Re: [PATCH 2/6] brcmfmac: send port authorized event for 802.1X 4-way handshake offload

[Arend Van Spriel <arend.vanspriel@broadcom.com>]

+ Jouni

On 5/9/2019 10:58 AM, Stanley Hsu wrote:
> On Mon, Jan 07, 2019 at 10:44:01AM +0100, Arend Van Spriel wrote:
>> On 1/4/2019 7:11 AM, Chi-Hsien Lin wrote:
>>> From: Chung-Hsien Hsu <stanley.hsu@cypress.com>
>>>
>>> With 4-way handshake offload for 802.1X authentication, a port
>>> authorized event should be sent to user space after the completion of
>>> 4-way handshake. It is used to indicate that a connection is authorized
>>> and 802.1X authentication is no longer required.
>>
>> It had been a while since I had looked at our offload code
>> (basically since the initial implementation for the nl80211 work) so
>> I was unsure why this would be needed.
>>
>> So initially we added a PORT_AUTHORIZED *attribute* in the nl80211
>> api and later on the PORT_AUTHORIZED *event* was introduced and
>> 4-way hs offload support in wpa_supplicant is ignoring the
>> *attribute* and only handling the *event*. I think this information
>> is important enough to add to this commit message with a reference
>> to commit 503c1fb98ba3 ("cfg80211/nl80211: add a port authorized
>> event") which "broke" the functionality in brcmfmac.
> 
> Thanks a lot for the feedback.
> After looking further, it is observed that the connection state will be
> set to WPA_COMPLETED in wpa_supplicant after it sets PMK to the driver.
> So no need to have this change. Let's drop it form the series.

In my opinion wpa_supplicant does set WPA_COMPLETED too early. If we 
were to use eapol-over-nl80211 and set the netdev carrier when the 
connection is authorized it would be kinda ok and we would not need the 
event. Added Jouni to chime in on this.

Regards,
Arend