From: Arend van Spriel <arend.vanspriel@broadcom.com>
To: Srinivas Dasari <dasaris@qti.qualcomm.com>,
Marcel Holtmann <marcel@holtmann.org>,
Jouni Malinen <jouni@qca.qualcomm.com>
Cc: Johannes Berg <johannes@sipsolutions.net>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>,
Sunil Dutt Undekari <usdutt@qti.qualcomm.com>
Subject: Re: [PATCH 1/2] cfg80211/nl80211: Optional authentication offload to userspace
Date: Fri, 15 Dec 2017 10:28:19 +0100 [thread overview]
Message-ID: <5A3395B3.7090501@broadcom.com> (raw)
In-Reply-To: <829f69319fad450db616f02de781d1a8@aphydexm01b.ap.qualcomm.com>
On 12/15/2017 9:51 AM, Srinivas Dasari wrote:
>> don’t we actually need a flag in NL80211_CMD_CONNECT that indicates that userspace is able to actually handle NL80211_CMD_EXTERNAL_AUTH. It is nice >that there is feature for userspace to see if the driver supports it, but how is the driver able to offload successfully if it doesn’t know that userspace can do it.
> Our idea was the driver to timeout the connect for the scenarios where the external auth (SAE) status is not indicated.
> I agree with you on user space indicating this capability to the driver.
> Is it a fair idea to extend enum cfg80211_assoc_req_flags for this ?
Sounds like a good fit to me although strictly speaking this is not
about assoc behavior, but then again this enum is used for assoc and
connect commands.
Regards,
Arend
> Regards,
> Srinivas
>
> -----Original Message-----
> From: Marcel Holtmann [mailto:marcel@holtmann.org]
> Sent: Friday, December 15, 2017 1:29 AM
> To: Jouni Malinen <jouni@qca.qualcomm.com>
> Cc: Johannes Berg <johannes@sipsolutions.net>; linux-wireless@vger.kernel.org; Srinivas Dasari <dasaris@qti.qualcomm.com>
> Subject: Re: [PATCH 1/2] cfg80211/nl80211: Optional authentication offload to userspace
>
> Hi Jouni,
>
>> This interface allows the host driver to offload the authentication to
>> user space. This is exclusively defined for host drivers that do not
>> define separate commands for authentication and association, but rely
>> on userspace SME (e.g., in wpa_supplicant for the
>> ~WPA_DRIVER_FLAGS_SME
>> case) for the authentication to happen. This can be used to implement
>> SAE without full implementation in the kernel/firmware while still
>> being able to use NL80211_CMD_CONNECT with driver-based BSS selection.
>>
>> The host driver sends the NL80211_CMD_EXTERNAL_AUTH event to
>> start/abort the authentication to userspace and status of
>> authentication is further indicated by user space to host driver
>> through the same command interface. Such drivers advertise the
>> capability through NL80211_EXT_FEATURE_EXTERNAL_AUTH.
>
> don’t we actually need a flag in NL80211_CMD_CONNECT that indicates that userspace is able to actually handle NL80211_CMD_EXTERNAL_AUTH. It is nice that there is feature for userspace to see if the driver supports it, but how is the driver able to offload successfully if it doesn’t know that userspace can do it.
>
> Regards
>
> Marcel
>
next prev parent reply other threads:[~2017-12-15 9:28 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-13 17:50 [PATCH 1/2] cfg80211/nl80211: Optional authentication offload to userspace Jouni Malinen
2017-12-13 17:50 ` [PATCH 2/2] nl80211: Allow SAE Authentication for NL80211_CMD_CONNECT Jouni Malinen
2017-12-14 19:58 ` [PATCH 1/2] cfg80211/nl80211: Optional authentication offload to userspace Marcel Holtmann
2017-12-15 8:51 ` Srinivas Dasari
2017-12-15 9:28 ` Arend van Spriel [this message]
2017-12-19 9:45 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5A3395B3.7090501@broadcom.com \
--to=arend.vanspriel@broadcom.com \
--cc=dasaris@qti.qualcomm.com \
--cc=johannes@sipsolutions.net \
--cc=jouni@qca.qualcomm.com \
--cc=linux-wireless@vger.kernel.org \
--cc=marcel@holtmann.org \
--cc=usdutt@qti.qualcomm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.