From: Arend van Spriel <arend.vanspriel@broadcom.com>
To: Johannes Berg <johannes@sipsolutions.net>,
Vidyullatha Kanchanapally <vidyullatha@codeaurora.org>
Cc: linux-wireless@vger.kernel.org, jouni@qca.qualcomm.com,
amarnath@qti.qualcomm.com, usdutt@qti.qualcomm.com,
vamsin@qti.qualcomm.com, Jithu Jance <jithu.jance@broadcom.com>,
Eylon Pedinovsky <eylon.pedinovsky@broadcom.com>
Subject: Re: [PATCH] nl80211: Update ERP info using NL80211_CMD_UPDATE_CONNECT_PARAMS
Date: Wed, 4 Apr 2018 15:19:54 +0200 [thread overview]
Message-ID: <5AC4D0FA.6070306@broadcom.com> (raw)
In-Reply-To: <1522838180.3042.1.camel@sipsolutions.net>
On 4/4/2018 12:36 PM, Johannes Berg wrote:
> Hi,
>
>> Started working on this and actually the "weird flags thing" is done for
>> a reason. Maybe the reason was because it is done like that in the
>> CMD_CONNECT case, but the better reason is that we need to return
>> -EINVAL for "no-fils-offload-support, any-fils-param" *and*
>> "fils-offload-support, not-all-fils-param".
>
> Ok, fair enough.
I added a comment for this in the patch.
>>> Also there is a DOC section about FILS shared key authentication
>>> offload" so I suppose that should be extended as well.
>>
>> So looking at the DOC section I am reading the following:
>>
>> * When FILS shared key authentication is completed, driver needs to
>> provide the
>> * below additional parameters to userspace.
>> * %NL80211_ATTR_FILS_KEK - used for key renewal
>> * %NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM - used in further EAP-RP exchanges
>> * %NL80211_ATTR_PMKID - used to identify the PMKSA used/generated
>> * %Nl80211_ATTR_PMK - used to update PMKSA cache in userspace
>> * The PMKSA can be maintained in userspace persistently so that it can
>> be used
>> * later after reboots or wifi turn off/on also.
>>
>> So to me it seems we need these for the ROAM event as well. Agree?
>
> Maybe not all of them, you could be using the same PMKSA, but yes, I
> tend to agree.
I would argue that for the scenario where you do CMD_CONNECT(auth=open)
and CMD_UPDATE_CONNECT_PARAMS(auth=fils-sk) the ROAM event should
provide all the above. From what I understand from my colleagues this is
a supported scenario.
Regards,
Arend
prev parent reply other threads:[~2018-04-04 13:19 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-25 9:20 [PATCH] nl80211: Update ERP info using NL80211_CMD_UPDATE_CONNECT_PARAMS Vidyullatha Kanchanapally
2017-12-11 11:12 ` Johannes Berg
2018-03-29 11:12 ` Arend van Spriel
2018-03-29 11:16 ` Johannes Berg
2018-03-29 11:31 ` Arend van Spriel
2018-04-04 9:21 ` Arend van Spriel
2018-04-04 10:36 ` Johannes Berg
2018-04-04 13:19 ` Arend van Spriel [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5AC4D0FA.6070306@broadcom.com \
--to=arend.vanspriel@broadcom.com \
--cc=amarnath@qti.qualcomm.com \
--cc=eylon.pedinovsky@broadcom.com \
--cc=jithu.jance@broadcom.com \
--cc=johannes@sipsolutions.net \
--cc=jouni@qca.qualcomm.com \
--cc=linux-wireless@vger.kernel.org \
--cc=usdutt@qti.qualcomm.com \
--cc=vamsin@qti.qualcomm.com \
--cc=vidyullatha@codeaurora.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.