  athn_config_pcie(sc);
 
- /* Reset HW key cache entries. */
- for (i = 0; i < sc->kc_entries; i++)
- athn_reset_key(sc, i);
-
  ops->enable_antenna_diversity(sc);
 
 #ifdef ATHN_BT_COEXISTENCE
@@ -3086,6 +3087,10 @@ athn_init(struct ifnet *ifp)
  /* Enable Rx. */
  athn_rx_start(sc);
 
+ /* Reset HW key cache entries. */
+ for (i = 0; i < sc->kc_entries; i++)
+ athn_reset_key(sc, i);
+
  /* Enable interrupts. */
  athn_enable_interrupts(sc);
 
@@ -3121,7 +3126,7 @@ athn_stop(struct ifnet *ifp, int disable)
 {
  struct athn_softc *sc = ifp->if_softc;
  struct ieee80211com *ic = &sc->sc_ic;
- int qid;
+ int qid, i;
 
  ifp->if_timer = sc->sc_tx_timer = 0;
  ifp->if_flags &= ~IFF_RUNNING;
@@ -3158,6 +3163,10 @@ athn_stop(struct ifnet *ifp, int disable)
  AR_WRITE_BARRIER(sc);
  athn_set_rxfilter(sc, 0);
  athn_stop_rx_dma(sc);
+
+ /* Reset HW key cache entries. */
+ for (i = 0; i < sc->kc_entries; i++)
+ athn_reset_key(sc, i);
 
  athn_reset(sc, 0);
  athn_init_pll(sc, NULL);

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Tim Chase-5
On 2020-07-03 20:33, Stefan Sperling wrote:
> On Wed, Jul 01, 2020 at 06:14:50PM -0500, Tim Chase wrote:
> > Just wanted to check back in if there's anything else I can get
> > you to help diagnose this.  
>
> Please try this patch. It fixes the issue for me.

Sorry it has taken so long to get back to you.  Building a kernel
took ~12hr (finished 2020-07-03 as seen in the dmesg at the bottom
of this reply) and the rest of the base system took another 2 days.

I pulled the latest CVS sources, applied the patch, built, and
rebooted into the new kernel but unfortunately get the same
non-working results as before.  In case it matters, this is an
AR9281 which I imagine should be pretty close to the AR9280 that
you tested.

With the mostly-built kernel present, I can tack on any additional
patches you might need to instrument/debug it and rebuild if needed.
Fortunately, this is a junker non-critical machine, so I can repave
and/or rebuild whatever you need on it.

> Regarding "athn needs cold boot to work":
> Code comments I've seen in Linux suggest that the key table is not
> cleared automatically on some athn devices. There is code in our
> driver which is supposed to clear the on-device crypto key table
> when the interface comes up. This code ran very close in time after
> a full device reset. I suspect it could have run while the device
> wasn't fully initialized yet, and hence fail to reset keys which
> were installed earlier, or write garbage to the key table. Combined
> with the above bug this would lead to hardware using bad key table
> entries which results in decryption failures. This patch should fix
> that problem as well. It clears the table later in the startup
> sequence, and clears on-device keys when the interface is put down.

I've seen this once or twice as well where it would work briefly,
only to stop working and not come back.  I hadn't narrowed it down to
being related to a cold-boot but it also wasn't 100% of the time on
a cold boot.

> I have tested this fix on AR9280 (PCI) and AR9271 (USB), both in
> client and in hostap mode.
>
> diff refs/heads/master refs/heads/athn-ccmpfix
> blob - 3a28d87bc88a0e7b9ed6c873bd7a07682cc91a0b
> blob + 1d739529d7d214bea314e50e847594dc01021a41
> --- sys/dev/ic/ar5008.c
> +++ sys/dev/ic/ar5008.c
> @@ -811,12 +811,20 @@ ar5008_ccmp_decap(struct athn_softc *sc,
> struct mbuf * /* Sanity checks to ensure this is really a key we
> installed. */ entry = (uintptr_t)k->k_priv;
>   if (k->k_flags & IEEE80211_KEY_GROUP) {
> - if (k->k_id > IEEE80211_WEP_NKID ||
> + if (k->k_id >= IEEE80211_WEP_NKID ||
>      entry != k->k_id)
>   return 1;
> - } else if (entry != IEEE80211_WEP_NKID +
> -    IEEE80211_AID(ni->ni_associd))
> - return 1;
> + } else {
> +#ifndef IEEE80211_STA_ONLY
> + if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
> + if (entry != IEEE80211_WEP_NKID +
> +    IEEE80211_AID(ni->ni_associd))
> + return 1;
> + } else
> +#endif
> + if (entry != IEEE80211_WEP_NKID)
> + return 1;
> + }
>  
>   /* Check that ExtIV bit is set. */
>   if (!(ivp[3] & IEEE80211_WEP_EXTIV))
> blob - 40725b02c43b54e10a87de333acdfd3b8270534d
> blob + f7aa77ba15cae787a42fdbffb8a9d9cd2d0226d2
> --- sys/dev/ic/athn.c
> +++ sys/dev/ic/athn.c
> @@ -1037,12 +1037,17 @@ athn_set_key(struct ieee80211com *ic,
> struct ieee80211 }
>  
>   if (!(k->k_flags & IEEE80211_KEY_GROUP)) {
> - entry = IEEE80211_WEP_NKID +
> IEEE80211_AID(ni->ni_associd); +#ifndef IEEE80211_STA_ONLY
> + if (ic->ic_opmode == IEEE80211_M_HOSTAP)
> + entry = IEEE80211_WEP_NKID +
> IEEE80211_AID(ni->ni_associd);
> + else
> +#endif
> + entry = IEEE80211_WEP_NKID;
>   if (entry >= sc->kc_entries - IEEE80211_WEP_NKID)
>   return ENOSPC;
>   } else {
>   entry = k->k_id;
> - if (entry > IEEE80211_WEP_NKID)
> + if (entry >= IEEE80211_WEP_NKID)
>   return ENOSPC;
>   }
>   k->k_priv = (void *)entry;
> @@ -3056,10 +3061,6 @@ athn_init(struct ifnet *ifp)
>   else
>   athn_config_pcie(sc);
>  
> - /* Reset HW key cache entries. */
> - for (i = 0; i < sc->kc_entries; i++)
> - athn_reset_key(sc, i);
> -
>   ops->enable_antenna_diversity(sc);
>  
>  #ifdef ATHN_BT_COEXISTENCE
> @@ -3086,6 +3087,10 @@ athn_init(struct ifnet *ifp)
>   /* Enable Rx. */
>   athn_rx_start(sc);
>  
> + /* Reset HW key cache entries. */
> + for (i = 0; i < sc->kc_entries; i++)
> + athn_reset_key(sc, i);
> +
>   /* Enable interrupts. */
>   athn_enable_interrupts(sc);
>  
> @@ -3121,7 +3126,7 @@ athn_stop(struct ifnet *ifp, int disable)
>  {
>   struct athn_softc *sc = ifp->if_softc;
>   struct ieee80211com *ic = &sc->sc_ic;
> - int qid;
> + int qid, i;
>  
>   ifp->if_timer = sc->sc_tx_timer = 0;
>   ifp->if_flags &= ~IFF_RUNNING;
> @@ -3158,6 +3163,10 @@ athn_stop(struct ifnet *ifp, int disable)
>   AR_WRITE_BARRIER(sc);
>   athn_set_rxfilter(sc, 0);
>   athn_stop_rx_dma(sc);
> +
> + /* Reset HW key cache entries. */
> + for (i = 0; i < sc->kc_entries; i++)
> + athn_reset_key(sc, i);
>  
>   athn_reset(sc, 0);
>   athn_init_pll(sc, NULL);
>



OpenBSD 6.7-current (GENERIC.MP) #0: Fri Jul  3 21:14:17 CDT 2020
    [hidden email]:/sys/arch/i386/compile/GENERIC.MP
real mem  = 2137178112 (2038MB)
avail mem = 2081857536 (1985MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: date 05/20/09, BIOS32 rev. 0 @ 0xfdc80, SMBIOS rev. 2.5 @ 0xf2430 (40 entries)
bios0: vendor Dell Inc. version "A05" date 05/20/2009
bios0: Dell Inc. Inspiron 1010
acpi0 at bios0: ACPI 3.0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET MCFG TCPA TMOR OSFR APIC BOOT SLIC SSDT
acpi0: wakeup devices PWRB(S3) PXS1(S5) PXS2(S3) USB1(S3) USB2(S3) USB3(S0) EHC1(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimcfg0 at acpi0
acpimcfg0: addr 0xe0000000, bus 0-255
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU Z520 @ 1.33GHz ("GenuineIntel" 686-class) 1.34 GHz, 06-1c-02
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,NXE,LAHF,PERF,SENSOR,MELTDOWN
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 132MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.0.2.0.3, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Atom(TM) CPU Z520 @ 1.33GHz ("GenuineIntel" 686-class) 1.33 GHz, 06-1c-02
cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,xTPR,PDCM,MOVBE,NXE,LAHF,PERF,SENSOR,MELTDOWN
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 2 (RP01)
acpiprt2 at acpi0: bus 3 (RP02)
acpiec0 at acpi0
acpicpu0 at acpi0: !C3(10@140 mwait.3@0x52), !C3(100@100 mwait.3@0x30), !C2(500@20 mwait.1@0x10), C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: !C3(10@140 mwait.3@0x52), !C3(100@100 mwait.3@0x30), !C2(500@20 mwait.1@0x10), C1(1000@1 mwait.1), PSS
"CPL0002" at acpi0 not configured
acpibtn0 at acpi0: LID0
acpibtn1 at acpi0: PWRB
"PNP0A08" at acpi0 not configured
acpicmos0 at acpi0
acpiac0 at acpi0: AC unit online
acpibat0 at acpi0: BAT1 serial 11 type Lion oem "Dell"
"SYN0601" at acpi0 not configured
acpivideo0 at acpi0: GFX0
acpivout0 at acpivideo0: DD04
acpivout1 at acpivideo0: DD05
bios0: ROM list: 0xc0000/0xe600! 0xce800/0x1000 0xe0000/0x1800!
cpu0: Enhanced SpeedStep 1330 MHz: speeds: 1333, 1067, 800 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel US15W Host" rev 0x07
vga1 at pci0 dev 2 function 0 "Intel US15W Video" rev 0x07
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
azalia0 at pci0 dev 27 function 0 "Intel SCH HD Audio" rev 0x07: apic 2 int 22
azalia0: codecs: Realtek ALC269, CMD Technology/0x1392, using Realtek ALC269
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel SCH PCIE" rev 0x07: apic 2 int 17
pci1 at ppb0 bus 2
re0 at pci1 dev 0 function 0 "Realtek 8101E" rev 0x02: RTL8102EL (0x2480), msi, address 00:24:e8:c6:d7:2c
rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1
ppb1 at pci0 dev 28 function 1 "Intel SCH PCIE" rev 0x07: apic 2 int 16
pci2 at ppb1 bus 3
athn0 at pci2 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 2 int 17
athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 00:24:d2:b3:8c:b4
uhci0 at pci0 dev 29 function 0 "Intel SCH USB" rev 0x07: apic 2 int 23
uhci1 at pci0 dev 29 function 1 "Intel SCH USB" rev 0x07: apic 2 int 19
uhci2 at pci0 dev 29 function 2 "Intel SCH USB" rev 0x07: apic 2 int 18
ehci0 at pci0 dev 29 function 7 "Intel SCH USB" rev 0x07: apic 2 int 21
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 "Intel SCH LPC" rev 0x07
pciide0 at pci0 dev 31 function 1 "Intel SCH IDE" rev 0x07: DMA, channel 0 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <OCZ-AGILITY2>
wd0: 16-sector PIO, LBA48, 57241MB, 117231408 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pms0: Elantech Touchpad, version 2, firmware 0x20801
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
uhub4 at uhub0 port 1 configuration 1 interface 0 "Alcor Micro product 0x6254" rev 2.00/1.00 addr 2
uvideo0 at uhub0 port 6 configuration 1 interface 0 "SuYin Integrated Webcam" rev 2.00/8c.02 addr 3
video0 at uvideo0
umass0 at uhub0 port 7 configuration 1 interface 0 "Generic USB2.0-CRW" rev 2.00/58.87 addr 4
umass0: using SCSI over Bulk-Only
scsibus1 at umass0: 2 targets, initiator 0
sd0 at scsibus1 targ 1 lun 0: <Generic-, Multi-Card, 1.00> removable serial.0bda0158114173400000
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
sd1 at scsibus3 targ 1 lun 0: <OPENBSD, SR CRYPTO, 006>
sd1: 57239MB, 512 bytes/sector, 117225713 sectors
root on sd1a (7206a5e742b3a427.a) swap on sd1b dump on sd1b


Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Mon, Jul 06, 2020 at 03:27:37PM -0500, Tim Chase wrote:

> On 2020-07-03 20:33, Stefan Sperling wrote:
> > On Wed, Jul 01, 2020 at 06:14:50PM -0500, Tim Chase wrote:
> > > Just wanted to check back in if there's anything else I can get
> > > you to help diagnose this.  
> >
> > Please try this patch. It fixes the issue for me.
>
> Sorry it has taken so long to get back to you.  Building a kernel
> took ~12hr (finished 2020-07-03 as seen in the dmesg at the bottom
> of this reply) and the rest of the base system took another 2 days.
>
> I pulled the latest CVS sources, applied the patch, built, and
> rebooted into the new kernel but unfortunately get the same
> non-working results as before.  In case it matters, this is an
> AR9281 which I imagine should be pretty close to the AR9280 that
> you tested.
>

The diff has since been committed. Could you try a snapshot just
to see if that works?

Lacking any better ideas I may try to install i386 on an APU and
see if I can still reproduce it then...

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Tim Chase-5
On 2020-07-07 08:50, Stefan Sperling wrote:
> The diff has since been committed. Could you try a snapshot just
> to see if that works?

I pulled down the latest snap (#290 Jul 6 15:31:39 according to
dmesg), rebooted into it and grabbed a shell, then issued

  # ifconfig athn0 debug nwid "$MYSSID" wpakey "$MYKEY" up

and got largely the same output as before, eventually hitting

  athn: associated with {MAC} ssid "{MYSSID}" channel 3 start 1Mb short preamble short slot time

and getting through all 4/4 of the 4-way handshake, and doing 1/2
and 2/2 fo the group key handshake, stopping at the

  athn0: sending msg 2/2 of the group key handshake to {MAC}

This is further than 6.7 was getting (6.6 got this far).  However,
the output stops there.  An ifconfig says (hand transcribed)

athn0: flags=8847<UP,BROADCAST,DEBUG,RUNNING,SIMPLEX,MULTICAST> mtu 1500
  lladdr {mymac}
  llprio 3
  groups: wlan
  media: IEEE802.11 autoselect (DS1 mode 11g)
  status: active
  ieee80211: nwid {myssid} chan 3 bssid {routermac} -43dBm wpakey wpaprotos wpa2 wpaakms psk wpaciphers ccmp wpacgroupcipher ccmp

About hourly(?) since issuing those, my console has given me another
pair of

  athn0: received msg 1/2 of the group key handshake from {router MAC}
  athn0: sending msg 2/2 of the group key handshake to {router MAC}

if that matters, though it seems successful.

On 6.6, after getting that successful 2/2-group-key-handshake,
issuing `dhclient athn0` would get me a connection but trying it on
this snap gives me the same as 6.7

 # dhclient athn0
 athn0: no lease....... sleeping

If you need further information, I can do my best to provide it.

> Lacking any better ideas I may try to install i386 on an APU and
> see if I can still reproduce it then...

My offer to rebuild with debugging patches holds as well if needed.

Thanks again!

-tim




Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Tue, Jul 07, 2020 at 11:31:08AM -0500, Tim Chase wrote:

> On 2020-07-07 08:50, Stefan Sperling wrote:
> > The diff has since been committed. Could you try a snapshot just
> > to see if that works?
>
> I pulled down the latest snap (#290 Jul 6 15:31:39 according to
> dmesg), rebooted into it and grabbed a shell, then issued
>
>   # ifconfig athn0 debug nwid "$MYSSID" wpakey "$MYKEY" up
>
> and got largely the same output as before, eventually hitting
>
>   athn: associated with {MAC} ssid "{MYSSID}" channel 3 start 1Mb short preamble short slot time
>
> and getting through all 4/4 of the 4-way handshake, and doing 1/2
> and 2/2 fo the group key handshake, stopping at the
>
>   athn0: sending msg 2/2 of the group key handshake to {MAC}
>
> This is further than 6.7 was getting (6.6 got this far).  However,
> the output stops there.  An ifconfig says (hand transcribed)
>
> athn0: flags=8847<UP,BROADCAST,DEBUG,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>   lladdr {mymac}
>   llprio 3
>   groups: wlan
>   media: IEEE802.11 autoselect (DS1 mode 11g)
>   status: active
>   ieee80211: nwid {myssid} chan 3 bssid {routermac} -43dBm wpakey wpaprotos wpa2 wpaakms psk wpaciphers ccmp wpacgroupcipher ccmp
>
> About hourly(?) since issuing those, my console has given me another
> pair of
>
>   athn0: received msg 1/2 of the group key handshake from {router MAC}
>   athn0: sending msg 2/2 of the group key handshake to {router MAC}
>
> if that matters, though it seems successful.

That is looking good. The AP is supposed to rotate the group key hourly.
Since you are able to receive group key updates it follows that the
pairwise WPA2 crypto for regular data traffic is now working, too.
Group key updates are encrypted with the pairwise key and sent to
each client individually. Back when your athn client didn't see group
key updates it implied that pairwise crypto wasn't working.

Are CCMP decryption error counters in netstat -W athn0 close to zero now?
If so, then I have successfully reproduced and fixed one bug. But some other
problem remains which we need to diagnose next.

Are you able to run tcpdump on the AP itself or on the network behind the AP?
Do you see DHCP requests from the athn client arriving there?

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Mikolaj Kucharski-3
Hi all,

On Tue, Jul 07, 2020 at 07:21:10PM +0200, Stefan Sperling wrote:

> That is looking good. The AP is supposed to rotate the group key hourly.
> Since you are able to receive group key updates it follows that the
> pairwise WPA2 crypto for regular data traffic is now working, too.
> Group key updates are encrypted with the pairwise key and sent to
> each client individually. Back when your athn client didn't see group
> key updates it implied that pairwise crypto wasn't working.
>
> Are CCMP decryption error counters in netstat -W athn0 close to zero now?
> If so, then I have successfully reproduced and fixed one bug. But some other
> problem remains which we need to diagnose next.
>
> Are you able to run tcpdump on the AP itself or on the network behind the AP?
> Do you see DHCP requests from the athn client arriving there?
>

Joining the thread as I'm also facing the same issue on my APU which has
athn(4) configured as a client. That client connects to athn(4) on
OpenBSD running in hostap mode.

Today morning I've upgraded (both hostap and client) to:

OpenBSD 6.7-current (GENERIC.MP) #333: Mon Jul  6 15:01:05 MDT 2020
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP

and I didn't see the problem so far. It happened for me rarely. First
occurence started in the middle of the night, so I didn't notice it
until morning when I've noticed that one of my PC Engiens is not
reachable. I didn't actually investigated it too much.

Please CC me in this thread as I'm not subscribed to the list. I will be
traveling during second half of this week, but when I'm at home, I'm
happy to help investigate this problem. Below two dmesgs from client and
hostap.


This is dmesg from client:

OpenBSD 6.7-current (GENERIC.MP) #333: Mon Jul  6 15:01:05 MDT 2020
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4261076992 (4063MB)
avail mem = 4116893696 (3926MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdffb7020 (7 entries)
bios0: vendor coreboot version "4.0.7" date 02/28/2017
bios0: PC Engines APU2
acpi0 at bios0: ACPI 4.0
acpi0: sleep states S0 S1 S2 S3 S4 S5
acpi0: tables DSDT FACP SSDT APIC HEST SSDT SSDT HPET
acpi0: wakeup devices PWRB(S4) PBR4(S4) PBR5(S4) PBR6(S4) PBR7(S4) PBR8(S4) UOH1(S3) UOH3(S3) UOH5(S3) XHC0(S4)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD GX-412TC SOC, 998.27 MHz, 16-30-01
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu0: TSC skew=0 observed drift=0
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD GX-412TC SOC, 998.17 MHz, 16-30-01
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu1: TSC skew=31 observed drift=0
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: AMD GX-412TC SOC, 998.14 MHz, 16-30-01
cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu2: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu2: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu2: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu2: TSC skew=-50 observed drift=0
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: AMD GX-412TC SOC, 998.24 MHz, 16-30-01
cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu3: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu3: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu3: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu3: TSC skew=30 observed drift=0
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 4 pa 0xfec00000, version 21, 24 pins
ioapic1 at mainbus0: apid 5 pa 0xfec20000, version 21, 32 pins, remapped
acpihpet0 at acpi0: 14318180 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PBR4)
acpiprt2 at acpi0: bus 1 (PBR5)
acpiprt3 at acpi0: bus 2 (PBR6)
acpiprt4 at acpi0: bus 3 (PBR7)
acpiprt5 at acpi0: bus 4 (PBR8)
acpicpu0 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpicpu1 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpicpu2 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpicpu3 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpibtn0 at acpi0: PWRB
acpipci0 at acpi0 PCI0: 0x00000000 0x00000011 0x00000001
extent `acpipci0 pcibus' (0x0 - 0xff), flags=0
extent `pciio' (0x0 - 0xffffffff), flags=0
     0x10000 - 0xffffffff
extent `pcimem' (0x0 - 0xffffffffffffffff), flags=0
     0x0 - 0xdfffffff
     0xf8000000 - 0xfbffffff
     0x40000000000 - 0xffffffffffffffff
acpicmos0 at acpi0
cpu0: 998 MHz: speeds: 1000 800 600 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD 16h Root Complex" rev 0x00
pchb1 at pci0 dev 2 function 0 "AMD 16h Host" rev 0x00
ppb0 at pci0 dev 2 function 2 "AMD 16h PCIE" rev 0x00: msi
pci1 at ppb0 bus 1
em0 at pci1 dev 0 function 0 "Intel I210" rev 0x03: msi, address 00:0d:b9:55:95:8c
ppb1 at pci0 dev 2 function 3 "AMD 16h PCIE" rev 0x00: msi
pci2 at ppb1 bus 2
em1 at pci2 dev 0 function 0 "Intel I210" rev 0x03: msi, address 00:0d:b9:55:95:8d
ppb2 at pci0 dev 2 function 4 "AMD 16h PCIE" rev 0x00: msi
pci3 at ppb2 bus 3
em2 at pci3 dev 0 function 0 "Intel I210" rev 0x03: msi, address 00:0d:b9:55:95:8e
ppb3 at pci0 dev 2 function 5 "AMD 16h PCIE" rev 0x00: msi
pci4 at ppb3 bus 4
athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 5 int 16
athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:45:6a:c2
ccp0 at pci0 dev 8 function 0 "AMD 16h Crypto" rev 0x00
xhci0 at pci0 dev 16 function 0 "AMD Bolton xHCI" rev 0x11: msi, xHCI 1.0
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "AMD xHCI root hub" rev 3.00/1.00 addr 1
ahci0 at pci0 dev 17 function 0 "AMD Hudson-2 SATA" rev 0x40: apic 4 int 19, AHCI 1.3
ahci0: port 0: 6.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: <ATA, TS128GMSA370, P122> naa.57c35481856c896b
sd0: 122104MB, 512 bytes/sector, 250069680 sectors, thin
ehci0 at pci0 dev 19 function 0 "AMD Hudson-2 USB2" rev 0x39: apic 4 int 18
usb1 at ehci0: USB revision 2.0
uhub1 at usb1 configuration 1 interface 0 "AMD EHCI root hub" rev 2.00/1.00 addr 1
piixpm0 at pci0 dev 20 function 0 "AMD Hudson-2 SMBus" rev 0x42: SMI
iic0 at piixpm0
iic1 at piixpm0
pcib0 at pci0 dev 20 function 3 "AMD Hudson-2 LPC" rev 0x11
sdhc0 at pci0 dev 20 function 7 "AMD Bolton SD/MMC" rev 0x01: apic 4 int 16
sdhc0: SDHC 2.0, 50 MHz base clock
sdmmc0 at sdhc0: 4-bit, sd high-speed, mmc high-speed, dma
pchb2 at pci0 dev 24 function 0 "AMD 16h Link Cfg" rev 0x00
pchb3 at pci0 dev 24 function 1 "AMD 16h Address Map" rev 0x00
pchb4 at pci0 dev 24 function 2 "AMD 16h DRAM Cfg" rev 0x00
km0 at pci0 dev 24 function 3 "AMD 16h Misc Cfg" rev 0x00
pchb5 at pci0 dev 24 function 4 "AMD 16h CPU Power" rev 0x00
pchb6 at pci0 dev 24 function 5 "AMD 16h Misc Cfg" rev 0x00
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: NCT5104D rev 0x53
vmm0 at mainbus0: SVM/RVI
uhub2 at uhub1 port 1 configuration 1 interface 0 "Advanced Micro Devices Hub" rev 2.00/0.18 addr 2
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on sd0a (9ff2b7dc5a983ab3.a) swap on sd0b dump on sd0b


This is dmesg from hostap:

OpenBSD 6.7-current (GENERIC.MP) #333: Mon Jul  6 15:01:05 MDT 2020
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4259987456 (4062MB)
avail mem = 4115824640 (3925MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xcfea7020 (12 entries)
bios0: vendor coreboot version "v4.10.0.0" date 08/08/2019
bios0: PC Engines apu3
acpi0 at bios0: ACPI 4.0
acpi0: sleep states S0 S1 S4 S5
acpi0: tables DSDT FACP SSDT APIC HEST IVRS SSDT SSDT HPET
acpi0: wakeup devices PWRB(S4) PBR4(S4) PBR5(S4) PBR6(S4) PBR7(S4) PBR8(S4) UOH1(S3) UOH2(S3) UOH3(S3) UOH4(S3) UOH5(S3) UOH6(S3) XHC0(S4)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD GX-412TC SOC, 998.26 MHz, 16-30-01
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu0: TSC skew=0 observed drift=0
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD GX-412TC SOC, 998.14 MHz, 16-30-01
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu1: TSC skew=33 observed drift=0
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: AMD GX-412TC SOC, 998.23 MHz, 16-30-01
cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu2: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu2: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu2: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu2: TSC skew=33 observed drift=0
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: AMD GX-412TC SOC, 998.30 MHz, 16-30-01
cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu3: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache
cpu3: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu3: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu3: TSC skew=33 observed drift=0
cpu3: smt 0, core 3, package 0
ioapic0 at mainbus0: apid 4 pa 0xfec00000, version 21, 24 pins
ioapic1 at mainbus0: apid 5 pa 0xfec20000, version 21, 32 pins, remapped
acpihpet0 at acpi0: 14318180 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PBR4)
acpiprt2 at acpi0: bus 1 (PBR5)
acpiprt3 at acpi0: bus 2 (PBR6)
acpiprt4 at acpi0: bus 3 (PBR7)
acpiprt5 at acpi0: bus 4 (PBR8)
acpicpu0 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpicpu1 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpicpu2 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpicpu3 at acpi0: C2(0@400 io@0x1771), C1(@1 halt!), PSS
acpibtn0 at acpi0: PWRB
acpipci0 at acpi0 PCI0: 0x00000000 0x00000011 0x00000001
extent `acpipci0 pcibus' (0x0 - 0xff), flags=0
extent `pciio' (0x0 - 0xffffffff), flags=0
     0x10000 - 0xffffffff
extent `pcimem' (0x0 - 0xffffffffffffffff), flags=0
     0x0 - 0xcfffffff
     0xf8000000 - 0xfbffffff
     0x40000000000 - 0xffffffffffffffff
acpicmos0 at acpi0
amdgpio0 at acpi0 GPIO uid 0 addr 0xfed81500/0x300 irq 7, 184 pins
"PRP0001" at acpi0 not configured
"PRP0001" at acpi0 not configured
"PRP0001" at acpi0 not configured
"PRP0001" at acpi0 not configured
"PRP0001" at acpi0 not configured
"PRP0001" at acpi0 not configured
"BOOT0000" at acpi0 not configured
cpu0: 998 MHz: speeds: 1000 800 600 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "AMD 16h Root Complex" rev 0x00
vendor "AMD", unknown product 0x1567 (class system subclass IOMMU, rev 0x00) at pci0 dev 0 function 2 not configured
pchb1 at pci0 dev 2 function 0 "AMD 16h Host" rev 0x00
ppb0 at pci0 dev 2 function 2 "AMD 16h PCIE" rev 0x00: msi
pci1 at ppb0 bus 1
em0 at pci1 dev 0 function 0 "Intel I211" rev 0x03: msi, address 00:0d:b9:4a:40:88
ppb1 at pci0 dev 2 function 3 "AMD 16h PCIE" rev 0x00: msi
pci2 at ppb1 bus 2
em1 at pci2 dev 0 function 0 "Intel I211" rev 0x03: msi, address 00:0d:b9:4a:40:89
ppb2 at pci0 dev 2 function 4 "AMD 16h PCIE" rev 0x00: msi
pci3 at ppb2 bus 3
em2 at pci3 dev 0 function 0 "Intel I211" rev 0x03: msi, address 00:0d:b9:4a:40:8a
ppb3 at pci0 dev 2 function 5 "AMD 16h PCIE" rev 0x00: msi
pci4 at ppb3 bus 4
athn0 at pci4 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 5 int 16
athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:34:e4:23
ccp0 at pci0 dev 8 function 0 "AMD 16h Crypto" rev 0x00
xhci0 at pci0 dev 16 function 0 "AMD Bolton xHCI" rev 0x11: msi, xHCI 1.0
usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "AMD xHCI root hub" rev 3.00/1.00 addr 1
ahci0 at pci0 dev 17 function 0 "AMD Hudson-2 SATA" rev 0x39: msi, AHCI 1.3
ahci0: port 0: 6.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: <ATA, KINGSTON SMS200S, 60AA> naa.50026b727603c6f0
sd0: 114473MB, 512 bytes/sector, 234441648 sectors, thin
ehci0 at pci0 dev 19 function 0 "AMD Hudson-2 USB2" rev 0x39: apic 4 int 18
usb1 at ehci0: USB revision 2.0
uhub1 at usb1 configuration 1 interface 0 "AMD EHCI root hub" rev 2.00/1.00 addr 1
piixpm0 at pci0 dev 20 function 0 "AMD Hudson-2 SMBus" rev 0x42: SMI
iic0 at piixpm0
iic1 at piixpm0
pcib0 at pci0 dev 20 function 3 "AMD Hudson-2 LPC" rev 0x11
sdhc0 at pci0 dev 20 function 7 "AMD Bolton SD/MMC" rev 0x01: apic 4 int 16
sdhc0: SDHC 2.0, 50 MHz base clock
sdmmc0 at sdhc0: 4-bit, sd high-speed, mmc high-speed, dma
pchb2 at pci0 dev 24 function 0 "AMD 16h Link Cfg" rev 0x00
pchb3 at pci0 dev 24 function 1 "AMD 16h Address Map" rev 0x00
pchb4 at pci0 dev 24 function 2 "AMD 16h DRAM Cfg" rev 0x00
km0 at pci0 dev 24 function 3 "AMD 16h Misc Cfg" rev 0x00
pchb5 at pci0 dev 24 function 4 "AMD 16h CPU Power" rev 0x00
pchb6 at pci0 dev 24 function 5 "AMD 16h Misc Cfg" rev 0x00
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
com2 at isa0 port 0x3e8/8 irq 5: ns16550a, 16 byte fifo
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
intr_establish: pic ioapic0 pin 7: can't share type 3 with 2
wbsio0 at isa0 port 0x2e/2: NCT5104D rev 0x53
vmm0 at mainbus0: SVM/RVI
uslcom0 at uhub0 port 4 configuration 1 interface 0 "Silicon Labs CP2102 USB to UART Bridge Controller" rev 1.10/1.00 addr 2
ucom0 at uslcom0 portno 0
uhub2 at uhub1 port 1 configuration 1 interface 0 "Advanced Micro Devices Hub" rev 2.00/0.18 addr 2
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on sd0a (dd930612ce0c6e49.a) swap on sd0b dump on sd0b

--
Regards,
 Mikolaj

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Wed, Jul 08, 2020 at 06:37:31PM -0500, Tim Chase wrote:

> > Are you able to run tcpdump on the AP itself or on the network
> > behind the AP? Do you see DHCP requests from the athn client
> > arriving there?
>
> The wireless router (also serving DHCP/DNS) is ISP-provided hardware.
> I put Wireshark on my wife's Debian machine and ran it with a filter
> for
>
>   ether src {MAC} || ether dst {MAC}
>
> for the MAC of my Mini10 in question and was pleasantly surprised
> to get signs of DHCP chatter on the network (I was fully expecting
> a lack of link to mean I'd get nothing).  I've attached the pcap.gz
> which hopefully gives you useful stuff to hammer at.

What this shows is that DHCP to the broadcast address arrives on
the LAN. The next thing we need to know is why your client doesn't
seem to be receiving any DHCP responses.

> Please let me know if I can scrounge any other useful information for
> you.  Thanks again!

Can you provide another pcap showing the same situation from the
athn's client's perspective?

  tcpdump -n -i athn0 -y IEEE802_11_RADIO -s 4096 -w /tmp/athn.pcap

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Sat, Jul 11, 2020 at 10:22:10AM -0500, Tim Chase wrote:

> On 2020-07-11 10:34, Stefan Sperling wrote:
> > On Fri, Jul 10, 2020 at 10:20:07AM -0500, Tim Chase wrote:
> > > On 2020-07-10 09:58, Stefan Sperling wrote:  
> > > > Does it work if you eliminate DHCP and assign static IPs?  
> > >
> > > It indeed allowed me to talk to other devices on the network
> > > over wifi.  So that's at least some form of progress from where
> > > the physical layer wasn't even giving a carrier originally.  
> >
> > With static IP working, it's quite likely that looking at the wifi
> > layer won't lead us anywhere. This is looking more and more like a
> > DHCP problem, rather than a wifi problem. I'm at a loss as to where
> > we could look next.
>
> Since it seems like we hit a dead-end, I went ahead took your other
> suggestion, switching my router so it's AES only, no TKIP and it's
> back to working.  So something in that TKIP confusion that you
> identified seems to be dropping the DHCP reply on the floor.

Thanks for confirming that CCPM-only (i.e. WPA2-only) works as expected.
What is a bit puzzling is that a CCMP+TKIP AP I used for trying to
reproduce the issue seemed to work as expected for me.

I have now found out that ic_rsngroupcipher wasn't updated and always
remained set to CCMP (see the other patch I sent to tech@ earlier today).
Turn out athn is relying on that value to be correct.
If the AP uses TKIP for group-addressed frames, then the check shown in
the patch below might result in a false-positive for TKIP frames.
Does this patch make the device work against your AP in both modes?

Something else we could still try is to only enable offloading if the AP
uses CCMP as a groupcipher. We could completely fall back to software crypto
in all the other cases. But let's try this simple patch first, since this
keeps pairwise CCMP accelerated in hardware.

diff 21633c8848e72769b1658114d9c706c177040a2a /usr/src
blob - 70dbaf422bd5ddc4567ef61322718cb15e7453ce
file + sys/dev/ic/ar5008.c
--- sys/dev/ic/ar5008.c
+++ sys/dev/ic/ar5008.c
@@ -1005,7 +1005,7 @@ ar5008_rx_process(struct athn_softc *sc, struct mbuf_l
     (ni->ni_flags & IEEE80211_NODE_RXPROT) &&
     (ni->ni_rsncipher == IEEE80211_CIPHER_CCMP ||
     (IEEE80211_IS_MULTICAST(wh->i_addr1) &&
-    ic->ic_rsngroupcipher == IEEE80211_CIPHER_CCMP))) {
+    ni->ni_rsngroupcipher == IEEE80211_CIPHER_CCMP))) {
  if (ar5008_ccmp_decap(sc, m, ni) != 0) {
  ifp->if_ierrors++;
  ieee80211_release_node(ic, ni);

Reply | Threaded
Open this post in threaded view
|

Re: athn0 works in 6.6, fails in 6.7

Stefan Sperling-5
On Sun, Jul 12, 2020 at 08:25:43AM -0500, Tim Chase wrote:
> That said, I haven't yet applied your patch below (the second patch
> you sent me) since everything was working with the first one.  Would
> you still like me to apply that patch and test too?  Or are you
> satisfied with the patch you sent to tech@ ?

I expect that either patch in isolation would fix it. I'll commit both.

Generally, 'ic' represents the wireless interface and 'ni' is used when
referring to a peer on the wifi network. So this second diff is valid,
even though combined with the other patch it boils down to a style fix.

Thank you for your patience in getting this resolved :)

> > diff 21633c8848e72769b1658114d9c706c177040a2a /usr/src
> > blob - 70dbaf422bd5ddc4567ef61322718cb15e7453ce
> > file + sys/dev/ic/ar5008.c
> > --- sys/dev/ic/ar5008.c
> > +++ sys/dev/ic/ar5008.c
> > @@ -1005,7 +1005,7 @@ ar5008_rx_process(struct athn_softc *sc,
> > struct mbuf_l (ni->ni_flags & IEEE80211_NODE_RXPROT) &&
> >      (ni->ni_rsncipher == IEEE80211_CIPHER_CCMP ||
> >      (IEEE80211_IS_MULTICAST(wh->i_addr1) &&
> > -    ic->ic_rsngroupcipher == IEEE80211_CIPHER_CCMP))) {
> > +    ni->ni_rsngroupcipher == IEEE80211_CIPHER_CCMP))) {
> >   if (ar5008_ccmp_decap(sc, m, ni) != 0) {
> >   ifp->if_ierrors++;
> >   ieee80211_release_node(ic, ni);
>
>
>