> On Thu, Feb 13, 2020 at 08:51:21AM +0000, Sergey Matyukevich wrote:
> > Specify WPA3 AKM suites in set_ap command. Drivers may need to pass
> > this information to firmware to setup SAE/OWE offload properly.
> > Besides,drivers may use this information to perform early check
> > SAE/OWE offload in hostapd.
>
> > diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
> > @@ -4202,6 +4202,10 @@ static int wpa_driver_nl80211_set_ap(void *priv,
> > suites[num_suites++] = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
> > if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
> > suites[num_suites++] = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
> > + if (params->key_mgmt_suites & WPA_KEY_MGMT_SAE)
> > + suites[num_suites++] = RSN_AUTH_KEY_MGMT_SAE;
> > + if (params->key_mgmt_suites & WPA_KEY_MGMT_OWE)
> > + suites[num_suites++] = RSN_AUTH_KEY_MGMT_OWE;
> > if (num_suites &&
> > nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32),
> > suites))
>
> Unfortunately, this cannot be done with the current cfg80211/nl80211
> constraints. NL80211_MAX_NR_AKM_SUITES was defined to be 2 and if more
> than two values are included in NL80211_ATTR_AKM_SUITES, cfg80211 will
> reject he command. cfg80211 would first need to be extended to allow
> more AKM suites to be configured and this will unfortunately require
> number of changes to do properly without breaking backwards
> compatibility. There would likely need to be new mechanism for
> advertising maximum number of AKM suites in this attribute and
> hostapd/wpa_supplicant could then use that information from the running
> kernel to determine what to do based on how many AKM suites would need
> to be configured.
Thanks for clarification. Lets assume that we would like to support
at least pure OWE or SAE configuration for the time being. Then
what do you think about the change along the following lines:
diff --git a/src/drivers/driver_nl80211.c b/src/drivers/driver_nl80211.c
index 7305ed60b..b5b24a921 100644
--- a/src/drivers/driver_nl80211.c
+++ b/src/drivers/driver_nl80211.c
@@ -4202,6 +4202,12 @@ static int wpa_driver_nl80211_set_ap(void *priv,
suites[num_suites++] = RSN_AUTH_KEY_MGMT_UNSPEC_802_1X;
if (params->key_mgmt_suites & WPA_KEY_MGMT_PSK)
suites[num_suites++] = RSN_AUTH_KEY_MGMT_PSK_OVER_802_1X;
+ if (num_suites < NL80211_MAX_NR_AKM_SUITES &&
+ params->key_mgmt_suites & WPA_KEY_MGMT_SAE)
+ suites[num_suites++] = RSN_AUTH_KEY_MGMT_SAE;
+ if (num_suites < NL80211_MAX_NR_AKM_SUITES &&
+ params->key_mgmt_suites & WPA_KEY_MGMT_OWE)
+ suites[num_suites++] = RSN_AUTH_KEY_MGMT_OWE;
if (num_suites &&
nla_put(msg, NL80211_ATTR_AKM_SUITES, num_suites * sizeof(u32),
suites))
Regards,
Sergey
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
