wpa_supplicant on buster fails with WPA enterprise

Bug #1834749 reported by Nick Sayer on 2019-06-29
52
This bug affects 10 people
Affects Status Importance Assigned to Milestone
Raspbian
Undecided
Unassigned

Bug Description

the version of wpa_supplicant included on buster can't successfully negotiate wpa_enterprise connections. Downgrading wpa_supplicant to the stretch version works.

So far as I can tell, the best diagnostic I've found is this in kern.log:

Jun 29 09:56:08 srv-pizero kernel: [ 1699.002587] ------------[ cut here ]------------
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003038] WARNING: CPU: 0 PID: 16477 at drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c:5126 brcmf_cfg80211_set_pmk+0x64/0x84 [brcmfmac]
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003049] Modules linked in: bnep hci_uart btbcm serdev bluetooth ecdh_generic 8021q garp stp llc spidev brcmfmac brcmutil sha256_generic cfg80211 ras
pberrypi_hwmon hwmon rfkill bcm2835_codec(C) bcm2835_v4l2(C) v4l2_mem2mem bcm2835_mmal_vchiq(C) v4l2_common videobuf2_dma_contig videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 videobuf2_c
ommon spi_bcm2835 videodev media fixed uio_pdrv_genirq uio usb_f_acm u_serial g_serial libcomposite dwc2 udc_core ip_tables x_tables ipv6
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003266] CPU: 0 PID: 16477 Comm: wpa_supplicant Tainted: G WC 4.19.50+ #896
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003273] Hardware name: BCM2835
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003324] [<c0017edc>] (unwind_backtrace) from [<c0014e24>] (show_stack+0x20/0x24)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003356] [<c0014e24>] (show_stack) from [<c06b8350>] (dump_stack+0x20/0x28)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003393] [<c06b8350>] (dump_stack) from [<c0024450>] (__warn+0xf4/0x11c)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003418] [<c0024450>] (__warn) from [<c00245a8>] (warn_slowpath_null+0x4c/0x58)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.003697] [<c00245a8>] (warn_slowpath_null) from [<bf404aec>] (brcmf_cfg80211_set_pmk+0x64/0x84 [brcmfmac])
Jun 29 09:56:08 srv-pizero kernel: [ 1699.005132] [<bf404aec>] (brcmf_cfg80211_set_pmk [brcmfmac]) from [<bf26d37c>] (nl80211_set_pmk+0x160/0x1f8 [cfg80211])
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006250] [<bf26d37c>] (nl80211_set_pmk [cfg80211]) from [<c05f6e94>] (genl_rcv_msg+0x238/0x458)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006292] [<c05f6e94>] (genl_rcv_msg) from [<c05f5eb0>] (netlink_rcv_skb+0x100/0x138)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006320] [<c05f5eb0>] (netlink_rcv_skb) from [<c05f6c48>] (genl_rcv+0x30/0x44)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006345] [<c05f6c48>] (genl_rcv) from [<c05f55dc>] (netlink_unicast+0x1a8/0x23c)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006370] [<c05f55dc>] (netlink_unicast) from [<c05f5a24>] (netlink_sendmsg+0x2f0/0x364)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006397] [<c05f5a24>] (netlink_sendmsg) from [<c058a550>] (sock_sendmsg+0x24/0x34)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006419] [<c058a550>] (sock_sendmsg) from [<c058ad3c>] (___sys_sendmsg+0x20c/0x228)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006442] [<c058ad3c>] (___sys_sendmsg) from [<c058be00>] (__sys_sendmsg+0x5c/0xa0)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006463] [<c058be00>] (__sys_sendmsg) from [<c058be60>] (sys_sendmsg+0x1c/0x20)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006486] [<c058be60>] (sys_sendmsg) from [<c0009000>] (ret_fast_syscall+0x0/0x28)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006497] Exception stack(0xd8845fa8 to 0xd8845ff0)
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006514] 5fa0: 01d39210 01d3a8d8 00000004 bec1efd0 00000000 00000000
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006531] 5fc0: 01d39210 01d3a8d8 01d39198 00000128 b6f87000 ffffffff 00000001 00000004
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006544] 5fe0: 0000006c bec1ef88 b6f6c5bc b6ad2980
Jun 29 09:56:08 srv-pizero kernel: [ 1699.006556] ---[ end trace c696f3cfa961932b ]---

Honestly, I have no idea if that's a red herring or not.

Chris (chrispage) wrote :
Download full text (4.0 KiB)

I'm experiencing the same problem attempting to connect to eduroam, wpa_supplicant contains:

network={
     ssid="eduroam"
     identity="<username>@<institution>"
     password="<password>"
     eap=PEAP
     phase1="peaplabel=0"
     phase2="auth=MSCHAPV2"
     key_mgmt=WPA-EAP
     scan_ssid=1
}

Kernel error is similar:

Jun 20 18:42:41 raspberrypi kernel: [ 609.883403] ------------[ cut here ]------------
Jun 20 18:42:41 raspberrypi kernel: [ 609.883546] WARNING: CPU: 2 PID: 483 at drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c:5126 brcmf_cfg80211
_set_pmk+0x6c/0x80 [brcmfmac]
Jun 20 18:42:41 raspberrypi kernel: [ 609.883556] Modules linked in: rfcomm bnep hci_uart btbcm serdev bluetooth ecdh_generic fuse 8021q garp stp llc evdev v
3d vc4 gpu_sched drm_kms_helper snd_soc_core snd_bcm2835(C) drm brcmfmac snd_compress brcmutil snd_pcm_dmaengine syscopyarea sysfillrect sysimgblt raspberrypi
_hwmon sha256_generic fb_sys_fops drm_panel_orientation_quirks snd_pcm hwmon cfg80211 snd_timer rfkill snd bcm2835_v4l2(C) bcm2835_codec(C) v4l2_common videob
uf2_vmalloc v4l2_mem2mem bcm2835_mmal_vchiq(C) videobuf2_dma_contig videobuf2_memops videobuf2_v4l2 videobuf2_common videodev media argon_mem fixed uio_pdrv_g
enirq uio i2c_dev ip_tables x_tables ipv6
Jun 20 18:42:41 raspberrypi kernel: [ 609.884075] CPU: 2 PID: 483 Comm: wpa_supplicant Tainted: G WC 4.19.50-v7l+ #895
Jun 20 18:42:41 raspberrypi kernel: [ 609.884083] Hardware name: BCM2835
Jun 20 18:42:41 raspberrypi kernel: [ 609.884115] [<c0212c80>] (unwind_backtrace) from [<c020d49c>] (show_stack+0x20/0x24)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884136] [<c020d49c>] (show_stack) from [<c0978f60>] (dump_stack+0xd4/0x118)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884157] [<c0978f60>] (dump_stack) from [<c0222270>] (__warn+0x104/0x11c)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884173] [<c0222270>] (__warn) from [<c02223c0>] (warn_slowpath_null+0x50/0x58)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884294] [<c02223c0>] (warn_slowpath_null) from [<bf5b8ae0>] (brcmf_cfg80211_set_pmk+0x6c/0x80 [brcmfmac])
Jun 20 18:42:41 raspberrypi kernel: [ 609.884551] [<bf5b8ae0>] (brcmf_cfg80211_set_pmk [brcmfmac]) from [<bf2debfc>] (nl80211_set_pmk+0x160/0x26c [cfg80211])
Jun 20 18:42:41 raspberrypi kernel: [ 609.884697] [<bf2debfc>] (nl80211_set_pmk [cfg80211]) from [<c08b3784>] (genl_rcv_msg+0x244/0x464)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884714] [<c08b3784>] (genl_rcv_msg) from [<c08b277c>] (netlink_rcv_skb+0x104/0x138)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884728] [<c08b277c>] (netlink_rcv_skb) from [<c08b3530>] (genl_rcv+0x34/0x44)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884742] [<c08b3530>] (genl_rcv) from [<c08b1e9c>] (netlink_unicast+0x1b0/0x234)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884756] [<c08b1e9c>] (netlink_unicast) from [<c08b22c0>] (netlink_sendmsg+0x2dc/0x364)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884771] [<c08b22c0>] (netlink_sendmsg) from [<c0842968>] (sock_sendmsg+0x24/0x34)
Jun 20 18:42:41 raspberrypi kernel: [ 609.884789] [<c0842968>] (sock_sendmsg) from [<c08431b4>] (___sys_sendmsg+0x214/0x228)
Jun 20 18:42:41 raspberrypi ke...

Read more...

Pander (pander) on 2019-07-17
tags: added: buster wifi
Ted Lum (tlum) wrote :

I have the same problem - no way to use wifi, so this is SERIOUS issue for me.

This appears to be this:

https://www.spinics.net/lists/linux-wireless/msg187184.html

v2.8 supplicant is illegally trying to use 4-way handshake offloading in NL80211_CMD_SET_PMK without declaring it's intent to use it with NL80211_ATTR_WANT_1X_4WAY_HS in NL80211_CMD_CONNECT, so the violation of the contract results in a warning being thrown... and the call fails.

Will Bratton (wfbratton) wrote :

Encountering same issue attempting to connect Raspberry Pi 4 running Buster to enterprise Wifi. Raspberry Pi 3s running Jessie connect with no issue.

Thanks!

Christian Gut (cycloon) wrote :

This seems to have been already corrected by Redhat:
https://bugzilla.redhat.com/show_bug.cgi?id=1665608

See also this:
https://patchwork.ozlabs.org/patch/1125655/

Sergei Morozov (sergeimorozov) wrote :

I'm experiencing a similar problem on Ubuntu 19.10 (wpasupplicant 2.9): https://askubuntu.com/questions/1185373/cannot-connect-to-an-enterprise-wifi-network-after-an-upgrade-to-ubuntu-19-10.

Is it the same one that was solved in the ticket above?

Joey Dodson (ninjawailer) wrote :

Can anyone experiencing this bug try running:

$apt list -a firmware-brcm80211

to see if the version installed is firmware-brcm80211 1:20190114-1+rpt5

I was able to solve an issue similar to this (or the same?) by downgrading this package to firmware-brcm80211 1:20190114-1+rpt4. You can see more about my problem on Stack Exchange here:

https://raspberrypi.stackexchange.com/questions/110786/rpi4-with-buster-wpa-supplicant-fails-to-connect-to-hostapd-network-hosted-on-ub/110796?noredirect=1#comment189464_110796

ktf (mvanb1) wrote :

@ninjawailer
I tried running firmware-brcm80211 and I was running 1:20190114-1+rpt6

Downgrading to +rt4 only made things worse. With the newer version, I could still get things running through WEXT (though it still was rather unstable), with the downgrade WEXT nor nl80211 worked.

I downgraded from Buster to Stretch to fix this issue.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.