From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sipsolutions.net (s3.sipsolutions.net [168.119.38.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B6B773B8D5C for ; Thu, 26 Feb 2026 13:53:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.38.16 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772113991; cv=none; b=Ifl7Z6+EWx1ARPNHmv80yloGnHJS7YDxTAIzoSd6dfqSIBldRwPQry0ieAoIu9RKfPd86PydSl6rmCTRUmRzlXuMxno0Bf8LLTMvbLN7q7pp8223W2VwBtWZ9p1VX03quluWsNuAtz0Kml6zbyQZoBf9Uc8212pLEFiu3g/LiAY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772113991; c=relaxed/simple; bh=5XxH/S+XOG3q6I7YMwpQsgR5Rsaz5VsXKxB4eb/9yTY=; h=Message-ID:Subject:From:To:Cc:Date:In-Reply-To:References: Content-Type:MIME-Version; b=NjrkEDGXkrVUQvIu7UG7PpEpjWH5uvD/5LQUSaw6BXk6K8P/tF4jMTiuRlkpx7wJ1+jO+a6nmDVmSvJsyOHudcna11Nv0zCejQK0qsZ5dbYCAbP43NA6pjoSmrurYQ7RunftaYY/S3MrSjSg5eTozQgdu1xcUX/PCn9plx3BiY8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=sipsolutions.net; spf=pass smtp.mailfrom=sipsolutions.net; dkim=pass (2048-bit key) header.d=sipsolutions.net header.i=@sipsolutions.net header.b=p1z1dB+8; arc=none smtp.client-ip=168.119.38.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=sipsolutions.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=sipsolutions.net Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=sipsolutions.net header.i=@sipsolutions.net header.b="p1z1dB+8" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sipsolutions.net; s=mail; h=MIME-Version:Content-Transfer-Encoding: Content-Type:References:In-Reply-To:Date:Cc:To:From:Subject:Message-ID:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-To: Resent-Cc:Resent-Message-ID; bh=5XxH/S+XOG3q6I7YMwpQsgR5Rsaz5VsXKxB4eb/9yTY=; t=1772113989; x=1773323589; b=p1z1dB+8PQWLHRwF1DHyk2cd99M8PqUbar0bPTossDUMsH9 3ADmoJ8+Rdcq8vHbtViHMznZCWWdNJ5rF0xA9AIzzZlrGI61H08owdZkCE9IVAGDvS30W2ac2G1Q+ DXdhf9gbRreVbc7JvP5HLlOnOCswSt03HK4e/0Oue1l69M6U7x1SwDA2DzobKvHeGkNpRHjLJQmVO pYrqQRdfQLg3ifJ6+/KWYrm2mujnZF0+4IZUYDm1pjHRwE5JdVnZQy7c+PezEKy9NRD+eQNCnqnC0 hVN4mjwOHmNdebEYdu8bB3yGW4xRDKOEjpAGt9d3fmIrHglbTcqRo64EkFMjirhw==; Received: by sipsolutions.net with esmtpsa (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256) (Exim 4.98.2) (envelope-from ) id 1vvbne-00000002PDJ-2mrd; Thu, 26 Feb 2026 14:53:06 +0100 Message-ID: Subject: Re: [PATCH wireless-next 3/3] wifi: mac80211_hwsim: Advertise support for IEEE 802.1X authentication protocol From: Johannes Berg To: Kavita Kavita Cc: linux-wireless@vger.kernel.org Date: Thu, 26 Feb 2026 14:53:06 +0100 In-Reply-To: References: <20260226065442.4182232-1-kavita.kavita@oss.qualcomm.com> <20260226065442.4182232-4-kavita.kavita@oss.qualcomm.com> <3ecb3d440ed3ab4fe4cd3765e0c8457ef58fd6b6.camel@sipsolutions.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.58.3 (3.58.3-1.fc43) Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-malware-bazaar: not-scanned On Thu, 2026-02-26 at 19:20 +0530, Kavita Kavita wrote: >=20 > On 2/26/2026 2:06 PM, Johannes Berg wrote: > > On Thu, 2026-02-26 at 12:24 +0530, Kavita Kavita wrote: > > > Advertise support for the IEEE 802.1X authentication protocol in > > > mac80211_hwsim to enable testing scenarios. > >=20 > > Do we even need this in drivers vs. mac80211 just setting it? > >=20 > > All the code for it is in mac80211, so it shouldn't matter? > >=20 > > I'd actually argue NL80211_EXT_FEATURE_EPPKE is the same, mac80211 > > should set it instead of the driver (I didn't merge [1] yet anyway) and > > only NL80211_EXT_FEATURE_ASSOC_FRAME_ENCRYPTION should be in the driver= ? >=20 >=20 > For (Re)Association frame encryption, additional changes are required in = the > driver and firmware. Because of this dependency, we initially thought it = was > best to let the driver set the EPPKE and IEEE 802.1X Authentication featu= re > flags as well. > However, since no lower-layer changes are actually needed for EPPKE and > IEEE 802.1X Authentication, these can safely be advertised directly in ma= c80211. > The driver should only set the (Re)Association frame encryption feature f= lag, > and mac80211 can then conditionally enable the EPPKE and IEEE 802.1X Auth= entication > feature flags based on that indication.=20 >=20 > I will send the updated patch set with these changes. Thank you. Right, works for me. Can you please also resend the hwsim patch for EPPKE/assoc frame encryption then, that I linked to earlier? Feel free to just put it into this patchset (instead of this one) of course. I'm planning to apply the AAD/nonce fix soon, and then this can go in. johannes