On Thu, Feb 13, 2020 at 08:51:21AM +0000, Sergey Matyukevich wrote: > Specify WPA3 AKM suites in set_ap command. Drivers may need to pass > this information to firmware to setup SAE/OWE offload properly. > Besides,drivers may use this information to perform early check > SAE/OWE offload in hostapd. > diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c > @@ -4202,6 +4202,10 @@ static int wpa_driver_nl80211_set_ap(void *priv, > suites[num_suites++] = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X; > if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK) > suites[num_suites++] = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X; > + if (params->key_mgmt_suites & WPA_KEY_MGMT_SAE) > + suites[num_suites++] = RSN_AUTH_KEY_MGMT_SAE; > + if (params->key_mgmt_suites & WPA_KEY_MGMT_OWE) > + suites[num_suites++] = RSN_AUTH_KEY_MGMT_OWE; > if (num_suites && > nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32), > suites)) Unfortunately, this cannot be done with the current cfg80211/nl80211 constraints. NL80211_MAX_NR_AKM_SUITES was defined to be 2 and if more than two values are included in NL80211_ATTR_AKM_SUITES, cfg80211 will reject he command. cfg80211 would first need to be extended to allow more AKM suites to be configured and this will unfortunately require number of changes to do properly without breaking backwards compatibility. There would likely need to be new mechanism for advertising maximum number of AKM suites in this attribute and hostapd/wpa_supplicant could then use that information from the running kernel to determine what to do based on how many AKM suites would need to be configured. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
