[PATCH 1/1] hostapd: Avoid EAPOL trigger in reassoc path for AP, in case of 4way HS offload

Vinayak Yadawad vinayak.yadawad at broadcom.com
Thu May 23 23:30:27 PDT 2024 

Currently avoiding of EAPOL exchange for AP with 4way HS offload is
handled only in new STA assoc path. Current change avoids complete
authentication trigger in case of AP reassoc path as well.

Signed-off-by: Vinayak Yadawad <vinayak.yadawad at broadcom.com>
---
 src/ap/wpa_auth.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
index 8304c6047..c3e0398ea 100644
--- a/src/ap/wpa_auth.c
+++ b/src/ap/wpa_auth.c
@@ -367,6 +367,15 @@ static inline int wpa_auth_start_ampe(struct wpa_authenticator *wpa_auth,
 #endif /* CONFIG_MESH */
 
 
+static inline int wpa_auth_get_drv_flags(struct wpa_authenticator *wpa_auth,
+				    u64 *drv_flags, u64 *drv_flags2)
+{
+	if(!wpa_auth->cb->get_drv_flags)
+		return -1;
+	return wpa_auth->cb->get_drv_flags(wpa_auth->cb_ctx, drv_flags,
+	                drv_flags2);
+}
+
 int wpa_auth_for_each_sta(struct wpa_authenticator *wpa_auth,
 			  int (*cb)(struct wpa_state_machine *sm, void *ctx),
 			  void *cb_ctx)
@@ -2708,8 +2717,20 @@ SM_STATE(WPA_PTK, PTKSTART)
 #ifdef CONFIG_TESTING_OPTIONS
 	struct wpa_auth_config *conf = &sm->wpa_auth->conf;
 #endif /* CONFIG_TESTING_OPTIONS */
+	u64 drv_flags = 0;
+	u64 drv_flags2 = 0;
+	bool ap_4way_hs_offload = false;
 
 	SM_ENTRY_MA(WPA_PTK, PTKSTART, wpa_ptk);
+
+	wpa_auth_get_drv_flags(sm->wpa_auth, &drv_flags, &drv_flags2);
+	ap_4way_hs_offload = !!(drv_flags2 & WPA_DRIVER_FLAGS2_4WAY_HANDSHAKE_AP_PSK);
+	if (ap_4way_hs_offload) {
+		/* 4way HS offloaded to driver no need of EAPOL */
+		wpa_printf(MSG_INFO, "Avoid EAPOL in case of 4way HS offload");
+		return;
+	}
+
 	sm->PTKRequest = false;
 	sm->TimeoutEvt = false;
 	sm->alt_snonce_valid = false;
-- 
2.32.0

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4218 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.infradead.org/pipermail/hostap/attachments/20240524/dd55aff1/attachment.p7s>

More information about the Hostap mailing list