minimum code footprint for wpa_supplicant (STA, AP & P2P)

Jouni Malinen j at w1.fi
Thu Nov 19 14:17:31 PST 2015 

On Tue, Nov 17, 2015 at 09:22:00AM +0000, Tzoreff, Yaniv wrote:
> We would like to use the hostap and the wpa_supplicant in specific in order to activate STA, AP and P2P. 
> For STA, we would like to support all kind of encryption methods. 
> For AP, we don't need to have enterprise security capabilities. 

If you do not need enterprise security, I'm not sure why you would use
hostapd here when the goal is to minimize binary size. You'll need
wpa_supplicant with AP mode support anyway for P2P, so could use
wpa_supplicant for the non-P2P AP case as well.

> 1. Can you please specify which files are must for these requirements (we are currently using WPA_supplicant files with some additions from hostapd, but I am not sure it is needed, please see attachment with files list we are using)? Should we add/remove any from the list? 

wpa_supplicant/Makefile picks the files automatically based on build
configuration in wpa_supplicant/.config. If you need to build this using
some other tools, the easiest way to figure out the list of files is
likely to run a Linux build with suitable build configuration and see
what got pulled in into the build.

> 2. Are there any defines/configurations you can recommend to change in order to minimize the WPA_supplicant without degrading any basic capability (I realize basic is amorphous)? 

There has not really been much of an attempt to minimize size of the P2P
and WPS implementation, so for the set of features you listed, this is
not going to be very small without quite a bit of additional effort to
remove (sub)features that you may not need. Anyway, you could get
started by running a Linux build with make in the wpa_supplicant
directory with this in wpa_supplicant/.config:

CONFIG_NO_STDOUT_DEBUG=y
CONFIG_NO_CONFIG_WRITE=y
CFLAGS += -Os
CONFIG_TLS=internal
CONFIG_INTERNAL_LIBTOMMATH=y
CONFIG_P2P=y

> 3. Are there any other methods/ideas for minimizing .bss or .text of wpa_supplicant? 

There's quite a bit of extensions in both WPS and P2P that you might not
need for the specific use case you are considering here. However, this
would currently require going through the relevant files and commenting
out the unnecessary capabilities since the build options are available
only for enabling all of P2P support.

CONFIG_NO_STDOUT_DEBUG=y gets rid of quite a few debug strings, but not
p2p_dbg(), so in src/p2p_i.h, you may want to do something like this if
you don't care about debugging possibilities:
#define p2p_dbg(p2p, fmt, args...) do {} while(0)

-- 
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list