On Mon, May 13, 2024 at 01:27:13AM +0000, David Lin wrote: > > From: David Lin <yu-hao.lin@xxxxxxx> > > Sent: Thursday, May 2, 2024 4:35 PM > > > > 1. The process of external_auth should be as follows: > > a. cfg80211_ops.connect() is called to establish connection with remote > > AP. > > b. If authentication is not WLAN_AUTH_SAE, FW will process > > authentication/association > > and reply connection result to cfg80211. > > c. If authentication is WLAN_AUTH_SAE, FW should notify driver to call > > cfg80211_external_auth_request() to offload authentication to > > wpa_supplicant. FWIW, I expect you could just as well teach the driver to detect this -- I don't think we'd strictly require that firmware notify the driver. Essentially, you could teach the driver to notice any sort of CONNECT request (e.g., keep a list of FW-supported WLAN_AUTH_* modes?) that the firmware can't handle on its own, and begin the external_auth() process. I'm not sure this is ideal, but it does sound doable even without FW notification. > > d. FW will wait for authentication result passed by > > cfg80211_ops.external_auth() to > > decide if association should be processed with remote AP for the original > > connection > > request and reply connection result to cfg80211. > > NXP FW only supports association with or without authentication, it can't > > support external_auth. But could it support my above description? Basically, the driver decides whether to submit the connection request directly to the firmware, or go with external_auth() instead. > > 2. Hook separating auth/assoc will offload SME to wpa_supplicant > > completely. Driver/FW don't need > > to involve the process of authentication just like external_auth did. There > > is no effort for driver/FW > > to support any future modifications of authentication process. > > Can we confirm that hooking separating auth/assoc is more suitable than "external_auth" for mwifiex? I have one clarification question above. And I haven't heard anything more from Marcel, so assuming the above is clarified, I suppose we can drop the external_auth question. Brian
