I have a Macbook Pro 2015 with a Broadcom BCM43602 on the 24.11 channel that can only connect to 2.4ghz WiFi
I’m confident it’s not a hardware issue as it was previously working on Manjaro with the Arch fix below, and worked “out of the box” on Kubuntu and PopOS Cosmic Alpha 7
Things I’ve already tried
boot.kernelParams = [ "brcmfmac.feature_disable=0x82000" ];
boot.kernelModules = [ "kvm-intel" "wl" ];
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
boot.kernelModules = [ "kvm-intel" "wl" ];
boot.blacklistedKernelModules = [ "b43" "ssb" "brcmfmac" "brcmsmac" "bcma" ];
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
hardware.enableAllFirmware = true;
environment.systemPackages = with pkgs; [
wirelesstools
networkmanager
];
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
boot.kernelModules = [ "wl" ];
boot.initrd.kernelModules = [ "kvm-intel" "wl" ];
Something else that might be helpful to someone to point me in the right direction is when I was on Manjaro it did work on 5ghz, but only on an SSID set to WPA2 only and not WPA3. On Kubuntu and PopOS it worked on the WPA3 SSID
Can you pin down the exact Problem?
1 Like
I didn’t know about those hardware specific mitigations. Will give them a try. Thanks
Using Password/PSK, will have to check Management Frame Protection. I left most settings default on my Unifi setup, so not sure what that’s set to, will check and mess with the setting to see if it makes a difference.
When it is working with WPA2 and you switch 802.11w to enforce in WPA2 mode on AP Side (this is what WPA3 does as well) - and it breaks - then you know at least the root cause.
Thats very often the case and not updating the official driver including the fixed firmware blobs for all plattforms is part of Broadcoms Revenue Model.
2 Likes
Management Frame Protection seems to be a major part of the problem.
- I added the bit below as the mitigation recommended, didn’t help
hardware.enableRedistributableFirmware = lib.mkDefault true;
- Added a 2.4/5ghz SSID with WPA2/3 with PMF set to optional, didn’t work
- Changed it to just WPA2 allowing me to fullly disable PMF and then it finally worked
So it seems like maybe Kubuntu and PopOS maybe have a newer revision of the Broadcom firmware?
This is above my paygrade so I’m sorry if this a silly question. On a different Macbook running Manjaro I remember having to manually download a Broadcom binary and load it as a kernel module. Is that something I could do here if I manage to figure out what binaries Kubuntu/PopOS are using that allow it to work?
Yes, when its verified working with any other linux, then we can have a look how they archived it.
dmesg | grep brcm
lsmod | grep brcm
There are two possible solutions:
- Either they really found a public (legal) source for the updated firmware blob.
- Someone added missing glue code for the brcmsmac driver and they switched from brcmfmac (hardware) to brcmsmac (software, open source).
If its working with PopOS and its a legal, stable solution, we can add support to NixOS kernel in exact the same way.
2 Likes
Wish I would’ve dd’ed the install, but after playing with Nix on a VM for a week I was high and not thinking straight lol
I’ll get it reinstalled on an external and get that going
I assume this is to be run on PopOS to see what firmware/modules it has loaded?
dmesg | grep brcm
lsmod | grep brcm
Thanks again for your help so far
Just in case, both (nixos too).
A quick fix/attempt could be a boot a profile via nixos-unstable (almost 25.05 now) and pkgs.linuxPackages_latest ?
Maybe you PopOS just had more recent kernel than your nixos.
Just switching WPA3 and Management Protection Frames off seems convenient, but allows anyone to mangle (eg. deauth,…) with your devices. And without WPA3 you do not even have no OWA (Opportunistic Encryption) on Public Open Access Points.
1 Like
sudo dmesg | grep brcm gave identical results in both
PopOS
[ 28.856622] usbcore: registered new interface driver brcmfmac
[ 28.960660] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43602-pcie for chip BCM43602/1
[ 28.963933] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.Apple Inc.-MacBookPro11,4.bin failed with error -2
[ 28.970922] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.txt failed with error -2
[ 28.974809] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.clm_blob failed with error -2
[ 28.974866] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.txcap_blob failed with error -2
[ 30.888468] brcmfmac: brcmf_c_process_clm_blob: no clm_blob available (err=-2), device may have limited channels available
[ 30.888471] brcmfmac: brcmf_c_process_txcap_blob: no txcap_blob available (err=-2)
[ 30.889125] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM43602/1 wl0: Nov 10 2015 06:38:10 version 7.35.177.61 (r598657) FWID 01-ea662a8c
[ 30.932450] brcmfmac 0000:03:00.0 wlp3s0: renamed from wlan0
[ 68.390483] ieee80211 phy0: brcmf_inetaddr_changed: fail to get arp ip table err:-52
NixOS
[ 28.856622] usbcore: registered new interface driver brcmfmac
[ 28.960660] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43602-pcie for chip BCM43602/1
[ 28.963933] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.Apple Inc.-MacBookPro11,4.bin failed with error -2
[ 28.970922] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.txt failed with error -2
[ 28.974809] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.clm_blob failed with error -2
[ 28.974866] brcmfmac 0000:03:00.0: Direct firmware load for brcm/brcmfmac43602-pcie.txcap_blob failed with error -2
[ 30.888468] brcmfmac: brcmf_c_process_clm_blob: no clm_blob available (err=-2), device may have limited channels available
[ 30.888471] brcmfmac: brcmf_c_process_txcap_blob: no txcap_blob available (err=-2)
[ 30.889125] brcmfmac: brcmf_c_preinit_dcmds: Firmware: BCM43602/1 wl0: Nov 10 2015 06:38:10 version 7.35.177.61 (r598657) FWID 01-ea662a8c
[ 30.932450] brcmfmac 0000:03:00.0 wlp3s0: renamed from wlan0
[ 68.390483] ieee80211 phy0: brcmf_inetaddr_changed: fail to get arp ip table err:-52
sudo lsmod | grep brcm thankfully gave different results
PopOS
brcmfmac_wcc 12288 0
brcmfmac 536576 1 brcmfmac_wcc
brcmutil 24576 1 brcmfmac
cfg80211 1409024 1 brcmfmac
NixOS
brcmfmac_wcc 12288 0
brcmfmac 495616 1 brcmfmac_wcc
brcmutil 16384 1 brcmfmac
mmc_core 274432 1 brcmfmac
cfg80211 1351680 1 brcmfmac
I did think of that but holding off til tomorrow cause I have important things I need this laptop for and I’m anxious I’ll mess something up. I know avoiding that is this OS’s whole bag, but I’m new and haven’t finished setting up home-manager, so a bit paranoid still.
This laptop is model A1398 MacBookPro 11,4
Just wanted to add for future searchability but can’t edit my original post anymore
how are you connecting to wifi with netowrk manager? I see you added it to your packages, but it’s but I’m not sure if you enabled it
networking.wireless.enable = true # this is wpa_supplicant (I think)
or
networking.networkmanager.enable = true; # this is network manager
if it’s wpa_supplicant you might need to add some information to the network config for wpa3, I think network manager does this automatically.
Also do you get an error message or does it just not connect? You might be able to get some info from journalctl -u wpa_supplicant -f while trying to connect
The snippets in my original post were things I tried in isolation and have since been removed since they didn’t seem to fix anything
journalctl while attempting connection
May 22 14:35:22 NixBookPro systemd[1]: Starting Network Manager Script Dispatcher Service...
May 22 14:35:22 NixBookPro dbus-daemon[1013]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
May 22 14:35:22 NixBookPro systemd[1]: Started Network Manager Script Dispatcher Service.
May 22 14:35:22 NixBookPro systemd[1]: Stopped target Host and Network Name Lookups.
May 22 14:35:22 NixBookPro systemd[1]: Stopping Host and Network Name Lookups...
May 22 14:35:22 NixBookPro systemd[1]: Stopped target User and Group Name Lookups.
May 22 14:35:22 NixBookPro systemd[1]: Stopping User and Group Name Lookups...
May 22 14:35:22 NixBookPro systemd[1]: Stopping Name Service Cache Daemon (nsncd)...
May 22 14:35:22 NixBookPro systemd[1]: nscd.service: Deactivated successfully.
May 22 14:35:22 NixBookPro systemd[1]: Stopped Name Service Cache Daemon (nsncd).
May 22 14:35:22 NixBookPro systemd[1]: nscd.service: Consumed 185ms CPU time, 3.5M memory peak, 24.2K incoming IP traffic, 12.5K outgoing IP traffic.
May 22 14:35:22 NixBookPro systemd[1]: Starting Name Service Cache Daemon (nsncd)...
May 22 14:35:22 NixBookPro kernel: ieee80211 phy0: brcmf_inetaddr_changed: fail to get arp ip table err:-52
May 22 14:35:22 NixBookPro nsncd[3129]: May 22 18:35:22.684 INFO started, config: Config { ignored_request_types: {}, worker_count: 8, handoff_timeout: 3s }, path: "/var/run/nscd/socket"
May 22 14:35:22 NixBookPro systemd[1]: Started Name Service Cache Daemon (nsncd).
May 22 14:35:22 NixBookPro systemd[1]: Reached target Host and Network Name Lookups.
May 22 14:35:22 NixBookPro systemd[1]: Reached target User and Group Name Lookups.
May 22 14:35:22 NixBookPro wpa_supplicant[1173]: nl80211: send_event_marker failed: Source based routing not supported
May 22 14:35:22 NixBookPro wpa_supplicant[1173]: wlp3s0: CTRL-EVENT-DISCONNECTED bssid=02:ec:da:3f:de:88 reason=3 locally_generated=1
May 22 14:35:22 NixBookPro wpa_supplicant[1173]: wlp3s0: CTRL-EVENT-DSCP-POLICY clear_all
May 22 14:35:22 NixBookPro wpa_supplicant[1173]: wlp3s0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
May 22 14:35:22 NixBookPro wpa_supplicant[1173]: wlp3s0: CTRL-EVENT-REGDOM-CHANGE init=CORE type=WORLD
May 22 14:35:23 NixBookPro kded6[1462]: org.kde.plasma.nm.kded: Unhandled active connection state change: 3
May 22 14:35:23 NixBookPro kded6[1462]: org.kde.plasma.nm.kded: Unhandled active connection state change: 1
May 22 14:35:23 NixBookPro wpa_supplicant[1173]: wlp3s0: CTRL-EVENT-SCAN-FAILED ret=-100
May 22 14:35:23 NixBookPro kded6[1462]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
May 22 14:35:23 NixBookPro plasmashell[1501]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
May 22 14:35:26 NixBookPro wpa_supplicant[1173]: wlp3s0: WPA: Failed to select authenticated key management type
May 22 14:35:26 NixBookPro wpa_supplicant[1173]: wlp3s0: WPA: Failed to set WPA key management and encryption suites
May 22 14:35:33 NixBookPro systemd[1]: NetworkManager-dispatcher.service: Deactivated successfully.
May 22 14:35:48 NixBookPro NetworkManager[1117]: <warn> [1747938948.6374] device (wlp3s0): Activation: (wifi) association took too long, failing activation
May 22 14:35:48 NixBookPro plasmashell[1501]: The cached device pixel ratio value was stale on window update. Please file a QTBUG which explains how to reproduce.
May 22 14:35:49 NixBookPro wpa_supplicant[1173]: wlp3s0: CTRL-EVENT-DSCP-POLICY clear_all
May 22 14:35:49 NixBookPro NetworkManager[1117]: <warn> [1747938949.1454] device (wlp3s0): Activation: failed for connection 'Janet's Void'
May 22 14:35:52 NixBookPro kded6[1462]: kf.networkmanagerqt: void NetworkManager::ConnectionPrivate::onPropertiesChanged(const QVariantMap&) Unhandled property "VersionId"
I’m not entirely sure, but looks like it’s trying to use the wrong encryption, let’s try something
nmcli c add type wifi con-name NAME ssid YOUR_SSID wifi-sec.key-mgmt sae wifi-sec.psk PASSWORD
and then
nmcli connection up NAME
Change the 3 things in all caps, NAME could be something like home or work, SSID is your network name, based on the logs you probably need to quote this one, and of course your network password
Let’s see if that works
1 Like
we can also check if it’s supported
nix-shell -p iw
iw phy phy0 info | grep 00-0f-ac:6
See if that returns results
You can also check what your wifi says it can connect as, check the security at the end to make sure it’s wpa3
nmcli device wifi list
1 Like
iw phy phy0 info | grep 00-0f-ac:6
fails with command failed: No such file or directory (-2)
–
nmcli c add ...
succeeds
–
nmcli connection up ...
fails with…
Error: Connection activation failed: The Wi-Fi network could not be found
and from journalctl
device (wlp3s0): Activation: failed for connection 'Janet's Void'
did you run the nmcli device wifi list and verify your network shows with wpa3 with a bitrate higher than 0 ?
Also try running the iw command again with sudo? i’m wondering if your user has permission to change network settings
1 Like
This just led me to retry forcing WPA2 on the network config for the SSID that has PMF set to optional which I thought I had tried already but it worked this time.
This doesn’t solve all my problems but at least I can get rid of the SSID I setup solely for this laptop
one final thought, for the network commands to work, your user probably needs to be part of the networkmanager group. If not then you’ll probably need to use sudo or add it to the group and reboot.
1 Like
It does show WPA3 with bitrate > 0
Same result
Confirmed I am in the group
phy0 might not be the correct device then, looked like it was from the logs.
You can just do “iw list” and scroll to the top and look for your wifi card and then look for the supported ciphers section right below it.
make sure you see * CMAC (00-0f-ac:6)
1 Like