lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 13 May 2024 01:27:13 +0000
From: David Lin <yu-hao.lin@....com>
To: David Lin <yu-hao.lin@....com>, Brian Norris <briannorris@...omium.org>
CC: Marcel Holtmann <marcel@...tmann.org>, "linux-wireless@...r.kernel.org"
	<linux-wireless@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, Kalle
 Valo <kvalo@...nel.org>, "francesco@...cini.it" <francesco@...cini.it>, Pete
 Hsieh <tsung-hsien.hsieh@....com>, rafael.beims <rafael.beims@...adex.com>,
	Francesco Dolcini <francesco.dolcini@...adex.com>
Subject: RE: [EXT] [PATCH v10 0/2] wifi: mwifiex: add code to support host
 mlme

Hi Brian,

> From: David Lin <yu-hao.lin@....com>
> Sent: Thursday, May 2, 2024 4:35 PM
> To: Brian Norris <briannorris@...omium.org>
> Cc: Marcel Holtmann <marcel@...tmann.org>;
> linux-wireless@...r.kernel.org; LKML <linux-kernel@...r.kernel.org>; Kalle
> Valo <kvalo@...nel.org>; francesco@...cini.it; Pete Hsieh
> <tsung-hsien.hsieh@....com>; rafael.beims <rafael.beims@...adex.com>;
> Francesco Dolcini <francesco.dolcini@...adex.com>
> Subject: RE: [EXT] [PATCH v10 0/2] wifi: mwifiex: add code to support host
> mlme
> 
> > From: Brian Norris <briannorris@...omium.org>
> > Sent: Friday, April 26, 2024 9:09 AM
> > To: David Lin <yu-hao.lin@....com>
> > Cc: Marcel Holtmann <marcel@...tmann.org>;
> > linux-wireless@...r.kernel.org; LKML <linux-kernel@...r.kernel.org>;
> > Kalle Valo <kvalo@...nel.org>; francesco@...cini.it; Pete Hsieh
> > <tsung-hsien.hsieh@....com>; rafael.beims <rafael.beims@...adex.com>;
> > Francesco Dolcini <francesco.dolcini@...adex.com>
> > Subject: Re: [EXT] [PATCH v10 0/2] wifi: mwifiex: add code to support
> > host mlme
> >
> > Hi David,
> >
> > On Wed, Apr 24, 2024 at 7:40 PM David Lin <yu-hao.lin@....com> wrote:
> > > > From: Marcel Holtmann <marcel@...tmann.org>
> > > >
> > > > Hi David,
> > > >
> > Perhaps I'm missing something (very likely), but I don't immediately
> > see much difference (with respect to your FW API, and future
> > extensibility) between external_auth() and your current solution (of
> > intercepting auth()/assoc() and constructing your own AUTH frames). It
> > mostly just means the AUTH mgmt frames will be coming in via
> > NL80211_CMD_FRAME instead of being manually constructed within your
> > .auth() hook. The external_auth() approach actually looks *more*
> > natural than your current solution.
> >
> > How exactly does your solution make "future changes [easier] to
> > support [than with external_auth]"? Do you not trust that
> > wpa_supplicant will provide exactly the right NL80211_CMD_FRAME
> > content you're looking for, and you need to tweak it to make your
> > firmware happy? You're talking in extreme generality, which doesn't
> > make it easy for me (and presumably
> > Marcel) to understand why you're choosing one solution and rejecting
> > another preexisting one.
> 
> 1. The process of external_auth should be as follows:
>   a. cfg80211_ops.connect() is called to establish connection with remote
> AP.
>   b. If authentication is not WLAN_AUTH_SAE, FW will process
> authentication/association
>   and reply connection result to cfg80211.
>   c. If authentication is WLAN_AUTH_SAE, FW should notify driver to call
>   cfg80211_external_auth_request() to offload authentication to
> wpa_supplicant.
>   d. FW will wait for authentication result passed by
> cfg80211_ops.external_auth() to
>   decide if association should be processed with remote AP for the original
> connection
>   request and reply connection result to cfg80211.
>   NXP FW only supports association with or without authentication, it can't
> support external_auth.
> 
> 2. Hook separating auth/assoc will offload SME to wpa_supplicant
> completely. Driver/FW don't need
>   to involve the process of authentication just like external_auth did. There
> is no effort for driver/FW
>   to support any future modifications of authentication process.
> 
> David
> 

Can we confirm that hooking separating auth/assoc is more suitable than "external_auth" for mwifiex?

David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ