Bug 208483
Summary: | mt76x0u packet injection not working on 5GHz channels | ||
---|---|---|---|
Product: | Drivers | Reporter: | Michael (ZeroBeat) |
Component: | network-wireless | Assignee: | drivers_network-wireless (drivers_network-wireless) |
Status: | RESOLVED OBSOLETE | ||
Severity: | normal | CC: | lorenzo.bianconi83 |
Priority: | P1 | ||
Hardware: | All | ||
OS: | Linux | ||
Kernel Version: | 5.7.7 | Tree: | Mainline |
Subsystem: | Regression: | No |
Description
Michael
2020-07-07 08:05:22 UTC
This is the standard Radiotap Header used by hcxdumptool: static const uint8_t hdradiotap[] = { 0x00, 0x00, /* radiotap version and padding */ 0x0e, 0x00, /* radiotap header length */ 0x06, 0x8c, 0x00, 0x00, /* bitmap */ 0x02, /* flags */ 0x02, /* rate */ 0x14, /* tx power */ 0x01, /* antenna */ 0x08, 0x00 /* tx flags */ }; #define HDRRT_SIZE sizeof(hdradiotap) All ioctl() system calls (SIOCGIFFLAGS, SIOCSIFFLAGS, SIOCGIWMODE, SIOCSIWMODE, SIOCGIWFREQ, SIOCSIWFREQ) are working as expected. hcxdumptool is running an PF_PACKET - SOCK_RAW socket. (In reply to Michael from comment #0) > Packet injection on 5GHz is probably not working on mt76x0u devices, while > 2.4GHz injection is working fine. > > kernel: > 5.7.7-arch1-1 > > tested devices: > Bus 005 Device 006: ID 0b05:17d1 ASUSTek Computer, Inc. AC51 > 802.11a/b/g/n/ac Wireless Adapter [Mediatek MT7610U] > > Bus 005 Device 007: ID 148f:761a Ralink Technology, Corp. MT7610U ("Archer > T2U" 2.4G+5G WLAN Adapter > > 2.4GHz injection test: > channels: 1,2,3,4,5,6,7,8,9,10,11,12,13 > $ sudo hcxdumptool -i wlp39s0f3u1u1u2 -s 1 --check_injection > initialization... > starting packet injection test (that can take up to two minutes)... > packet injection is working! > ratio: 38 to 18 > > terminating... > > > 5GHz injection test: > channels: > 36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,149,153, > 157,161,165 > $ sudo hcxdumptool -i wlp39s0f3u1u1u2 -s 2 --check_injection > initialization... > starting packet injection test (that can take up to two minutes)... > warning: no PROBERESPONSE received - packet injection is probably not > working! > > terminating... > > dmesg doesn't show an error: > [ 7778.671642] usb 5-1.1.2: USB disconnect, device number 8 > [ 7782.506462] usb 5-1.1.2: new high-speed USB device number 9 using xhci_hcd > [ 7782.711427] usb 5-1.1.2: New USB device found, idVendor=0b05, > idProduct=17d1, bcdDevice= 1.00 > [ 7782.711429] usb 5-1.1.2: New USB device strings: Mfr=1, Product=2, > SerialNumber=3 > [ 7782.711430] usb 5-1.1.2: Product: WiFi > [ 7782.711431] usb 5-1.1.2: Manufacturer: MediaTek > [ 7782.711432] usb 5-1.1.2: SerialNumber: 1.0 > [ 7782.899864] usb 5-1.1.2: reset high-speed USB device number 9 using > xhci_hcd > [ 7783.094384] mt76x0u 5-1.1.2:1.0: ASIC revision: 76100002 MAC revision: > 76502000 > [ 7783.803449] audit: type=1131 audit(1594108631.465:369): pid=1 uid=0 > auid=4294967295 ses=4294967295 msg='unit=systemd-rfkill comm="systemd" > exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' > [ 7784.121190] mt76x0u 5-1.1.2:1.0: EEPROM ver:02 fae:01 > [ 7784.152801] ieee80211 phy11: Selected rate control algorithm 'minstrel_ht' > [ 7784.172411] mt76x0u 5-1.1.2:1.0 wlp39s0f3u1u1u2: renamed from wlan0 > ... > hcxdumptool start: > [ 7791.943188] device wlp39s0f3u1u1u2 entered promiscuous mode > ... > hcxdumptool stop: > [ 7797.627678] device wlp39s0f3u1u1u2 left promiscuous mode > ... > > Wireshark showing outgoing 5GHz packets, but they are not transmitted over > the air by the interface. > > > Devices are connected to an USB2 hub, due to xhci issue on USB3 as reported > here: > https://bugzilla.kernel.org/show_bug.cgi?id=202541 > > hcxdumptool is available here (latest version): > https://github.com/ZerBea/hcxdumptool > or via distribution Hi packet manager. Hi Michael, can you please double check you have configured a regdomain that allows active scanning @ 5GHz? [~/workspace/hcxdumptool]$ sudo iw reg set US [~/workspace/hcxdumptool]$ sudo iw reg get global country US: DFS-FCC (2402 - 2472 @ 40), (N/A, 30), (N/A) (5170 - 5250 @ 80), (N/A, 23), (N/A), AUTO-BW (5250 - 5330 @ 80), (N/A, 23), (0 ms), DFS, AUTO-BW (5490 - 5730 @ 160), (N/A, 23), (0 ms), DFS (5735 - 5835 @ 80), (N/A, 30), (N/A) (57240 - 71000 @ 2160), (N/A, 40), (N/A) [~/workspace/hcxdumptool]$ sudo ./hcxdumptool -i wlp0s4u1 -s 2 --check_injection initialization... [ 851.926217] IPv6: ADDRCONF(NETDEV_CHANGE): wlp0s4u1: link becomes ready [ 851.961037] device wlp0s4u1 entered promiscuous mode starting packet injection test (that can take up to two minutes)... packet injection is working! ratio: 24 to 13 terminating... [ 858.457865] device wlp0s4u1 left promiscuous mode [~/workspace/hcxdumptool]$ sudo iw reg set 00 [~/workspace/hcxdumptool]$ sudo iw reg get global country 00: DFS-UNSET (2402 - 2472 @ 40), (N/A, 20), (N/A) (2457 - 2482 @ 20), (N/A, 20), (N/A), AUTO-BW, PASSIVE-SCAN (2474 - 2494 @ 20), (N/A, 20), (N/A), NO-OFDM, PASSIVE-SCAN (5170 - 5250 @ 80), (N/A, 20), (N/A), AUTO-BW, PASSIVE-SCAN (5250 - 5330 @ 80), (N/A, 20), (0 ms), DFS, AUTO-BW, PASSIVE-SCAN (5490 - 5730 @ 160), (N/A, 20), (0 ms), DFS, PASSIVE-SCAN (5735 - 5835 @ 80), (N/A, 20), (N/A), PASSIVE-SCAN (57240 - 63720 @ 2160), (N/A, 0), (N/A) [~/workspace/hcxdumptool]$ sudo ./hcxdumptool -i wlp0s4u1 -s 2 --check_injection initialization... [ 908.610232] IPv6: ADDRCONF(NETDEV_CHANGE): wlp0s4u1: link becomes ready [ 908.650314] device wlp0s4u1 entered promiscuous mode starting packet injection test (that can take up to two minutes)... warning: no PROBERESPONSE received - packet injection is probably not working! terminating... [ 915.588560] device wlp0s4u1 left promiscuous mode [~/workspace/hcxdumptool]$ lsusb Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 002: ID 0b05:17d1 ASUSTek Computer, Inc. AC51 802.11a/b/g/n/ac Wireless Adapter [Mediatek MT7610U] Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Regards, Lorenzo Hi Lorenzo. Thanks for your reply and test. $ iw reg get global country US: DFS-FCC (2400 - 2483 @ 40), (N/A, 30), (N/A) (5150 - 5250 @ 80), (N/A, 23), (N/A), AUTO-BW (5250 - 5350 @ 80), (N/A, 23), (0 ms), DFS, AUTO-BW (5470 - 5730 @ 160), (N/A, 23), (0 ms), DFS (5730 - 5850 @ 80), (N/A, 30), (N/A) (57240 - 71000 @ 2160), (N/A, 40), (N/A) $ sudo hcxdumptool -i wlp3s0f0u2 --check_injection -s 2 initialization... starting packet injection test (that can take up to two minutes)... warning: no PROBERESPONSE received - packet injection is probably not working! terminating... Now it looks more like a CRDA issue, than a driver issue $ cat /sys/module/cfg80211/parameters/ieee80211_regdom 00 Please close this issue report, I'l do some more investigations. Thanks. Regards Mike @lorenzo At least you pointed me into the right direction. Regulatory domain is no longer ignored and everything is working as expected. Now, I think about it to set regulatory domain by hcxdumptool (not by iw and without using NETLINK messages). BTW: The mt76 driver code is amazing and impressive. Everything is working like a charm. You're doing a great job, maintaining this driver. Regards Mike |