Skip to content

Configure Enterprise mode in Wi-Fi credentials #2771

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Apr 23, 2025
Merged

Configure Enterprise mode in Wi-Fi credentials #2771

merged 12 commits into from
Apr 23, 2025

Conversation

kapbh
Copy link
Contributor

@kapbh kapbh commented Apr 15, 2025

Add support to configure Enterprise mode in Wi-Fi credentials.

@NordicBuilder NordicBuilder mentioned this pull request Apr 15, 2025
Closed
@rado17 rado17 force-pushed the pull_Enterprise_mode branch from 49a251b to 5be027d Compare April 21, 2025 12:15
@rado17 rado17 mentioned this pull request Apr 21, 2025
Closed
@rado17 rado17 force-pushed the pull_Enterprise_mode branch 3 times, most recently from c1fcc13 to e2805de Compare April 21, 2025 20:44
@NordicBuilder NordicBuilder mentioned this pull request Apr 21, 2025
Merged
@rado17 rado17 force-pushed the pull_Enterprise_mode branch from e2805de to 65591c4 Compare April 21, 2025 21:02
@rado17 rado17 requested review from D-Triveni and removed request for sachinthegreen April 22, 2025 06:32
@rado17 rado17 added this to the ncs-3.0.0 milestone Apr 22, 2025
@rado17 rado17 added the backport v4.0.99-ncs1-branch Relates to NCS v3.0-branch label Apr 22, 2025
@rado17 rado17 force-pushed the pull_Enterprise_mode branch 2 times, most recently from f0d057a to ddf1571 Compare April 22, 2025 10:34
D-Triveni and others added 7 commits April 22, 2025 18:47
@D-Triveni @rado17
[nrf fromtree] wifi: shell: Add support for EAP-TLS method
8492aab 
Add support to read identity and private key password if
configured in Enterprise mode.

Signed-off-by: Triveni Danda <[email protected]>
(cherry picked from commit 589333e)
@D-Triveni @rado17
[nrf fromtree] net: Fix Kconfig check for enterprise mode
4a7d061 
Fix the kconfig check for enterprise crypto support in AP mode.
Also, remove the unnecessary Hostapd enterprise crypto check in
credentials code.

Signed-off-by: Triveni Danda <[email protected]>
(cherry picked from commit b3ea4f8)
@krish2718 @rado17
[nrf fromtree] modules: hostap: Decrease supplicant thread stack size
65197ea 
Based on few tests, it was observed that WPA supplicant's maximum usage
for connection and disconnection is 4360.

This would save ~4K which is huge as we have a crunch for RAM.

This was missed when hostap was upstreamed from NCS.

Signed-off-by: Chaitanya Tata <[email protected]>
(cherry picked from commit 83592e8)
@krish2718 @rado17
[nrf fromtree] modules: hostap: Fix SoF
407af70 
When connecting to a WPA3 connection, the max stack size observed was
5456, fix the SoF by increasing by 200bytes (cushion added).

Signed-off-by: Chaitanya Tata <[email protected]>
(cherry picked from commit 24cbc88)
@krish2718 @rado17
[nrf fromtree] modules: hostap: Reduce workqueue stack
4ab36ed 
During experiments it was observed that workqueue uses a maximum of
3872 bytes, so, with cushion added set it to 4096.

Signed-off-by: Chaitanya Tata <[email protected]>
(cherry picked from commit 96dc3d3)
@krish2718 @rado17
[nrf fromtree] modules: hostap: Fix the SoF in iface_wq
5f9cf5b 
In case interface is UP, the interface is added to WPA supplicant in the
iface_wq itself and the max stack size is 4264, so, increase the stack
size of the iface_wq.

If the interface is added via net_mgmt thread then it works fine.

Signed-off-by: Chaitanya Tata <[email protected]>
(cherry picked from commit e2bf746)
@rado17
[nrf fromtree] modules: hostap: Fix issue with enterprise mode connec…
000bf2d 
…tion

Increase stack size of supplicant thread to fix crash seen during
enterprise mode connection. Increase heap requirement of hostap
to handle TLS processing failures.

Signed-off-by: Ravi Dondaputi <[email protected]>
(cherry picked from commit d073e62)
@rado17 rado17 force-pushed the pull_Enterprise_mode branch from ddf1571 to 2d64f67 Compare April 22, 2025 13:17
carlescufi
carlescufi requested changes Apr 22, 2025
View reviewed changes
Copy link
Contributor

@carlescufi carlescufi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a commit with no tag

@rado17 rado17 force-pushed the pull_Enterprise_mode branch from 2d64f67 to ec9c985 Compare April 22, 2025 16:35
@rado17
Copy link
Contributor

rado17 commented Apr 22, 2025

There's a commit with no tag

Added now

@rado17 rado17 requested a review from carlescufi April 22, 2025 16:46
@rado17 rado17 force-pushed the pull_Enterprise_mode branch 2 times, most recently from c534b53 to 5f682b5 Compare April 23, 2025 08:34
rado17 and others added 5 commits April 23, 2025 14:36
@rado17
[nrf fromlist] net: lib: wifi_credentials: Add support for Enterprise…
0d5309f 
… security

Add support for configuring enterprise mode security.
Fixes SHEL-3573.

Upstream PR #: 88653

Signed-off-by: Ravi Dondaputi <[email protected]>
@rado17
[nrf fromlist] net: wifi: shell: Enable Wi-Fi credentials support
85a5f53 
Enable Wi-Fi credentials support. Update the heap sizes as
required for enterprise mode.

Upstream PR #: 88653

Signed-off-by: Ravi Dondaputi <[email protected]>
@rado17
[nrf fromlist] snippets: wifi-enterprise: Resize data heap to fix RAM…
367eeb1 
… overflow

Inclusion of CONFIG_WIFI_SHELL_RUNTIME_CERTIFICATES causes build time
RAM overflow issues. Decrease NRF_WIFI_DATA_HEAP_SIZE to accommodate
the RUNTIME_CERTIFICATES feature.

Upstream PR #:88861

Signed-off-by: Ravi Dondaputi <[email protected]>
@krish2718 @rado17
[nrf fromlist] nrf_wifi: Move QSPI defines to buslib
90b4734 
These are QSPI related which is part of buslib.

Upstream PR #: 88897

Signed-off-by: Chaitanya Tata <[email protected]>
@krish2718 @rado17
[nrf fromlist] modules: nrf_wifi: Disable anomalies for both QSPIs
ca142fc 
These are applicable for Wi-Fi over QSPI (nRF7002DK) or Flash over QSPI
(nRF52/53 + nRF7002EK) and as most Wi-Fi samples run on 128MHz (for
performance), disable the anomalies for both.

Upstream PR #: 88897

Signed-off-by: Chaitanya Tata <[email protected]>
@rado17 rado17 force-pushed the pull_Enterprise_mode branch from 5f682b5 to ca142fc Compare April 23, 2025 09:09
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
47.5% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

@carlescufi carlescufi merged commit 63c239c into nrfconnect:main Apr 23, 2025
15 of 17 checks passed
@NordicBuilder NordicBuilder mentioned this pull request Apr 23, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@carlescufi carlescufi carlescufi approved these changes

@krish2718 krish2718 krish2718 approved these changes

@sachinthegreen sachinthegreen sachinthegreen approved these changes

@rado17 rado17 Awaiting requested review from rado17

@D-Triveni D-Triveni Awaiting requested review from D-Triveni

@maxd-nordic maxd-nordic Awaiting requested review from maxd-nordic

Assignees
No one assigned
Labels
backport v4.0.99-ncs1-branch Relates to NCS v3.0-branch
Projects
None yet
Milestone
ncs-3.0.0
Development

Successfully merging this pull request may close these issues.
6 participants
@kapbh @rado17 @carlescufi @krish2718 @sachinthegreen @D-Triveni