Lines Matching +full:drv +full:- +full:0
33 #define UNUSED_SCI 0xffffffffffffffff
40 struct macsec_drv_data *drv; member
110 if (!genlmsg_put(msg, 0, 0, ctx->macsec_genl_id, 0, 0, cmd, 0)) { in msg_prepare()
130 return -1; in nla_put_rxsc_config()
136 return 0; in nla_put_rxsc_config()
139 return -1; in nla_put_rxsc_config()
143 static int init_genl_ctx(struct macsec_drv_data *drv) in init_genl_ctx() argument
145 struct macsec_genl_ctx *ctx = &drv->ctx; in init_genl_ctx()
147 ctx->sk = nl_socket_alloc(); in init_genl_ctx()
148 if (!ctx->sk) { in init_genl_ctx()
150 return -1; in init_genl_ctx()
153 if (genl_connect(ctx->sk) < 0) { in init_genl_ctx()
159 ctx->macsec_genl_id = genl_ctrl_resolve(ctx->sk, "macsec"); in init_genl_ctx()
160 if (ctx->macsec_genl_id < 0) { in init_genl_ctx()
165 memset(&ctx->cb_arg, 0, sizeof(ctx->cb_arg)); in init_genl_ctx()
166 ctx->cb_arg.drv = drv; in init_genl_ctx()
168 nl_socket_modify_cb(ctx->sk, NL_CB_VALID, NL_CB_CUSTOM, dump_callback, in init_genl_ctx()
169 &ctx->cb_arg); in init_genl_ctx()
171 return 0; in init_genl_ctx()
174 nl_socket_free(ctx->sk); in init_genl_ctx()
175 ctx->sk = NULL; in init_genl_ctx()
176 return -1; in init_genl_ctx()
180 static int try_commit(struct macsec_drv_data *drv) in try_commit() argument
184 if (!drv->sk) in try_commit()
185 return 0; in try_commit()
187 if (!drv->link) in try_commit()
188 return 0; in try_commit()
190 if (drv->controlled_port_enabled_set) { in try_commit()
195 drv->ifname, drv->controlled_port_enabled); in try_commit()
197 return -1; in try_commit()
199 rtnl_link_set_name(change, drv->ifname); in try_commit()
201 if (drv->controlled_port_enabled) in try_commit()
206 err = rtnl_link_change(drv->sk, change, change, 0); in try_commit()
207 if (err < 0) in try_commit()
212 drv->controlled_port_enabled_set = false; in try_commit()
215 if (drv->protect_frames_set) { in try_commit()
218 drv->ifname, drv->protect_frames); in try_commit()
219 rtnl_link_macsec_set_protect(drv->link, drv->protect_frames); in try_commit()
222 if (drv->encrypt_set) { in try_commit()
224 drv->ifname, drv->encrypt); in try_commit()
225 rtnl_link_macsec_set_encrypt(drv->link, drv->encrypt); in try_commit()
228 if (drv->replay_protect_set) { in try_commit()
231 drv->ifname, drv->replay_protect, in try_commit()
232 drv->replay_window); in try_commit()
233 rtnl_link_macsec_set_replay_protect(drv->link, in try_commit()
234 drv->replay_protect); in try_commit()
235 if (drv->replay_protect) in try_commit()
236 rtnl_link_macsec_set_window(drv->link, in try_commit()
237 drv->replay_window); in try_commit()
241 if (drv->offload_set) { in try_commit()
244 drv->ifname, drv->offload); in try_commit()
245 rtnl_link_macsec_set_offload(drv->link, drv->offload); in try_commit()
249 if (drv->encoding_sa_set) { in try_commit()
252 drv->ifname, drv->encoding_sa); in try_commit()
253 rtnl_link_macsec_set_encoding_sa(drv->link, drv->encoding_sa); in try_commit()
256 err = rtnl_link_add(drv->sk, drv->link, 0); in try_commit()
257 if (err < 0) in try_commit()
260 drv->protect_frames_set = false; in try_commit()
261 drv->encrypt_set = false; in try_commit()
262 drv->replay_protect_set = false; in try_commit()
264 return 0; in try_commit()
270 struct macsec_drv_data *drv = priv; in macsec_drv_wpa_deinit() local
272 driver_wired_deinit_common(&drv->common); in macsec_drv_wpa_deinit()
273 os_free(drv); in macsec_drv_wpa_deinit()
280 int err = -1; in macsec_check_macsec()
285 return -1; in macsec_check_macsec()
288 if (genl_connect(sk) < 0) { in macsec_check_macsec()
294 if (genl_ctrl_resolve(sk, "macsec") < 0) { in macsec_check_macsec()
296 DRV_PREFIX "genl resolve failed - macsec kernel module not present?"); in macsec_check_macsec()
300 err = 0; in macsec_check_macsec()
310 struct macsec_drv_data *drv; in macsec_drv_wpa_init() local
312 if (macsec_check_macsec() < 0) in macsec_drv_wpa_init()
315 drv = os_zalloc(sizeof(*drv)); in macsec_drv_wpa_init()
316 if (!drv) in macsec_drv_wpa_init()
319 if (driver_wired_init_common(&drv->common, ifname, ctx) < 0) { in macsec_drv_wpa_init()
320 os_free(drv); in macsec_drv_wpa_init()
324 return drv; in macsec_drv_wpa_init()
330 struct macsec_drv_data *drv = priv; in macsec_drv_macsec_init() local
335 drv->sk = nl_socket_alloc(); in macsec_drv_macsec_init()
336 if (!drv->sk) in macsec_drv_macsec_init()
337 return -1; in macsec_drv_macsec_init()
339 err = nl_connect(drv->sk, NETLINK_ROUTE); in macsec_drv_macsec_init()
340 if (err < 0) { in macsec_drv_macsec_init()
347 err = rtnl_link_alloc_cache(drv->sk, AF_UNSPEC, &drv->link_cache); in macsec_drv_macsec_init()
348 if (err < 0) { in macsec_drv_macsec_init()
354 drv->parent_ifi = rtnl_link_name2i(drv->link_cache, drv->common.ifname); in macsec_drv_macsec_init()
355 if (drv->parent_ifi == 0) { in macsec_drv_macsec_init()
358 drv->common.ifname); in macsec_drv_macsec_init()
362 drv->common.ifname, drv->parent_ifi); in macsec_drv_macsec_init()
364 err = init_genl_ctx(drv); in macsec_drv_macsec_init()
365 if (err < 0) in macsec_drv_macsec_init()
368 return 0; in macsec_drv_macsec_init()
371 nl_cache_free(drv->link_cache); in macsec_drv_macsec_init()
372 drv->link_cache = NULL; in macsec_drv_macsec_init()
374 nl_socket_free(drv->sk); in macsec_drv_macsec_init()
375 drv->sk = NULL; in macsec_drv_macsec_init()
376 return -1; in macsec_drv_macsec_init()
382 struct macsec_drv_data *drv = priv; in macsec_drv_macsec_deinit() local
386 if (drv->sk) in macsec_drv_macsec_deinit()
387 nl_socket_free(drv->sk); in macsec_drv_macsec_deinit()
388 drv->sk = NULL; in macsec_drv_macsec_deinit()
390 if (drv->link_cache) in macsec_drv_macsec_deinit()
391 nl_cache_free(drv->link_cache); in macsec_drv_macsec_deinit()
392 drv->link_cache = NULL; in macsec_drv_macsec_deinit()
394 if (drv->ctx.sk) in macsec_drv_macsec_deinit()
395 nl_socket_free(drv->ctx.sk); in macsec_drv_macsec_deinit()
397 return 0; in macsec_drv_macsec_deinit()
407 return 0; in macsec_drv_get_capability()
412 * macsec_drv_enable_protect_frames - Set protect frames status
416 * Returns: 0 on success, -1 on failure (or if not supported)
420 struct macsec_drv_data *drv = priv; in macsec_drv_enable_protect_frames() local
422 wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); in macsec_drv_enable_protect_frames()
424 drv->protect_frames_set = true; in macsec_drv_enable_protect_frames()
425 drv->protect_frames = enabled; in macsec_drv_enable_protect_frames()
427 return try_commit(drv); in macsec_drv_enable_protect_frames()
432 * macsec_drv_enable_encrypt - Set protect frames status
436 * Returns: 0 on success, -1 on failure (or if not supported)
440 struct macsec_drv_data *drv = priv; in macsec_drv_enable_encrypt() local
442 wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); in macsec_drv_enable_encrypt()
444 drv->encrypt_set = true; in macsec_drv_enable_encrypt()
445 drv->encrypt = enabled; in macsec_drv_enable_encrypt()
447 return try_commit(drv); in macsec_drv_enable_encrypt()
452 * macsec_drv_set_replay_protect - Set replay protect status and window size
457 * Returns: 0 on success, -1 on failure (or if not supported)
462 struct macsec_drv_data *drv = priv; in macsec_drv_set_replay_protect() local
464 wpa_printf(MSG_DEBUG, "%s -> %s, %u", __func__, in macsec_drv_set_replay_protect()
467 drv->replay_protect_set = true; in macsec_drv_set_replay_protect()
468 drv->replay_protect = enabled; in macsec_drv_set_replay_protect()
470 drv->replay_window = window; in macsec_drv_set_replay_protect()
472 return try_commit(drv); in macsec_drv_set_replay_protect()
477 * macsec_drv_set_offload - Set offload status
479 * @offload: 0 = MACSEC_OFFLOAD_OFF
482 * Returns: 0 on success, -1 on failure (or if not supported)
487 struct macsec_drv_data *drv = priv; in macsec_drv_set_offload() local
489 wpa_printf(MSG_DEBUG, "%s -> %02" PRIx8, __func__, offload); in macsec_drv_set_offload()
491 drv->offload_set = true; in macsec_drv_set_offload()
492 drv->offload = offload; in macsec_drv_set_offload()
494 return try_commit(drv); in macsec_drv_set_offload()
496 if (offload == 0) in macsec_drv_set_offload()
497 return 0; in macsec_drv_set_offload()
501 return -1; in macsec_drv_set_offload()
507 * macsec_drv_set_current_cipher_suite - Set current cipher suite
510 * Returns: 0 on success, -1 on failure (or if not supported)
514 struct macsec_drv_data *drv = priv; in macsec_drv_set_current_cipher_suite() local
516 wpa_printf(MSG_DEBUG, "%s -> %016" PRIx64, __func__, cs); in macsec_drv_set_current_cipher_suite()
518 drv->cipher_suite_set = true; in macsec_drv_set_current_cipher_suite()
519 drv->cipher_suite = cs; in macsec_drv_set_current_cipher_suite()
521 return try_commit(drv); in macsec_drv_set_current_cipher_suite()
526 * macsec_drv_enable_controlled_port - Set controlled port status
530 * Returns: 0 on success, -1 on failure (or if not supported)
534 struct macsec_drv_data *drv = priv; in macsec_drv_enable_controlled_port() local
536 wpa_printf(MSG_DEBUG, "%s -> %s", __func__, enabled ? "TRUE" : "FALSE"); in macsec_drv_enable_controlled_port()
538 drv->controlled_port_enabled = enabled; in macsec_drv_enable_controlled_port()
539 drv->controlled_port_enabled_set = true; in macsec_drv_enable_controlled_port()
541 return try_commit(drv); in macsec_drv_enable_controlled_port()
573 if (ret_hdr->nlmsg_type != arg->drv->ctx.macsec_genl_id) in dump_callback()
574 return 0; in dump_callback()
576 err = nla_parse(tb_msg, MACSEC_ATTR_MAX, genlmsg_attrdata(gnlh, 0), in dump_callback()
577 genlmsg_attrlen(gnlh, 0), main_policy); in dump_callback()
578 if (err < 0) in dump_callback()
579 return 0; in dump_callback()
582 return 0; in dump_callback()
584 if (nla_get_u32(tb_msg[MACSEC_ATTR_IFINDEX]) != (u32) arg->ifindex) in dump_callback()
585 return 0; in dump_callback()
587 if (arg->txsa < 4 && !tb_msg[MACSEC_ATTR_TXSA_LIST]) { in dump_callback()
588 return 0; in dump_callback()
589 } else if (arg->txsa < 4) { in dump_callback()
598 if (err < 0) in dump_callback()
602 if (nla_get_u8(tb[MACSEC_SA_ATTR_AN]) != arg->txsa) in dump_callback()
605 return 0; in dump_callback()
606 *arg->pn = nla_get_u32(tb[MACSEC_SA_ATTR_PN]); in dump_callback()
607 return 0; in dump_callback()
610 return 0; in dump_callback()
613 if (arg->rxsci == UNUSED_SCI) in dump_callback()
614 return 0; in dump_callback()
625 if (err < 0) in dump_callback()
626 return 0; in dump_callback()
629 if (nla_get_u64(tb[MACSEC_RXSC_ATTR_SCI]) != arg->rxsci) in dump_callback()
632 return 0; in dump_callback()
641 if (err < 0) in dump_callback()
646 arg->rxsa) in dump_callback()
649 return 0; in dump_callback()
650 *arg->pn = in dump_callback()
653 return 0; in dump_callback()
656 return 0; in dump_callback()
659 return 0; in dump_callback()
662 return 0; in dump_callback()
671 if (ret < 0) { in nl_send_recv()
673 __func__, ret, nl_geterror(-ret)); in nl_send_recv()
678 if (ret < 0) { in nl_send_recv()
680 __func__, ret, nl_geterror(-ret)); in nl_send_recv()
687 static int do_dump(struct macsec_drv_data *drv, u8 txsa, u64 rxsci, u8 rxsa, in do_dump() argument
690 struct macsec_genl_ctx *ctx = &drv->ctx; in do_dump()
694 ctx->cb_arg.ifindex = drv->ifi; in do_dump()
695 ctx->cb_arg.rxsci = rxsci; in do_dump()
696 ctx->cb_arg.rxsa = rxsa; in do_dump()
697 ctx->cb_arg.txsa = txsa; in do_dump()
698 ctx->cb_arg.pn = pn; in do_dump()
707 if (!genlmsg_put(msg, NL_AUTO_PORT, NL_AUTO_SEQ, ctx->macsec_genl_id, 0, in do_dump()
708 NLM_F_DUMP, MACSEC_CMD_GET_TXSC, 0)) { in do_dump()
714 ret = nl_send_recv(ctx->sk, msg); in do_dump()
715 if (ret < 0) in do_dump()
718 ret, nl_geterror(-ret)); in do_dump()
720 ctx->cb_arg.pn = NULL; in do_dump()
729 * macsec_drv_get_receive_lowest_pn - Get receive lowest PN
732 * Returns: 0 on success, -1 on failure (or if not supported)
736 struct macsec_drv_data *drv = priv; in macsec_drv_get_receive_lowest_pn() local
741 err = do_dump(drv, 0xff, mka_sci_u64(&sa->sc->sci), sa->an, in macsec_drv_get_receive_lowest_pn()
742 &sa->lowest_pn); in macsec_drv_get_receive_lowest_pn()
744 sa->lowest_pn); in macsec_drv_get_receive_lowest_pn()
751 * macsec_drv_set_receive_lowest_pn - Set receive lowest PN
754 * Returns: 0 on success, -1 on failure (or if not supported)
758 struct macsec_drv_data *drv = priv; in macsec_drv_set_receive_lowest_pn() local
759 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_set_receive_lowest_pn()
762 int ret = -1; in macsec_drv_set_receive_lowest_pn()
765 DRV_PREFIX "%s: set_receive_lowest_pn -> %d: %d", in macsec_drv_set_receive_lowest_pn()
766 drv->ifname, sa->an, sa->next_pn); in macsec_drv_set_receive_lowest_pn()
768 msg = msg_prepare(MACSEC_CMD_UPD_RXSA, ctx, drv->ifi); in macsec_drv_set_receive_lowest_pn()
772 if (nla_put_rxsc_config(msg, mka_sci_u64(&sa->sc->sci))) in macsec_drv_set_receive_lowest_pn()
779 NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); in macsec_drv_set_receive_lowest_pn()
780 NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); in macsec_drv_set_receive_lowest_pn()
784 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_set_receive_lowest_pn()
785 if (ret < 0) { in macsec_drv_set_receive_lowest_pn()
788 ret, nl_geterror(-ret)); in macsec_drv_set_receive_lowest_pn()
798 * macsec_drv_get_transmit_next_pn - Get transmit next PN
801 * Returns: 0 on success, -1 on failure (or if not supported)
805 struct macsec_drv_data *drv = priv; in macsec_drv_get_transmit_next_pn() local
810 err = do_dump(drv, sa->an, UNUSED_SCI, 0xff, &sa->next_pn); in macsec_drv_get_transmit_next_pn()
812 sa->next_pn); in macsec_drv_get_transmit_next_pn()
818 * macsec_drv_set_transmit_next_pn - Set transmit next pn
821 * Returns: 0 on success, -1 on failure (or if not supported)
825 struct macsec_drv_data *drv = priv; in macsec_drv_set_transmit_next_pn() local
826 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_set_transmit_next_pn()
829 int ret = -1; in macsec_drv_set_transmit_next_pn()
831 wpa_printf(MSG_DEBUG, "%s -> %d: %d", __func__, sa->an, sa->next_pn); in macsec_drv_set_transmit_next_pn()
833 msg = msg_prepare(MACSEC_CMD_UPD_TXSA, ctx, drv->ifi); in macsec_drv_set_transmit_next_pn()
841 NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); in macsec_drv_set_transmit_next_pn()
842 NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); in macsec_drv_set_transmit_next_pn()
846 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_set_transmit_next_pn()
847 if (ret < 0) { in macsec_drv_set_transmit_next_pn()
850 ret, nl_geterror(-ret)); in macsec_drv_set_transmit_next_pn()
863 * macsec_drv_create_receive_sc - Create secure channel for receiving
866 * @sci_addr: secure channel identifier - address
867 * @sci_port: secure channel identifier - port
868 * @conf_offset: confidentiality offset (0, 30, or 50)
869 * @validation: frame validation policy (0 = Disabled, 1 = Checked,
871 * Returns: 0 on success, -1 on failure (or if not supported)
877 struct macsec_drv_data *drv = priv; in macsec_drv_create_receive_sc() local
878 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_create_receive_sc()
880 int ret = -1; in macsec_drv_create_receive_sc()
882 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: create_receive_sc -> " SCISTR in macsec_drv_create_receive_sc()
884 drv->ifname, SCI2STR(sc->sci.addr, sc->sci.port), in macsec_drv_create_receive_sc()
887 msg = msg_prepare(MACSEC_CMD_ADD_RXSC, ctx, drv->ifi); in macsec_drv_create_receive_sc()
891 if (nla_put_rxsc_config(msg, mka_sci_u64(&sc->sci))) in macsec_drv_create_receive_sc()
894 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_create_receive_sc()
895 if (ret < 0) { in macsec_drv_create_receive_sc()
898 __func__, ret, nl_geterror(-ret)); in macsec_drv_create_receive_sc()
908 * macsec_drv_delete_receive_sc - Delete secure connection for receiving
911 * Returns: 0 on success, -1 on failure
915 struct macsec_drv_data *drv = priv; in macsec_drv_delete_receive_sc() local
916 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_delete_receive_sc()
918 int ret = -1; in macsec_drv_delete_receive_sc()
920 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: delete_receive_sc -> " SCISTR, in macsec_drv_delete_receive_sc()
921 drv->ifname, SCI2STR(sc->sci.addr, sc->sci.port)); in macsec_drv_delete_receive_sc()
923 msg = msg_prepare(MACSEC_CMD_DEL_RXSC, ctx, drv->ifi); in macsec_drv_delete_receive_sc()
927 if (nla_put_rxsc_config(msg, mka_sci_u64(&sc->sci))) in macsec_drv_delete_receive_sc()
930 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_delete_receive_sc()
931 if (ret < 0) { in macsec_drv_delete_receive_sc()
934 __func__, ret, nl_geterror(-ret)); in macsec_drv_delete_receive_sc()
944 * macsec_drv_create_receive_sa - Create secure association for receive
947 * Returns: 0 on success, -1 on failure
951 struct macsec_drv_data *drv = priv; in macsec_drv_create_receive_sa() local
952 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_create_receive_sa()
955 int ret = -1; in macsec_drv_create_receive_sa()
958 DRV_PREFIX "%s: create_receive_sa -> %d on " SCISTR in macsec_drv_create_receive_sa()
960 drv->ifname, sa->an, in macsec_drv_create_receive_sa()
961 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port), in macsec_drv_create_receive_sa()
962 sa->enable_receive, sa->next_pn); in macsec_drv_create_receive_sa()
964 &sa->pkey->key_identifier, in macsec_drv_create_receive_sa()
965 sizeof(sa->pkey->key_identifier)); in macsec_drv_create_receive_sa()
967 sa->pkey->key, sa->pkey->key_len); in macsec_drv_create_receive_sa()
969 msg = msg_prepare(MACSEC_CMD_ADD_RXSA, ctx, drv->ifi); in macsec_drv_create_receive_sa()
973 if (nla_put_rxsc_config(msg, mka_sci_u64(&sa->sc->sci))) in macsec_drv_create_receive_sa()
980 NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); in macsec_drv_create_receive_sa()
981 NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, sa->enable_receive); in macsec_drv_create_receive_sa()
982 NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); in macsec_drv_create_receive_sa()
983 NLA_PUT(msg, MACSEC_SA_ATTR_KEYID, sizeof(sa->pkey->key_identifier), in macsec_drv_create_receive_sa()
984 &sa->pkey->key_identifier); in macsec_drv_create_receive_sa()
985 NLA_PUT(msg, MACSEC_SA_ATTR_KEY, sa->pkey->key_len, sa->pkey->key); in macsec_drv_create_receive_sa()
989 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_create_receive_sa()
990 if (ret < 0) { in macsec_drv_create_receive_sa()
993 __func__, ret, nl_geterror(-ret)); in macsec_drv_create_receive_sa()
1003 * macsec_drv_delete_receive_sa - Delete secure association for receive
1006 * Returns: 0 on success, -1 on failure
1010 struct macsec_drv_data *drv = priv; in macsec_drv_delete_receive_sa() local
1011 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_delete_receive_sa()
1014 int ret = -1; in macsec_drv_delete_receive_sa()
1016 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: delete_receive_sa -> %d on " in macsec_drv_delete_receive_sa()
1017 SCISTR, drv->ifname, sa->an, in macsec_drv_delete_receive_sa()
1018 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); in macsec_drv_delete_receive_sa()
1020 msg = msg_prepare(MACSEC_CMD_DEL_RXSA, ctx, drv->ifi); in macsec_drv_delete_receive_sa()
1024 if (nla_put_rxsc_config(msg, mka_sci_u64(&sa->sc->sci))) in macsec_drv_delete_receive_sa()
1031 NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); in macsec_drv_delete_receive_sa()
1035 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_delete_receive_sa()
1036 if (ret < 0) { in macsec_drv_delete_receive_sa()
1039 __func__, ret, nl_geterror(-ret)); in macsec_drv_delete_receive_sa()
1053 int ret = -1; in set_active_rx_sa()
1071 ret = nl_send_recv(ctx->sk, msg); in set_active_rx_sa()
1072 if (ret < 0) in set_active_rx_sa()
1075 __func__, ret, nl_geterror(-ret)); in set_active_rx_sa()
1084 * macsec_drv_enable_receive_sa - Enable the SA for receive
1087 * Returns: 0 on success, -1 on failure
1091 struct macsec_drv_data *drv = priv; in macsec_drv_enable_receive_sa() local
1092 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_enable_receive_sa()
1094 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: enable_receive_sa -> %d on " in macsec_drv_enable_receive_sa()
1095 SCISTR, drv->ifname, sa->an, in macsec_drv_enable_receive_sa()
1096 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); in macsec_drv_enable_receive_sa()
1098 return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci), in macsec_drv_enable_receive_sa()
1099 sa->an, true); in macsec_drv_enable_receive_sa()
1104 * macsec_drv_disable_receive_sa - Disable SA for receive
1107 * Returns: 0 on success, -1 on failure
1111 struct macsec_drv_data *drv = priv; in macsec_drv_disable_receive_sa() local
1112 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_disable_receive_sa()
1114 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: disable_receive_sa -> %d on " in macsec_drv_disable_receive_sa()
1115 SCISTR, drv->ifname, sa->an, in macsec_drv_disable_receive_sa()
1116 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); in macsec_drv_disable_receive_sa()
1118 return set_active_rx_sa(ctx, drv->ifi, mka_sci_u64(&sa->sc->sci), in macsec_drv_disable_receive_sa()
1119 sa->an, false); in macsec_drv_disable_receive_sa()
1146 * macsec_drv_create_transmit_sc - Create secure connection for transmit
1150 * Returns: 0 on success, -1 on failure
1156 struct macsec_drv_data *drv = priv; in macsec_drv_create_transmit_sc() local
1161 u64 cs = 0; in macsec_drv_create_transmit_sc()
1164 "%s: create_transmit_sc -> " SCISTR " (conf_offset=%d)", in macsec_drv_create_transmit_sc()
1165 drv->common.ifname, SCI2STR(sc->sci.addr, sc->sci.port), in macsec_drv_create_transmit_sc()
1168 if (!drv->sk) { in macsec_drv_create_transmit_sc()
1170 return -1; in macsec_drv_create_transmit_sc()
1176 return -1; in macsec_drv_create_transmit_sc()
1179 rtnl_link_set_link(link, drv->parent_ifi); in macsec_drv_create_transmit_sc()
1181 sci = mka_sci_u64(&sc->sci); in macsec_drv_create_transmit_sc()
1184 drv->created_link = true; in macsec_drv_create_transmit_sc()
1186 if (drv->cipher_suite_set) { in macsec_drv_create_transmit_sc()
1187 cs = drv->cipher_suite; in macsec_drv_create_transmit_sc()
1188 drv->cipher_suite_set = false; in macsec_drv_create_transmit_sc()
1192 err = rtnl_link_add(drv->sk, link, NLM_F_CREATE); in macsec_drv_create_transmit_sc()
1193 if (err == -NLE_BUSY) { in macsec_drv_create_transmit_sc()
1196 drv->created_link = false; in macsec_drv_create_transmit_sc()
1197 } else if (err < 0) { in macsec_drv_create_transmit_sc()
1206 nl_cache_refill(drv->sk, drv->link_cache); in macsec_drv_create_transmit_sc()
1207 link = lookup_sc(drv->link_cache, drv->parent_ifi, sci, cs); in macsec_drv_create_transmit_sc()
1210 return -1; in macsec_drv_create_transmit_sc()
1213 drv->ifi = rtnl_link_get_ifindex(link); in macsec_drv_create_transmit_sc()
1217 drv->common.ifname, drv->ifi, ifname); in macsec_drv_create_transmit_sc()
1218 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); in macsec_drv_create_transmit_sc()
1221 drv->link = rtnl_link_macsec_alloc(); in macsec_drv_create_transmit_sc()
1222 if (!drv->link) { in macsec_drv_create_transmit_sc()
1224 return -1; in macsec_drv_create_transmit_sc()
1227 rtnl_link_set_name(drv->link, drv->ifname); in macsec_drv_create_transmit_sc()
1231 return try_commit(drv); in macsec_drv_create_transmit_sc()
1236 * macsec_drv_delete_transmit_sc - Delete secure connection for transmit
1239 * Returns: 0 on success, -1 on failure
1243 struct macsec_drv_data *drv = priv; in macsec_drv_delete_transmit_sc() local
1246 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: delete_transmit_sc -> " SCISTR, in macsec_drv_delete_transmit_sc()
1247 drv->ifname, SCI2STR(sc->sci.addr, sc->sci.port)); in macsec_drv_delete_transmit_sc()
1249 if (!drv->sk) in macsec_drv_delete_transmit_sc()
1250 return 0; in macsec_drv_delete_transmit_sc()
1252 if (!drv->created_link) { in macsec_drv_delete_transmit_sc()
1253 rtnl_link_put(drv->link); in macsec_drv_delete_transmit_sc()
1254 drv->link = NULL; in macsec_drv_delete_transmit_sc()
1257 return 0; in macsec_drv_delete_transmit_sc()
1260 err = rtnl_link_delete(drv->sk, drv->link); in macsec_drv_delete_transmit_sc()
1261 if (err < 0) in macsec_drv_delete_transmit_sc()
1263 rtnl_link_put(drv->link); in macsec_drv_delete_transmit_sc()
1264 drv->link = NULL; in macsec_drv_delete_transmit_sc()
1271 * macsec_drv_create_transmit_sa - Create secure association for transmit
1274 * Returns: 0 on success, -1 on failure
1278 struct macsec_drv_data *drv = priv; in macsec_drv_create_transmit_sa() local
1279 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_create_transmit_sa()
1282 int ret = -1; in macsec_drv_create_transmit_sa()
1284 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: create_transmit_sa -> %d on " in macsec_drv_create_transmit_sa()
1286 drv->ifname, sa->an, in macsec_drv_create_transmit_sa()
1287 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port), in macsec_drv_create_transmit_sa()
1288 sa->enable_transmit, sa->next_pn); in macsec_drv_create_transmit_sa()
1290 &sa->pkey->key_identifier, in macsec_drv_create_transmit_sa()
1291 sizeof(sa->pkey->key_identifier)); in macsec_drv_create_transmit_sa()
1293 sa->pkey->key, sa->pkey->key_len); in macsec_drv_create_transmit_sa()
1295 msg = msg_prepare(MACSEC_CMD_ADD_TXSA, ctx, drv->ifi); in macsec_drv_create_transmit_sa()
1303 NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); in macsec_drv_create_transmit_sa()
1304 NLA_PUT_U32(msg, MACSEC_SA_ATTR_PN, sa->next_pn); in macsec_drv_create_transmit_sa()
1305 NLA_PUT(msg, MACSEC_SA_ATTR_KEYID, sizeof(sa->pkey->key_identifier), in macsec_drv_create_transmit_sa()
1306 &sa->pkey->key_identifier); in macsec_drv_create_transmit_sa()
1307 NLA_PUT(msg, MACSEC_SA_ATTR_KEY, sa->pkey->key_len, sa->pkey->key); in macsec_drv_create_transmit_sa()
1308 NLA_PUT_U8(msg, MACSEC_SA_ATTR_ACTIVE, sa->enable_transmit); in macsec_drv_create_transmit_sa()
1312 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_create_transmit_sa()
1313 if (ret < 0) { in macsec_drv_create_transmit_sa()
1316 __func__, ret, nl_geterror(-ret)); in macsec_drv_create_transmit_sa()
1326 * macsec_drv_delete_transmit_sa - Delete secure association for transmit
1329 * Returns: 0 on success, -1 on failure
1333 struct macsec_drv_data *drv = priv; in macsec_drv_delete_transmit_sa() local
1334 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_delete_transmit_sa()
1337 int ret = -1; in macsec_drv_delete_transmit_sa()
1339 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: delete_transmit_sa -> %d on " in macsec_drv_delete_transmit_sa()
1340 SCISTR, drv->ifname, sa->an, in macsec_drv_delete_transmit_sa()
1341 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); in macsec_drv_delete_transmit_sa()
1343 msg = msg_prepare(MACSEC_CMD_DEL_TXSA, ctx, drv->ifi); in macsec_drv_delete_transmit_sa()
1351 NLA_PUT_U8(msg, MACSEC_SA_ATTR_AN, sa->an); in macsec_drv_delete_transmit_sa()
1355 ret = nl_send_recv(ctx->sk, msg); in macsec_drv_delete_transmit_sa()
1356 if (ret < 0) { in macsec_drv_delete_transmit_sa()
1359 __func__, ret, nl_geterror(-ret)); in macsec_drv_delete_transmit_sa()
1373 int ret = -1; in set_active_tx_sa()
1388 ret = nl_send_recv(ctx->sk, msg); in set_active_tx_sa()
1389 if (ret < 0) { in set_active_tx_sa()
1392 __func__, ret, nl_geterror(-ret)); in set_active_tx_sa()
1402 * macsec_drv_enable_transmit_sa - Enable SA for transmit
1405 * Returns: 0 on success, -1 on failure
1409 struct macsec_drv_data *drv = priv; in macsec_drv_enable_transmit_sa() local
1410 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_enable_transmit_sa()
1413 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: enable_transmit_sa -> %d on " in macsec_drv_enable_transmit_sa()
1414 SCISTR, drv->ifname, sa->an, in macsec_drv_enable_transmit_sa()
1415 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); in macsec_drv_enable_transmit_sa()
1417 ret = set_active_tx_sa(ctx, drv->ifi, sa->an, true); in macsec_drv_enable_transmit_sa()
1418 if (ret < 0) { in macsec_drv_enable_transmit_sa()
1423 drv->encoding_sa_set = true; in macsec_drv_enable_transmit_sa()
1424 drv->encoding_sa = sa->an; in macsec_drv_enable_transmit_sa()
1426 return try_commit(drv); in macsec_drv_enable_transmit_sa()
1431 * macsec_drv_disable_transmit_sa - Disable SA for transmit
1434 * Returns: 0 on success, -1 on failure
1438 struct macsec_drv_data *drv = priv; in macsec_drv_disable_transmit_sa() local
1439 struct macsec_genl_ctx *ctx = &drv->ctx; in macsec_drv_disable_transmit_sa()
1441 wpa_printf(MSG_DEBUG, DRV_PREFIX "%s: disable_transmit_sa -> %d on " in macsec_drv_disable_transmit_sa()
1442 SCISTR, drv->ifname, sa->an, in macsec_drv_disable_transmit_sa()
1443 SCI2STR(sa->sc->sci.addr, sa->sc->sci.port)); in macsec_drv_disable_transmit_sa()
1445 return set_active_tx_sa(ctx, drv->ifi, sa->an, false); in macsec_drv_disable_transmit_sa()
1451 struct macsec_drv_data *drv = priv; in macsec_drv_status() local
1458 res = os_snprintf(pos, end - pos, in macsec_drv_status()
1463 drv->common.ifname, drv->ifi, in macsec_drv_status()
1464 drv->ifname, drv->parent_ifi); in macsec_drv_status()
1465 if (os_snprintf_error(end - pos, res)) in macsec_drv_status()
1466 return pos - buf; in macsec_drv_status()
1469 return pos - buf; in macsec_drv_status()
1493 switch (ntohs(hdr->ethertype)) { in macsec_drv_handle_data()
1496 sa = hdr->src; in macsec_drv_handle_data()
1497 os_memset(&event, 0, sizeof(event)); in macsec_drv_handle_data()
1502 left = len - sizeof(*hdr); in macsec_drv_handle_data()
1507 wpa_printf(MSG_DEBUG, "Unknown ethertype 0x%04x in data frame", in macsec_drv_handle_data()
1508 ntohs(hdr->ethertype)); in macsec_drv_handle_data()
1520 len = recv(sock, buf, sizeof(buf), 0); in macsec_drv_handle_read()
1521 if (len < 0) { in macsec_drv_handle_read()
1533 static int macsec_drv_init_sockets(struct macsec_drv_data *drv, u8 *own_addr) in macsec_drv_init_sockets() argument
1539 drv->common.sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_PAE)); in macsec_drv_init_sockets()
1540 if (drv->common.sock < 0) { in macsec_drv_init_sockets()
1543 return -1; in macsec_drv_init_sockets()
1546 if (eloop_register_read_sock(drv->common.sock, macsec_drv_handle_read, in macsec_drv_init_sockets()
1547 drv->common.ctx, NULL)) { in macsec_drv_init_sockets()
1549 return -1; in macsec_drv_init_sockets()
1552 os_memset(&ifr, 0, sizeof(ifr)); in macsec_drv_init_sockets()
1553 os_strlcpy(ifr.ifr_name, drv->common.ifname, sizeof(ifr.ifr_name)); in macsec_drv_init_sockets()
1554 if (ioctl(drv->common.sock, SIOCGIFINDEX, &ifr) != 0) { in macsec_drv_init_sockets()
1557 return -1; in macsec_drv_init_sockets()
1560 os_memset(&addr, 0, sizeof(addr)); in macsec_drv_init_sockets()
1566 if (bind(drv->common.sock, (struct sockaddr *) &addr, sizeof(addr)) < 0) in macsec_drv_init_sockets()
1569 return -1; in macsec_drv_init_sockets()
1573 if (wired_multicast_membership(drv->common.sock, ifr.ifr_ifindex, in macsec_drv_init_sockets()
1574 pae_group_addr, 1) < 0) { in macsec_drv_init_sockets()
1577 return -1; in macsec_drv_init_sockets()
1580 os_memset(&ifr, 0, sizeof(ifr)); in macsec_drv_init_sockets()
1581 os_strlcpy(ifr.ifr_name, drv->common.ifname, sizeof(ifr.ifr_name)); in macsec_drv_init_sockets()
1582 if (ioctl(drv->common.sock, SIOCGIFHWADDR, &ifr) != 0) { in macsec_drv_init_sockets()
1585 return -1; in macsec_drv_init_sockets()
1589 wpa_printf(MSG_INFO, "Invalid HW-addr family 0x%04x", in macsec_drv_init_sockets()
1591 return -1; in macsec_drv_init_sockets()
1595 return 0; in macsec_drv_init_sockets()
1597 return -1; in macsec_drv_init_sockets()
1605 struct macsec_drv_data *drv; in macsec_drv_hapd_init() local
1607 drv = os_zalloc(sizeof(struct macsec_drv_data)); in macsec_drv_hapd_init()
1608 if (drv == NULL) { in macsec_drv_hapd_init()
1614 drv->common.ctx = hapd; in macsec_drv_hapd_init()
1615 os_strlcpy(drv->common.ifname, params->ifname, in macsec_drv_hapd_init()
1616 sizeof(drv->common.ifname)); in macsec_drv_hapd_init()
1617 drv->use_pae_group_addr = params->use_pae_group_addr; in macsec_drv_hapd_init()
1619 if (macsec_drv_init_sockets(drv, params->own_addr)) { in macsec_drv_hapd_init()
1620 os_free(drv); in macsec_drv_hapd_init()
1624 return drv; in macsec_drv_hapd_init()
1630 struct macsec_drv_data *drv = priv; in macsec_drv_hapd_deinit() local
1632 if (drv->common.sock >= 0) { in macsec_drv_hapd_deinit()
1633 eloop_unregister_read_sock(drv->common.sock); in macsec_drv_hapd_deinit()
1634 close(drv->common.sock); in macsec_drv_hapd_deinit()
1637 os_free(drv); in macsec_drv_hapd_deinit()
1645 struct macsec_drv_data *drv = priv; in macsec_drv_send_eapol() local
1657 return -1; in macsec_drv_send_eapol()
1660 os_memcpy(hdr->dest, drv->use_pae_group_addr ? pae_group_addr : addr, in macsec_drv_send_eapol()
1662 os_memcpy(hdr->src, own_addr, ETH_ALEN); in macsec_drv_send_eapol()
1663 hdr->ethertype = htons(ETH_P_PAE); in macsec_drv_send_eapol()
1668 res = send(drv->common.sock, (u8 *) hdr, len, 0); in macsec_drv_send_eapol()
1671 if (res < 0) { in macsec_drv_send_eapol()
1673 "%s: packet len: %lu - failed: send: %s", in macsec_drv_send_eapol()