Message ID | 20190908151709.23971-2-geomatsi@gmail.com |
---|---|
State | Superseded, archived |
Headers | show |
Series | [1/2] package/wpa_supplicant: add Config.in option for WPA3 | expand |
Sergey, On Sun, Sep 8, 2019 at 10:14 AM Sergey Matyukevich <geomatsi@gmail.com> wrote: > > New wpa_supplicant v2.9 enables by default WPA3 features such as > SAE and DPP. Building those features requires openssl. > > This patch adds Config.in option for WPA3 support in wpa_supplicant. > When this option is selected, libopenssl is also selected and WPA3 > features OWE, SAE, DPP are enabled in wpa_supplicant configuration. > When this option is deselected, then all the above WPA3 options > are disabled. > > Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com> > --- > package/wpa_supplicant/Config.in | 7 +++++++ > package/wpa_supplicant/wpa_supplicant.mk | 12 ++++++++++++ > 2 files changed, 19 insertions(+) > > diff --git a/package/wpa_supplicant/Config.in b/package/wpa_supplicant/Config.in > index 1594b877c6..cba7fa07e1 100644 > --- a/package/wpa_supplicant/Config.in > +++ b/package/wpa_supplicant/Config.in > @@ -81,6 +81,13 @@ config BR2_PACKAGE_WPA_SUPPLICANT_WPS > help > Enable support for Wi-Fi Protected Setup (WPS). > > +config BR2_PACKAGE_WPA_SUPPLICANT_WPA3 > + bool "Enable WPA3 support" > + select BR2_PACKAGE_OPENSSL > + select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL > + help > + Enable WPA3 support including OWE, SAE, DPP > + > config BR2_PACKAGE_WPA_SUPPLICANT_CLI > bool "Install wpa_cli binary" > help > diff --git a/package/wpa_supplicant/wpa_supplicant.mk b/package/wpa_supplicant/wpa_supplicant.mk > index 0a7a5072dc..283c006052 100644 > --- a/package/wpa_supplicant/wpa_supplicant.mk > +++ b/package/wpa_supplicant/wpa_supplicant.mk > @@ -88,6 +88,18 @@ ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_WPS),y) > WPA_SUPPLICANT_CONFIG_ENABLE += CONFIG_WPS > endif > > +ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_WPA3),y) > +WPA_SUPPLICANT_CONFIG_ENABLE += \ > + CONFIG_DPP \ > + CONFIG_SAE \ > + CONFIG_OWE > +else > +WPA_SUPPLICANT_CONFIG_DISABLE += \ > + CONFIG_DPP \ > + CONFIG_SAE \ > + CONFIG_OWE > +endif To test your else case with WPA3 disabled. I took the following build failure and applied your patch. http://autobuild.buildroot.net/results/c93c1f78429d022fd0f7b6db91eb860cc3d4d95b/ Here's where the build now fails. Looks like the sae related linking issues are gone but dfs is still an issue. /home/foobar/c93c1f78429d022fd0f7b6db91eb860cc3d4d95b/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-linux-gnu/8.3.0/../../../../aarch64-linux-gnu/bin/ld: ../src/ap/ieee802_11_vht.o: in function `hostapd_eid_txpower_envelope': ieee802_11_vht.c:(.text+0x2c8): undefined reference to `hostapd_is_dfs_required' This can be resolved by adding the src/ap/dfs.o to the list of items built, I'm just unsure of the right CONFIG option to set that or if it is an actual Makefile miss when a recent feature was added. It will build successful it you enable the Buildroot "BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT" option that adds the missing objs. Regards, Matt
> > New wpa_supplicant v2.9 enables by default WPA3 features such as > > SAE and DPP. Building those features requires openssl. > > > > This patch adds Config.in option for WPA3 support in wpa_supplicant. > > When this option is selected, libopenssl is also selected and WPA3 > > features OWE, SAE, DPP are enabled in wpa_supplicant configuration. > > When this option is deselected, then all the above WPA3 options > > are disabled. ... > To test your else case with WPA3 disabled. I took the following build > failure and applied your patch. > http://autobuild.buildroot.net/results/c93c1f78429d022fd0f7b6db91eb860cc3d4d95b/ > > Here's where the build now fails. Looks like the sae related linking > issues are gone but dfs is still an issue. > /home/foobar/c93c1f78429d022fd0f7b6db91eb860cc3d4d95b/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-linux-gnu/8.3.0/../../../../aarch64-linux-gnu/bin/ld: > ../src/ap/ieee802_11_vht.o: in function > `hostapd_eid_txpower_envelope': > ieee802_11_vht.c:(.text+0x2c8): undefined reference to `hostapd_is_dfs_required' > > This can be resolved by adding the src/ap/dfs.o to the list of items > built, I'm just unsure of the right CONFIG option to set that or if it > is an actual Makefile miss when a recent feature was added. It will > build successful it you enable the Buildroot > "BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT" option that adds the missing > objs. > > Regards, > Matt Hi Matt, Multiple wpa_supplicant build issues of this kind have been already reported in the latest daily build results. This issue is reproduced when BR2_PACKAGE_WPA_SUPPLICANT_NL80211 disabled. In this case wpa_supplicant uses WEXT driver by default. However that driver does not support AP mode. On the other hand, wpa-supplicant v2.9 enables CONFIG_AP in defconfig. This was not the case in v2.7, so wpa_supplicant.mk does not switch off this option when BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT is disabled. I have a patch for this issue as well and plan to include into v2 after I collect some feedback regarding WPA3 support. In brief, the fix is going to be someting like this: diff --git a/package/wpa_supplicant/wpa_supplicant.mk b/package/wpa_supplicant/wpa_supplicant.mk index a518ecc217..1d582354f7 100644 --- a/package/wpa_supplicant/wpa_supplicant.mk +++ b/package/wpa_supplicant/wpa_supplicant.mk @@ -84,10 +84,16 @@ ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT),y) WPA_SUPPLICANT_CONFIG_ENABLE += \ CONFIG_AP \ CONFIG_P2P +else +WPA_SUPPLICANT_CONFIG_DISABLE += \ + CONFIG_AP \ + CONFIG_P2P endif ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_WIFI_DISPLAY),y) WPA_SUPPLICANT_CONFIG_ENABLE += CONFIG_WIFI_DISPLAY +else +WPA_SUPPLICANT_CONFIG_DISABLE += CONFIG_WIFI_DISPLAY endif ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING),y) Regards, Sergey
Sergey, On Mon, Sep 9, 2019 at 8:40 AM Sergey Matyukevich <geomatsi@gmail.com> wrote: > > > > New wpa_supplicant v2.9 enables by default WPA3 features such as > > > SAE and DPP. Building those features requires openssl. > > > > > > This patch adds Config.in option for WPA3 support in wpa_supplicant. > > > When this option is selected, libopenssl is also selected and WPA3 > > > features OWE, SAE, DPP are enabled in wpa_supplicant configuration. > > > When this option is deselected, then all the above WPA3 options > > > are disabled. > > ... > > > To test your else case with WPA3 disabled. I took the following build > > failure and applied your patch. > > https://urldefense.proofpoint.com/v2/url?u=http-3A__autobuild.buildroot.net_results_c93c1f78429d022fd0f7b6db91eb860cc3d4d95b_&d=DwIBAg&c=ilBQI1lupc9Y65XwNblLtw&r=y1sOV0GV8NZUkffv7oCRxs2Sd3nOBS-NxDM3NY8lOgs&m=zFA1DlkhYoyevLNN9gzgwPS3XM5gYgozMRAV-mVe39E&s=yrl2vOP_D1Y4udJ8xxya0OT38uYMR--kjfJ5d4ISrg4&e= > > > > Here's where the build now fails. Looks like the sae related linking > > issues are gone but dfs is still an issue. > > /home/foobar/c93c1f78429d022fd0f7b6db91eb860cc3d4d95b/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-linux-gnu/8.3.0/../../../../aarch64-linux-gnu/bin/ld: > > ../src/ap/ieee802_11_vht.o: in function > > `hostapd_eid_txpower_envelope': > > ieee802_11_vht.c:(.text+0x2c8): undefined reference to `hostapd_is_dfs_required' > > > > This can be resolved by adding the src/ap/dfs.o to the list of items > > built, I'm just unsure of the right CONFIG option to set that or if it > > is an actual Makefile miss when a recent feature was added. It will > > build successful it you enable the Buildroot > > "BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT" option that adds the missing > > objs. > > > > Regards, > > Matt > > Hi Matt, > > Multiple wpa_supplicant build issues of this kind have been already > reported in the latest daily build results. This issue is reproduced > when BR2_PACKAGE_WPA_SUPPLICANT_NL80211 disabled. In this case > wpa_supplicant uses WEXT driver by default. However that > driver does not support AP mode. > > On the other hand, wpa-supplicant v2.9 enables CONFIG_AP in defconfig. > This was not the case in v2.7, so wpa_supplicant.mk does not switch > off this option when BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT is disabled. > > I have a patch for this issue as well and plan to include into v2 after > I collect some feedback regarding WPA3 support. > > In brief, the fix is going to be someting like this: > > diff --git a/package/wpa_supplicant/wpa_supplicant.mk b/package/wpa_supplicant/wpa_supplicant.mk > index a518ecc217..1d582354f7 100644 > --- a/package/wpa_supplicant/wpa_supplicant.mk > +++ b/package/wpa_supplicant/wpa_supplicant.mk > @@ -84,10 +84,16 @@ ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT),y) > WPA_SUPPLICANT_CONFIG_ENABLE += \ > CONFIG_AP \ > CONFIG_P2P > +else > +WPA_SUPPLICANT_CONFIG_DISABLE += \ > + CONFIG_AP \ > + CONFIG_P2P > endif > > ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_WIFI_DISPLAY),y) > WPA_SUPPLICANT_CONFIG_ENABLE += CONFIG_WIFI_DISPLAY > +else > +WPA_SUPPLICANT_CONFIG_DISABLE += CONFIG_WIFI_DISPLAY > endif > I've tested your informal fix above for the CONFIG_AP now being set by default and needing to be disabled. My build now passes. CC me when you send the patch and I'll add my tested by. Matt
On 09/09/2019 15:21, Matthew Weber wrote: [snip] > Here's where the build now fails. Looks like the sae related linking > issues are gone but dfs is still an issue. > /home/foobar/c93c1f78429d022fd0f7b6db91eb860cc3d4d95b/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-linux-gnu/8.3.0/../../../../aarch64-linux-gnu/bin/ld: > ../src/ap/ieee802_11_vht.o: in function This object file is only enabled under the CONFIG_AP condition... > `hostapd_eid_txpower_envelope': > ieee802_11_vht.c:(.text+0x2c8): undefined reference to `hostapd_is_dfs_required' > > This can be resolved by adding the src/ap/dfs.o to the list of items ... and that one gets added if CONFIG_AP and CONFIG_DRIVER_NL80211 are enabled. > built, I'm just unsure of the right CONFIG option to set that or if it > is an actual Makefile miss when a recent feature was added. It will > build successful it you enable the Buildroot > "BR2_PACKAGE_WPA_SUPPLICANT_AP_SUPPORT" option that adds the missing > objs. ... so I'm surprised that this fixes it for you... I'd expect enabling the NL80211 driver would fix it. Anyway, it definitely looks like a bug in the wpa_supplicant Makefile. I checked on current master and it's still like that. And openrwrt is still at 2.7 so no fixes there either. Regards, Arnout > > Regards, > Matt >
diff --git a/package/wpa_supplicant/Config.in b/package/wpa_supplicant/Config.in index 1594b877c6..cba7fa07e1 100644 --- a/package/wpa_supplicant/Config.in +++ b/package/wpa_supplicant/Config.in @@ -81,6 +81,13 @@ config BR2_PACKAGE_WPA_SUPPLICANT_WPS help Enable support for Wi-Fi Protected Setup (WPS). +config BR2_PACKAGE_WPA_SUPPLICANT_WPA3 + bool "Enable WPA3 support" + select BR2_PACKAGE_OPENSSL + select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL + help + Enable WPA3 support including OWE, SAE, DPP + config BR2_PACKAGE_WPA_SUPPLICANT_CLI bool "Install wpa_cli binary" help diff --git a/package/wpa_supplicant/wpa_supplicant.mk b/package/wpa_supplicant/wpa_supplicant.mk index 0a7a5072dc..283c006052 100644 --- a/package/wpa_supplicant/wpa_supplicant.mk +++ b/package/wpa_supplicant/wpa_supplicant.mk @@ -88,6 +88,18 @@ ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_WPS),y) WPA_SUPPLICANT_CONFIG_ENABLE += CONFIG_WPS endif +ifeq ($(BR2_PACKAGE_WPA_SUPPLICANT_WPA3),y) +WPA_SUPPLICANT_CONFIG_ENABLE += \ + CONFIG_DPP \ + CONFIG_SAE \ + CONFIG_OWE +else +WPA_SUPPLICANT_CONFIG_DISABLE += \ + CONFIG_DPP \ + CONFIG_SAE \ + CONFIG_OWE +endif + # Try to use openssl if it's already available ifeq ($(BR2_PACKAGE_LIBOPENSSL),y) WPA_SUPPLICANT_DEPENDENCIES += host-pkgconf libopenssl
New wpa_supplicant v2.9 enables by default WPA3 features such as SAE and DPP. Building those features requires openssl. This patch adds Config.in option for WPA3 support in wpa_supplicant. When this option is selected, libopenssl is also selected and WPA3 features OWE, SAE, DPP are enabled in wpa_supplicant configuration. When this option is deselected, then all the above WPA3 options are disabled. Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com> --- package/wpa_supplicant/Config.in | 7 +++++++ package/wpa_supplicant/wpa_supplicant.mk | 12 ++++++++++++ 2 files changed, 19 insertions(+)