Linux wireless drivers development
 help / color / mirror / Atom feed
From: Kavita Kavita <kavita.kavita@oss.qualcomm.com>
To: Johannes Berg <johannes@sipsolutions.net>
Cc: linux-wireless@vger.kernel.org
Subject: Re: [PATCH wireless-next 3/3] wifi: mac80211_hwsim: Advertise support for IEEE 802.1X authentication protocol
Date: Thu, 26 Feb 2026 22:19:40 +0530	[thread overview]
Message-ID: <15cd54d4-a663-423b-b4c5-9a058f5bc73d@oss.qualcomm.com> (raw)
In-Reply-To: <e96a1d08ab71bb75bd7a65278b04d29c609904bf.camel@sipsolutions.net>



On 2/26/2026 7:23 PM, Johannes Berg wrote:
> On Thu, 2026-02-26 at 19:20 +0530, Kavita Kavita wrote:
>>
>> On 2/26/2026 2:06 PM, Johannes Berg wrote:
>>> On Thu, 2026-02-26 at 12:24 +0530, Kavita Kavita wrote:
>>>> Advertise support for the IEEE 802.1X authentication protocol in
>>>> mac80211_hwsim to enable testing scenarios.
>>>
>>> Do we even need this in drivers vs. mac80211 just setting it?
>>>
>>> All the code for it is in mac80211, so it shouldn't matter?
>>>
>>> I'd actually argue NL80211_EXT_FEATURE_EPPKE is the same, mac80211
>>> should set it instead of the driver (I didn't merge [1] yet anyway) and
>>> only NL80211_EXT_FEATURE_ASSOC_FRAME_ENCRYPTION should be in the driver?
>>
>>
>> For (Re)Association frame encryption, additional changes are required in the
>> driver and firmware. Because of this dependency, we initially thought it was
>> best to let the driver set the EPPKE and IEEE 802.1X Authentication feature
>> flags as well.
>> However, since no lower-layer changes are actually needed for EPPKE and
>> IEEE 802.1X Authentication, these can safely be advertised directly in mac80211.
>> The driver should only set the (Re)Association frame encryption feature flag,
>> and mac80211 can then conditionally enable the EPPKE and IEEE 802.1X Authentication
>> feature flags based on that indication. 
>>
>> I will send the updated patch set with these changes. Thank you.
> 
> Right, works for me. Can you please also resend the hwsim patch for
> EPPKE/assoc frame encryption then, that I linked to earlier? Feel free
> to just put it into this patchset (instead of this one) of course.
> 
> I'm planning to apply the AAD/nonce fix soon, and then this can go in.


Sorry, I missed one case earlier. EPPKE mandates (Re)Association frame
encryption support, so we should only advertise EPPKE when the driver indicates
support for (Re)Association frame encryption in mac80211.

On the other hand, IEEE 802.1X Authentication can operate with or without
(Re)Association encryption support, as specified in IEEE P802.11bi/D4.0, clauses
12.16.5 and 12.16.8.2. I am thinking to advertise IEEE 802.1X Authentication
support directly from mac80211, without any (Re)Association encryption
support indication from the driver.


> 
> johannes


  parent reply	other threads:[~2026-02-26 16:49 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-02-26  6:54 [PATCH wireless-next 0/3] wifi: cfg80211/mac80211: Add support for IEEE 802.1X Authentication Protocol Kavita Kavita
2026-02-26  6:54 ` [PATCH wireless-next 1/3] wifi: cfg80211: add " Kavita Kavita
2026-02-26  6:54 ` [PATCH wireless-next 2/3] wifi: mac80211: Add support for IEEE 802.1X authentication protocol in non-AP STA mode Kavita Kavita
2026-02-26  6:54 ` [PATCH wireless-next 3/3] wifi: mac80211_hwsim: Advertise support for IEEE 802.1X authentication protocol Kavita Kavita
2026-02-26  8:36   ` Johannes Berg
2026-02-26 13:50     ` Kavita Kavita
2026-02-26 13:53       ` Johannes Berg
2026-02-26 14:07         ` Kavita Kavita
2026-02-26 16:49         ` Kavita Kavita [this message]
2026-02-26 16:50           ` Johannes Berg
2026-02-26 16:58             ` Kavita Kavita
2026-02-26 17:09               ` Johannes Berg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=15cd54d4-a663-423b-b4c5-9a058f5bc73d@oss.qualcomm.com \
    --to=kavita.kavita@oss.qualcomm.com \
    --cc=johannes@sipsolutions.net \
    --cc=linux-wireless@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox