[PATCH 1/1] hostapd: Support 4way handshake offload for AP/P2P GO

Vinayak Yadawad vinayak.yadawad at broadcom.com
Sun Nov 12 19:45:33 PST 2023 

Hi Jouni,

>What happens when this offload is used and a station request rekeying
>with EAPOL-Key Request frame? Will the driver/firmware take care of
>deriving a new PTK? What about GTK updates? Will those be handled in
>driver/firmware as well?
Yes, the expectation is that 4way Handshake offload logic should take
care of it .
We plan to submit follow up patches to link the hostapd gtk rekey time
config to the driver so
that configuration at hostapd would configure the driver as well.

>Would hostapd need some additional checks to
>avoid periodic GTK rekeying or configuration that would result in trying
>to do that?
Will check whether any interim handling is required.

Regards,
Vinayak

On Sun, Nov 12, 2023 at 3:34 AM Jouni Malinen <j at w1.fi> wrote:
>
> On Wed, Nov 08, 2023 at 06:26:09PM +0530, Vinayak Yadawad wrote:
> > This patch adds support for AP/P2P GO 4way HS support.
> > For drivers supporting the AP PSK offload, supplicant/hostapd
> > would pass down the PSK for driver to handle 4way handshake.
> > The driver is expected to indicate PORT authorized event to
> > indicate that the 4way handshake is completed successfully.
>
> Thanks, applied with some fixes and cleanup. This broke hundreds of
> hwsim test cases due to incorrect AP mode configuration and kernel
> rejecting to start the AP because of that. I cleaned up the way the PSK
> is set, or more importantly, not set in some cases.
>
> What happens when this offload is used and a station request rekeying
> with EAPOL-Key Request frame? Will the driver/firmware take care of
> deriving a new PTK? What about GTK updates? Will those be handled in
> driver/firmware as well? Would hostapd need some additional checks to
> avoid periodic GTK rekeying or configuration that would result in trying
> to do that?
>
> --
> Jouni Malinen                                            PGP id EFC895FA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4218 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.infradead.org/pipermail/hostap/attachments/20231113/a91cb672/attachment.p7s>

More information about the Hostap mailing list