2 * WPA Supplicant - driver interface definition
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
18 #define WPA_SUPPLICANT_DRIVER_VERSION 3
22 #define AUTH_ALG_OPEN_SYSTEM 0x01
23 #define AUTH_ALG_SHARED_KEY 0x02
24 #define AUTH_ALG_LEAP 0x04
25 #define AUTH_ALG_FT 0x08
27 #define IEEE80211_MODE_INFRA 0
28 #define IEEE80211_MODE_IBSS 1
30 #define IEEE80211_CAP_ESS 0x0001
31 #define IEEE80211_CAP_IBSS 0x0002
32 #define IEEE80211_CAP_PRIVACY 0x0010
34 #define SSID_MAX_WPA_IE_LEN 40
36 * struct wpa_scan_result - Scan results (old structure)
39 * @ssid_len: length of the ssid
41 * @wpa_ie_len: length of the wpa_ie
43 * @rsn_ie_len: length of the RSN IE
44 * @freq: frequency of the channel in MHz (e.g., 2412 = channel 1)
45 * @caps: capability information field in host byte order
46 * @qual: signal quality
48 * @level: signal level
49 * @maxrate: maximum supported rate
50 * @mdie_present: Whether MDIE was included in Beacon/ProbeRsp frame
51 * @mdie: Mobility domain identifier IE (IEEE 802.11r MDIE) (starting from
55 * This structure is used as a generic format for scan results from the
56 * driver. Each driver interface implementation is responsible for converting
57 * the driver or OS specific scan results into this format.
59 * This structure is the old data structure used for scan results. It is
60 * obsoleted by the new struct wpa_scan_res structure and the old version is
61 * only included for backwards compatibility with existing driver wrapper
62 * implementations. New implementations are encouraged to implement for struct
63 * wpa_scan_res. The old structure will be removed at some point.
65 struct wpa_scan_result {
69 u8 wpa_ie[SSID_MAX_WPA_IE_LEN];
71 u8 rsn_ie[SSID_MAX_WPA_IE_LEN];
85 #define WPA_SCAN_QUAL_INVALID BIT(0)
86 #define WPA_SCAN_NOISE_INVALID BIT(1)
87 #define WPA_SCAN_LEVEL_INVALID BIT(2)
88 #define WPA_SCAN_LEVEL_DBM BIT(3)
91 * struct wpa_scan_res - Scan result for an BSS/IBSS
92 * @flags: information flags about the BSS/IBSS (WPA_SCAN_*)
94 * @freq: frequency of the channel in MHz (e.g., 2412 = channel 1)
95 * @beacon_int: beacon interval in TUs (host byte order)
96 * @caps: capability information field in host byte order
97 * @qual: signal quality
99 * @level: signal level
101 * @ie_len: length of the following IE field in octets
103 * This structure is used as a generic format for scan results from the
104 * driver. Each driver interface implementation is responsible for converting
105 * the driver or OS specific scan results into this format.
107 * If the driver does not support reporting all IEs, the IE data structure is
108 * constructed of the IEs that are available. This field will also need to
109 * include SSID in IE format. All drivers are encouraged to be extended to
110 * report all IEs to make it easier to support future additions.
112 struct wpa_scan_res {
123 /* followed by ie_len octets of IEs */
127 * struct wpa_scan_results - Scan results
128 * @res: Array of pointers to allocated variable length scan result entries
129 * @num: Number of entries in the scan result array
131 struct wpa_scan_results {
132 struct wpa_scan_res **res;
137 * struct wpa_interface_info - Network interface information
138 * @next: Pointer to the next interface or NULL if this is the last one
139 * @ifname: Interface name that can be used with init() or init2()
140 * @desc: Human readable adapter description (e.g., vendor/model) or NULL if
142 * @drv_bame: struct wpa_driver_ops::name (note: unlike other strings, this one
143 * is not an allocated copy, i.e., get_interfaces() caller will not free
146 struct wpa_interface_info {
147 struct wpa_interface_info *next;
150 const char *drv_name;
153 #define WPAS_MAX_SCAN_SSIDS 4
156 * struct wpa_driver_scan_params - Scan parameters
157 * Data for struct wpa_driver_ops::scan2().
159 struct wpa_driver_scan_params {
161 * ssids - SSIDs to scan for
163 struct wpa_driver_scan_ssid {
165 * ssid - specific SSID to scan for (ProbeReq)
166 * %NULL or zero-length SSID is used to indicate active scan
167 * with wildcard SSID.
171 * ssid_len: Length of the SSID in octets
174 } ssids[WPAS_MAX_SCAN_SSIDS];
177 * num_ssids - Number of entries in ssids array
178 * Zero indicates a request for a passive scan.
183 * extra_ies - Extra IE(s) to add into Probe Request or %NULL
188 * extra_ies_len - Length of extra_ies in octets
190 size_t extra_ies_len;
193 * freqs - Array of frequencies to scan or %NULL for all frequencies
195 * The frequency is set in MHz. The array is zero-terminated.
201 * struct wpa_driver_auth_params - Authentication parameters
202 * Data for struct wpa_driver_ops::authenticate().
204 struct wpa_driver_auth_params {
212 const u8 *wep_key[4];
213 size_t wep_key_len[4];
218 * struct wpa_driver_associate_params - Association parameters
219 * Data for struct wpa_driver_ops::associate().
221 struct wpa_driver_associate_params {
223 * bssid - BSSID of the selected AP
224 * This can be %NULL, if ap_scan=2 mode is used and the driver is
225 * responsible for selecting with which BSS to associate. */
229 * ssid - The selected SSID
235 * freq - Frequency of the channel the selected AP is using
236 * Frequency that the selected AP is using (in MHz as
237 * reported in the scan results)
242 * wpa_ie - WPA information element for (Re)Association Request
243 * WPA information element to be included in (Re)Association
244 * Request (including information element id and length). Use
245 * of this WPA IE is optional. If the driver generates the WPA
246 * IE, it can use pairwise_suite, group_suite, and
247 * key_mgmt_suite to select proper algorithms. In this case,
248 * the driver has to notify wpa_supplicant about the used WPA
249 * IE by generating an event that the interface code will
250 * convert into EVENT_ASSOCINFO data (see below).
252 * When using WPA2/IEEE 802.11i, wpa_ie is used for RSN IE
253 * instead. The driver can determine which version is used by
254 * looking at the first byte of the IE (0xdd for WPA, 0x30 for
257 * When using WPS, wpa_ie is used for WPS IE instead of WPA/RSN IE.
261 * wpa_ie_len - length of the wpa_ie
265 /* The selected pairwise/group cipher and key management
266 * suites. These are usually ignored if @wpa_ie is used. */
267 wpa_cipher pairwise_suite;
268 wpa_cipher group_suite;
269 wpa_key_mgmt key_mgmt_suite;
272 * auth_alg - Allowed authentication algorithms
273 * Bit field of AUTH_ALG_*
278 * mode - Operation mode (infra/ibss) IEEE80211_MODE_*
283 * wep_key - WEP keys for static WEP configuration
285 const u8 *wep_key[4];
288 * wep_key_len - WEP key length for static WEP configuration
290 size_t wep_key_len[4];
293 * wep_tx_keyidx - WEP TX key index for static WEP configuration
298 * mgmt_frame_protection - IEEE 802.11w management frame protection
301 NO_MGMT_FRAME_PROTECTION,
302 MGMT_FRAME_PROTECTION_OPTIONAL,
303 MGMT_FRAME_PROTECTION_REQUIRED
304 } mgmt_frame_protection;
307 * ft_ies - IEEE 802.11r / FT information elements
308 * If the supplicant is using IEEE 802.11r (FT) and has the needed keys
309 * for fast transition, this parameter is set to include the IEs that
310 * are to be sent in the next FT Authentication Request message.
311 * update_ft_ies() handler is called to update the IEs for further
312 * FT messages in the sequence.
314 * The driver should use these IEs only if the target AP is advertising
315 * the same mobility domain as the one included in the MDIE here.
317 * In ap_scan=2 mode, the driver can use these IEs when moving to a new
318 * AP after the initial association. These IEs can only be used if the
319 * target AP is advertising support for FT and is using the same MDIE
320 * and SSID as the current AP.
322 * The driver is responsible for reporting the FT IEs received from the
323 * AP's response using wpa_supplicant_event() with EVENT_FT_RESPONSE
324 * type. update_ft_ies() handler will then be called with the FT IEs to
325 * include in the next frame in the authentication sequence.
330 * ft_ies_len - Length of ft_ies in bytes
335 * ft_md - FT Mobility domain (6 octets) (also included inside ft_ies)
337 * This value is provided to allow the driver interface easier access
338 * to the current mobility domain. This value is set to %NULL if no
339 * mobility domain is currently active.
344 * passphrase - RSN passphrase for PSK
346 * This value is made available only for WPA/WPA2-Personal (PSK) and
347 * only for drivers that set WPA_DRIVER_FLAGS_4WAY_HANDSHAKE. This is
348 * the 8..63 character ASCII passphrase, if available. Please note that
349 * this can be %NULL if passphrase was not used to generate the PSK. In
350 * that case, the psk field must be used to fetch the PSK.
352 const char *passphrase;
355 * psk - RSN PSK (alternative for passphrase for PSK)
357 * This value is made available only for WPA/WPA2-Personal (PSK) and
358 * only for drivers that set WPA_DRIVER_FLAGS_4WAY_HANDSHAKE. This is
359 * the 32-octet (256-bit) PSK, if available. The driver wrapper should
360 * be prepared to handle %NULL value as an error.
365 * drop_unencrypted - Enable/disable unencrypted frame filtering
367 * Configure the driver to drop all non-EAPOL frames (both receive and
368 * transmit paths). Unencrypted EAPOL frames (ethertype 0x888e) must
369 * still be allowed for key negotiation.
371 int drop_unencrypted;
375 * struct wpa_driver_capa - Driver capability information
377 struct wpa_driver_capa {
378 #define WPA_DRIVER_CAPA_KEY_MGMT_WPA 0x00000001
379 #define WPA_DRIVER_CAPA_KEY_MGMT_WPA2 0x00000002
380 #define WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK 0x00000004
381 #define WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK 0x00000008
382 #define WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE 0x00000010
383 #define WPA_DRIVER_CAPA_KEY_MGMT_FT 0x00000020
384 #define WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK 0x00000040
385 unsigned int key_mgmt;
387 #define WPA_DRIVER_CAPA_ENC_WEP40 0x00000001
388 #define WPA_DRIVER_CAPA_ENC_WEP104 0x00000002
389 #define WPA_DRIVER_CAPA_ENC_TKIP 0x00000004
390 #define WPA_DRIVER_CAPA_ENC_CCMP 0x00000008
393 #define WPA_DRIVER_AUTH_OPEN 0x00000001
394 #define WPA_DRIVER_AUTH_SHARED 0x00000002
395 #define WPA_DRIVER_AUTH_LEAP 0x00000004
398 /* Driver generated WPA/RSN IE */
399 #define WPA_DRIVER_FLAGS_DRIVER_IE 0x00000001
400 #define WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC 0x00000002
401 #define WPA_DRIVER_FLAGS_USER_SPACE_MLME 0x00000004
402 /* Driver takes care of RSN 4-way handshake internally; PMK is configured with
403 * struct wpa_driver_ops::set_key using alg = WPA_ALG_PMK */
404 #define WPA_DRIVER_FLAGS_4WAY_HANDSHAKE 0x00000008
405 #define WPA_DRIVER_FLAGS_WIRED 0x00000010
406 /* Driver provides separate commands for authentication and association (SME in
407 * wpa_supplicant). */
408 #define WPA_DRIVER_FLAGS_SME 0x00000020
409 /* Driver supports AP mode */
410 #define WPA_DRIVER_FLAGS_AP 0x00000040
417 struct ieee80211_rx_status {
424 * struct wpa_driver_ops - Driver interface API definition
426 * This structure defines the API that each driver interface needs to implement
427 * for core wpa_supplicant code. All driver specific functionality is captured
430 struct wpa_driver_ops {
431 /** Name of the driver interface */
433 /** One line description of the driver interface */
437 * get_bssid - Get the current BSSID
438 * @priv: private driver interface data
439 * @bssid: buffer for BSSID (ETH_ALEN = 6 bytes)
441 * Returns: 0 on success, -1 on failure
443 * Query kernel driver for the current BSSID and copy it to bssid.
444 * Setting bssid to 00:00:00:00:00:00 is recommended if the STA is not
447 int (*get_bssid)(void *priv, u8 *bssid);
450 * get_ssid - Get the current SSID
451 * @priv: private driver interface data
452 * @ssid: buffer for SSID (at least 32 bytes)
454 * Returns: Length of the SSID on success, -1 on failure
456 * Query kernel driver for the current SSID and copy it to ssid.
457 * Returning zero is recommended if the STA is not associated.
459 * Note: SSID is an array of octets, i.e., it is not nul terminated and
460 * can, at least in theory, contain control characters (including nul)
461 * and as such, should be processed as binary data, not a printable
464 int (*get_ssid)(void *priv, u8 *ssid);
467 * set_wpa - Enable/disable WPA support (OBSOLETE)
468 * @priv: private driver interface data
469 * @enabled: 1 = enable, 0 = disable
471 * Returns: 0 on success, -1 on failure
473 * Note: This function is included for backwards compatibility. This is
474 * called only just after init and just before deinit, so these
475 * functions can be used to implement same functionality and the driver
476 * interface need not define this function.
478 * Configure the kernel driver to enable/disable WPA support. This may
479 * be empty function, if WPA support is always enabled. Common
480 * configuration items are WPA IE (clearing it when WPA support is
481 * disabled), Privacy flag configuration for capability field (note:
482 * this the value need to set in associate handler to allow plaintext
483 * mode to be used) when trying to associate with, roaming mode (can
484 * allow wpa_supplicant to control roaming if ap_scan=1 is used;
485 * however, drivers can also implement roaming if desired, especially
486 * ap_scan=2 mode is used for this).
488 int (*set_wpa)(void *priv, int enabled);
491 * set_key - Configure encryption key
492 * @priv: private driver interface data
493 * @alg: encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
494 * %WPA_ALG_TKIP, %WPA_ALG_CCMP, %WPA_ALG_IGTK, %WPA_ALG_PMK);
495 * %WPA_ALG_NONE clears the key.
496 * @addr: address of the peer STA or ff:ff:ff:ff:ff:ff for
497 * broadcast/default keys
498 * @key_idx: key index (0..3), usually 0 for unicast keys; 0..4095 for
500 * @set_tx: configure this key as the default Tx key (only used when
501 * driver does not support separate unicast/individual key
502 * @seq: sequence number/packet number, seq_len octets, the next
503 * packet number to be used for in replay protection; configured
504 * for Rx keys (in most cases, this is only used with broadcast
505 * keys and set to zero for unicast keys)
506 * @seq_len: length of the seq, depends on the algorithm:
507 * TKIP: 6 octets, CCMP: 6 octets, IGTK: 6 octets
508 * @key: key buffer; TKIP: 16-byte temporal key, 8-byte Tx Mic key,
510 * @key_len: length of the key buffer in octets (WEP: 5 or 13,
511 * TKIP: 32, CCMP: 16, IGTK: 16)
513 * Returns: 0 on success, -1 on failure
515 * Configure the given key for the kernel driver. If the driver
516 * supports separate individual keys (4 default keys + 1 individual),
517 * addr can be used to determine whether the key is default or
518 * individual. If only 4 keys are supported, the default key with key
519 * index 0 is used as the individual key. STA must be configured to use
520 * it as the default Tx key (set_tx is set) and accept Rx for all the
521 * key indexes. In most cases, WPA uses only key indexes 1 and 2 for
522 * broadcast keys, so key index 0 is available for this kind of
525 * Please note that TKIP keys include separate TX and RX MIC keys and
526 * some drivers may expect them in different order than wpa_supplicant
527 * is using. If the TX/RX keys are swapped, all TKIP encrypted packets
528 * will tricker Michael MIC errors. This can be fixed by changing the
529 * order of MIC keys by swapping te bytes 16..23 and 24..31 of the key
530 * in driver_*.c set_key() implementation, see driver_ndis.c for an
531 * example on how this can be done.
533 int (*set_key)(void *priv, wpa_alg alg, const u8 *addr,
534 int key_idx, int set_tx, const u8 *seq, size_t seq_len,
535 const u8 *key, size_t key_len);
538 * init - Initialize driver interface
539 * @ctx: context to be used when calling wpa_supplicant functions,
540 * e.g., wpa_supplicant_event()
541 * @ifname: interface name, e.g., wlan0
543 * Returns: Pointer to private data, %NULL on failure
545 * Initialize driver interface, including event processing for kernel
546 * driver events (e.g., associated, scan results, Michael MIC failure).
547 * This function can allocate a private configuration data area for
548 * @ctx, file descriptor, interface name, etc. information that may be
549 * needed in future driver operations. If this is not used, non-NULL
550 * value will need to be returned because %NULL is used to indicate
551 * failure. The returned value will be used as 'void *priv' data for
552 * all other driver_ops functions.
554 * The main event loop (eloop.c) of wpa_supplicant can be used to
555 * register callback for read sockets (eloop_register_read_sock()).
557 * See below for more information about events and
558 * wpa_supplicant_event() function.
560 void * (*init)(void *ctx, const char *ifname);
563 * deinit - Deinitialize driver interface
564 * @priv: private driver interface data from init()
566 * Shut down driver interface and processing of driver events. Free
567 * private data buffer if one was allocated in init() handler.
569 void (*deinit)(void *priv);
572 * set_param - Set driver configuration parameters
573 * @priv: private driver interface data from init()
574 * @param: driver specific configuration parameters
576 * Returns: 0 on success, -1 on failure
578 * Optional handler for notifying driver interface about configuration
579 * parameters (driver_param).
581 int (*set_param)(void *priv, const char *param);
584 * set_countermeasures - Enable/disable TKIP countermeasures
585 * @priv: private driver interface data
586 * @enabled: 1 = countermeasures enabled, 0 = disabled
588 * Returns: 0 on success, -1 on failure
590 * Configure TKIP countermeasures. When these are enabled, the driver
591 * should drop all received and queued frames that are using TKIP.
593 int (*set_countermeasures)(void *priv, int enabled);
596 * set_drop_unencrypted - Enable/disable unencrypted frame filtering
597 * @priv: private driver interface data
598 * @enabled: 1 = unencrypted Tx/Rx frames will be dropped, 0 = disabled
600 * Returns: 0 on success, -1 on failure
602 * Configure the driver to drop all non-EAPOL frames (both receive and
603 * transmit paths). Unencrypted EAPOL frames (ethertype 0x888e) must
604 * still be allowed for key negotiation.
606 * This function is deprecated. New driver wrapper implementations
607 * should use associate() parameter drop_unencrypted instead.
609 int (*set_drop_unencrypted)(void *priv, int enabled);
612 * scan - Request the driver to initiate scan (old version)
613 * @priv: private driver interface data
614 * @ssid: specific SSID to scan for (ProbeReq) or %NULL to scan for
615 * all SSIDs (either active scan with wildcard SSID or passive
617 * @ssid_len: length of the SSID
619 * Returns: 0 on success, -1 on failure
621 * Once the scan results are ready, the driver should report scan
622 * results event for wpa_supplicant which will eventually request the
623 * results with wpa_driver_get_scan_results().
625 * This function is deprecated. New driver wrapper implementations
626 * should implement support for scan2().
628 int (*scan)(void *priv, const u8 *ssid, size_t ssid_len);
631 * get_scan_results - Fetch the latest scan results (old version)
632 * @priv: private driver interface data
633 * @results: pointer to buffer for scan results
634 * @max_size: maximum number of entries (buffer size)
636 * Returns: Number of scan result entries used on success, -1 on
639 * If scan results include more than max_size BSSes, max_size will be
640 * returned and the remaining entries will not be included in the
643 * This function is deprecated. New driver wrapper implementations
644 * should implement support for get_scan_results2().
646 int (*get_scan_results)(void *priv,
647 struct wpa_scan_result *results,
651 * deauthenticate - Request driver to deauthenticate
652 * @priv: private driver interface data
653 * @addr: peer address (BSSID of the AP)
654 * @reason_code: 16-bit reason code to be sent in the deauthentication
657 * Returns: 0 on success, -1 on failure
659 int (*deauthenticate)(void *priv, const u8 *addr, int reason_code);
662 * disassociate - Request driver to disassociate
663 * @priv: private driver interface data
664 * @addr: peer address (BSSID of the AP)
665 * @reason_code: 16-bit reason code to be sent in the disassociation
668 * Returns: 0 on success, -1 on failure
670 int (*disassociate)(void *priv, const u8 *addr, int reason_code);
673 * associate - Request driver to associate
674 * @priv: private driver interface data
675 * @params: association parameters
677 * Returns: 0 on success, -1 on failure
679 int (*associate)(void *priv,
680 struct wpa_driver_associate_params *params);
683 * set_auth_alg - Set IEEE 802.11 authentication algorithm
684 * @priv: private driver interface data
685 * @auth_alg: bit field of AUTH_ALG_*
687 * If the driver supports more than one authentication algorithm at the
688 * same time, it should configure all supported algorithms. If not, one
689 * algorithm needs to be selected arbitrarily. Open System
690 * authentication should be ok for most cases and it is recommended to
691 * be used if other options are not supported. Static WEP configuration
692 * may also use Shared Key authentication and LEAP requires its own
693 * algorithm number. For LEAP, user can make sure that only one
694 * algorithm is used at a time by configuring LEAP as the only
695 * supported EAP method. This information is also available in
696 * associate() params, so set_auth_alg may not be needed in case of
699 * This function is deprecated. New driver wrapper implementations
700 * should use associate() parameter auth_alg instead.
702 * Returns: 0 on success, -1 on failure
704 int (*set_auth_alg)(void *priv, int auth_alg);
707 * add_pmkid - Add PMKSA cache entry to the driver
708 * @priv: private driver interface data
709 * @bssid: BSSID for the PMKSA cache entry
710 * @pmkid: PMKID for the PMKSA cache entry
712 * Returns: 0 on success, -1 on failure
714 * This function is called when a new PMK is received, as a result of
715 * either normal authentication or RSN pre-authentication.
717 * If the driver generates RSN IE, i.e., it does not use wpa_ie in
718 * associate(), add_pmkid() can be used to add new PMKSA cache entries
719 * in the driver. If the driver uses wpa_ie from wpa_supplicant, this
720 * driver_ops function does not need to be implemented. Likewise, if
721 * the driver does not support WPA, this function is not needed.
723 int (*add_pmkid)(void *priv, const u8 *bssid, const u8 *pmkid);
726 * remove_pmkid - Remove PMKSA cache entry to the driver
727 * @priv: private driver interface data
728 * @bssid: BSSID for the PMKSA cache entry
729 * @pmkid: PMKID for the PMKSA cache entry
731 * Returns: 0 on success, -1 on failure
733 * This function is called when the supplicant drops a PMKSA cache
734 * entry for any reason.
736 * If the driver generates RSN IE, i.e., it does not use wpa_ie in
737 * associate(), remove_pmkid() can be used to synchronize PMKSA caches
738 * between the driver and wpa_supplicant. If the driver uses wpa_ie
739 * from wpa_supplicant, this driver_ops function does not need to be
740 * implemented. Likewise, if the driver does not support WPA, this
741 * function is not needed.
743 int (*remove_pmkid)(void *priv, const u8 *bssid, const u8 *pmkid);
746 * flush_pmkid - Flush PMKSA cache
747 * @priv: private driver interface data
749 * Returns: 0 on success, -1 on failure
751 * This function is called when the supplicant drops all PMKSA cache
752 * entries for any reason.
754 * If the driver generates RSN IE, i.e., it does not use wpa_ie in
755 * associate(), remove_pmkid() can be used to synchronize PMKSA caches
756 * between the driver and wpa_supplicant. If the driver uses wpa_ie
757 * from wpa_supplicant, this driver_ops function does not need to be
758 * implemented. Likewise, if the driver does not support WPA, this
759 * function is not needed.
761 int (*flush_pmkid)(void *priv);
764 * get_capa - Get driver capabilities
765 * @priv: private driver interface data
767 * Returns: 0 on success, -1 on failure
769 * Get driver/firmware/hardware capabilities.
771 int (*get_capa)(void *priv, struct wpa_driver_capa *capa);
774 * poll - Poll driver for association information
775 * @priv: private driver interface data
777 * This is an option callback that can be used when the driver does not
778 * provide event mechanism for association events. This is called when
779 * receiving WPA EAPOL-Key messages that require association
780 * information. The driver interface is supposed to generate associnfo
781 * event before returning from this callback function. In addition, the
782 * driver interface should generate an association event after having
783 * sent out associnfo.
785 void (*poll)(void *priv);
788 * get_ifname - Get interface name
789 * @priv: private driver interface data
791 * Returns: Pointer to the interface name. This can differ from the
792 * interface name used in init() call. Init() is called first.
794 * This optional function can be used to allow the driver interface to
795 * replace the interface name with something else, e.g., based on an
796 * interface mapping from a more descriptive name.
798 const char * (*get_ifname)(void *priv);
801 * get_mac_addr - Get own MAC address
802 * @priv: private driver interface data
804 * Returns: Pointer to own MAC address or %NULL on failure
806 * This optional function can be used to get the own MAC address of the
807 * device from the driver interface code. This is only needed if the
808 * l2_packet implementation for the OS does not provide easy access to
810 const u8 * (*get_mac_addr)(void *priv);
813 * send_eapol - Optional function for sending EAPOL packets
814 * @priv: private driver interface data
815 * @dest: Destination MAC address
817 * @data: EAPOL packet starting with IEEE 802.1X header
818 * @data_len: Size of the EAPOL packet
820 * Returns: 0 on success, -1 on failure
822 * This optional function can be used to override l2_packet operations
823 * with driver specific functionality. If this function pointer is set,
824 * l2_packet module is not used at all and the driver interface code is
825 * responsible for receiving and sending all EAPOL packets. The
826 * received EAPOL packets are sent to core code by calling
827 * wpa_supplicant_rx_eapol(). The driver interface is required to
828 * implement get_mac_addr() handler if send_eapol() is used.
830 int (*send_eapol)(void *priv, const u8 *dest, u16 proto,
831 const u8 *data, size_t data_len);
834 * set_operstate - Sets device operating state to DORMANT or UP
835 * @priv: private driver interface data
836 * @state: 0 = dormant, 1 = up
837 * Returns: 0 on success, -1 on failure
839 * This is an optional function that can be used on operating systems
840 * that support a concept of controlling network device state from user
841 * space applications. This function, if set, gets called with
842 * state = 1 when authentication has been completed and with state = 0
843 * when connection is lost.
845 int (*set_operstate)(void *priv, int state);
848 * mlme_setprotection - MLME-SETPROTECTION.request primitive
849 * @priv: Private driver interface data
850 * @addr: Address of the station for which to set protection (may be
851 * %NULL for group keys)
852 * @protect_type: MLME_SETPROTECTION_PROTECT_TYPE_*
853 * @key_type: MLME_SETPROTECTION_KEY_TYPE_*
854 * Returns: 0 on success, -1 on failure
856 * This is an optional function that can be used to set the driver to
857 * require protection for Tx and/or Rx frames. This uses the layer
858 * interface defined in IEEE 802.11i-2004 clause 10.3.22.1
859 * (MLME-SETPROTECTION.request). Many drivers do not use explicit
860 * set protection operation; instead, they set protection implicitly
861 * based on configured keys.
863 int (*mlme_setprotection)(void *priv, const u8 *addr, int protect_type,
867 * get_hw_feature_data - Get hardware support data (channels and rates)
868 * @priv: Private driver interface data
869 * @num_modes: Variable for returning the number of returned modes
870 * flags: Variable for returning hardware feature flags
871 * Returns: Pointer to allocated hardware data on success or %NULL on
872 * failure. Caller is responsible for freeing this.
874 * This function is only needed for drivers that export MLME
875 * (management frame processing) to wpa_supplicant.
877 struct hostapd_hw_modes * (*get_hw_feature_data)(void *priv,
882 * set_channel - Set channel
883 * @priv: Private driver interface data
884 * @phymode: HOSTAPD_MODE_IEEE80211B, ..
885 * @chan: IEEE 802.11 channel number
886 * @freq: Frequency of the channel in MHz
887 * Returns: 0 on success, -1 on failure
889 * This function is only needed for drivers that export MLME
890 * (management frame processing) to wpa_supplicant.
892 int (*set_channel)(void *priv, hostapd_hw_mode phymode, int chan,
896 * set_ssid - Set SSID
897 * @priv: Private driver interface data
899 * @ssid_len: SSID length
900 * Returns: 0 on success, -1 on failure
902 * This function is only needed for drivers that export MLME
903 * (management frame processing) to wpa_supplicant.
905 int (*set_ssid)(void *priv, const u8 *ssid, size_t ssid_len);
908 * set_bssid - Set BSSID
909 * @priv: Private driver interface data
911 * Returns: 0 on success, -1 on failure
913 * This function is only needed for drivers that export MLME
914 * (management frame processing) to wpa_supplicant.
916 int (*set_bssid)(void *priv, const u8 *bssid);
919 * send_mlme - Send management frame from MLME
920 * @priv: Private driver interface data
921 * @data: IEEE 802.11 management frame with IEEE 802.11 header
922 * @data_len: Size of the management frame
923 * Returns: 0 on success, -1 on failure
925 * This function is only needed for drivers that export MLME
926 * (management frame processing) to wpa_supplicant.
928 int (*send_mlme)(void *priv, const u8 *data, size_t data_len);
931 * mlme_add_sta - Add a STA entry into the driver/netstack
932 * @priv: Private driver interface data
933 * @addr: MAC address of the STA (e.g., BSSID of the AP)
934 * @supp_rates: Supported rate set (from (Re)AssocResp); in IEEE 802.11
935 * format (one octet per rate, 1 = 0.5 Mbps)
936 * @supp_rates_len: Number of entries in supp_rates
937 * Returns: 0 on success, -1 on failure
939 * This function is only needed for drivers that export MLME
940 * (management frame processing) to wpa_supplicant. When the MLME code
941 * completes association with an AP, this function is called to
942 * configure the driver/netstack with a STA entry for data frame
943 * processing (TX rate control, encryption/decryption).
945 int (*mlme_add_sta)(void *priv, const u8 *addr, const u8 *supp_rates,
946 size_t supp_rates_len);
949 * mlme_remove_sta - Remove a STA entry from the driver/netstack
950 * @priv: Private driver interface data
951 * @addr: MAC address of the STA (e.g., BSSID of the AP)
952 * Returns: 0 on success, -1 on failure
954 * This function is only needed for drivers that export MLME
955 * (management frame processing) to wpa_supplicant.
957 int (*mlme_remove_sta)(void *priv, const u8 *addr);
960 * update_ft_ies - Update FT (IEEE 802.11r) IEs
961 * @priv: Private driver interface data
962 * @md: Mobility domain (2 octets) (also included inside ies)
963 * @ies: FT IEs (MDIE, FTIE, ...) or %NULL to remove IEs
964 * @ies_len: Length of FT IEs in bytes
965 * Returns: 0 on success, -1 on failure
967 * The supplicant uses this callback to let the driver know that keying
968 * material for FT is available and that the driver can use the
969 * provided IEs in the next message in FT authentication sequence.
971 * This function is only needed for driver that support IEEE 802.11r
972 * (Fast BSS Transition).
974 int (*update_ft_ies)(void *priv, const u8 *md, const u8 *ies,
978 * send_ft_action - Send FT Action frame (IEEE 802.11r)
979 * @priv: Private driver interface data
980 * @action: Action field value
981 * @target_ap: Target AP address
982 * @ies: FT IEs (MDIE, FTIE, ...) (FT Request action frame body)
983 * @ies_len: Length of FT IEs in bytes
984 * Returns: 0 on success, -1 on failure
986 * The supplicant uses this callback to request the driver to transmit
987 * an FT Action frame (action category 6) for over-the-DS fast BSS
990 int (*send_ft_action)(void *priv, u8 action, const u8 *target_ap,
991 const u8 *ies, size_t ies_len);
994 * get_scan_results2 - Fetch the latest scan results
995 * @priv: private driver interface data
997 * Returns: Allocated buffer of scan results (caller is responsible for
998 * freeing the data structure) on success, NULL on failure
1000 struct wpa_scan_results * (*get_scan_results2)(void *priv);
1003 * set_probe_req_ie - Set information element(s) for Probe Request
1004 * @priv: private driver interface data
1005 * @ies: Information elements to append or %NULL to remove extra IEs
1006 * @ies_len: Length of the IE buffer in octets
1007 * Returns: 0 on success, -1 on failure
1009 int (*set_probe_req_ie)(void *priv, const u8 *ies, size_t ies_len);
1012 * set_mode - Request driver to set the operating mode
1013 * @priv: private driver interface data
1014 * @mode: Operation mode (infra/ibss) IEEE80211_MODE_*
1016 * This handler will be called before any key configuration and call to
1017 * associate() handler in order to allow the operation mode to be
1018 * configured as early as possible. This information is also available
1019 * in associate() params and as such, driver wrappers may not need
1020 * to implement set_mode() handler.
1022 * This function is deprecated. New driver wrapper implementations
1023 * should use associate() parameter mode instead.
1025 * Returns: 0 on success, -1 on failure
1027 int (*set_mode)(void *priv, int mode);
1030 * set_country - Set country
1031 * @priv: Private driver interface data
1032 * @alpha2: country to which to switch to
1033 * Returns: 0 on success, -1 on failure
1035 * This function is for drivers which support some form
1036 * of setting a regulatory domain.
1038 int (*set_country)(void *priv, const char *alpha2);
1041 * global_init - Global driver initialization
1042 * Returns: Pointer to private data (global), %NULL on failure
1044 * This optional function is called to initialize the driver wrapper
1045 * for global data, i.e., data that applies to all interfaces. If this
1046 * function is implemented, global_deinit() will also need to be
1047 * implemented to free the private data. The driver will also likely
1048 * use init2() function instead of init() to get the pointer to global
1049 * data available to per-interface initializer.
1051 void * (*global_init)(void);
1054 * global_deinit - Global driver deinitialization
1055 * @priv: private driver global data from global_init()
1057 * Terminate any global driver related functionality and free the
1058 * global data structure.
1060 void (*global_deinit)(void *priv);
1063 * init2 - Initialize driver interface (with global data)
1064 * @ctx: context to be used when calling wpa_supplicant functions,
1065 * e.g., wpa_supplicant_event()
1066 * @ifname: interface name, e.g., wlan0
1067 * @global_priv: private driver global data from global_init()
1068 * Returns: Pointer to private data, %NULL on failure
1070 * This function can be used instead of init() if the driver wrapper
1073 void * (*init2)(void *ctx, const char *ifname, void *global_priv);
1076 * get_interfaces - Get information about available interfaces
1077 * @global_priv: private driver global data from global_init()
1078 * Returns: Allocated buffer of interface information (caller is
1079 * responsible for freeing the data structure) on success, NULL on
1082 struct wpa_interface_info * (*get_interfaces)(void *global_priv);
1085 * scan2 - Request the driver to initiate scan
1086 * @priv: private driver interface data
1087 * @params: Scan parameters
1089 * Returns: 0 on success, -1 on failure
1091 * Once the scan results are ready, the driver should report scan
1092 * results event for wpa_supplicant which will eventually request the
1093 * results with wpa_driver_get_scan_results2().
1095 int (*scan2)(void *priv, struct wpa_driver_scan_params *params);
1098 * authenticate - Request driver to authenticate
1099 * @priv: private driver interface data
1100 * @params: authentication parameters
1101 * Returns: 0 on success, -1 on failure
1103 * This is an optional function that can be used with drivers that
1104 * support separate authentication and association steps, i.e., when
1105 * wpa_supplicant can act as the SME. If not implemented, associate()
1106 * function is expected to take care of IEEE 802.11 authentication,
1109 int (*authenticate)(void *priv,
1110 struct wpa_driver_auth_params *params);
1112 int (*set_beacon)(void *priv, const u8 *head, size_t head_len,
1113 const u8 *tail, size_t tail_len, int dtim_period);
1115 int (*set_beacon_int)(void *priv, int value);
1119 * enum wpa_event_type - Event type for wpa_supplicant_event() calls
1121 typedef enum wpa_event_type {
1123 * EVENT_ASSOC - Association completed
1125 * This event needs to be delivered when the driver completes IEEE
1126 * 802.11 association or reassociation successfully.
1127 * wpa_driver_ops::get_bssid() is expected to provide the current BSSID
1128 * after this event has been generated. In addition, optional
1129 * EVENT_ASSOCINFO may be generated just before EVENT_ASSOC to provide
1130 * more information about the association. If the driver interface gets
1131 * both of these events at the same time, it can also include the
1132 * assoc_info data in EVENT_ASSOC call.
1137 * EVENT_DISASSOC - Association lost
1139 * This event should be called when association is lost either due to
1140 * receiving deauthenticate or disassociate frame from the AP or when
1141 * sending either of these frames to the current AP. If the driver
1142 * supports separate deauthentication event, EVENT_DISASSOC should only
1143 * be used for disassociation and EVENT_DEAUTH for deauthentication.
1148 * EVENT_MICHAEL_MIC_FAILURE - Michael MIC (TKIP) detected
1150 * This event must be delivered when a Michael MIC error is detected by
1151 * the local driver. Additional data for event processing is
1152 * provided with union wpa_event_data::michael_mic_failure. This
1153 * information is used to request new encyption key and to initiate
1154 * TKIP countermeasures if needed.
1156 EVENT_MICHAEL_MIC_FAILURE,
1159 * EVENT_SCAN_RESULTS - Scan results available
1161 * This event must be called whenever scan results are available to be
1162 * fetched with struct wpa_driver_ops::get_scan_results(). This event
1163 * is expected to be used some time after struct wpa_driver_ops::scan()
1164 * is called. If the driver provides an unsolicited event when the scan
1165 * has been completed, this event can be used to trigger
1166 * EVENT_SCAN_RESULTS call. If such event is not available from the
1167 * driver, the driver wrapper code is expected to use a registered
1168 * timeout to generate EVENT_SCAN_RESULTS call after the time that the
1169 * scan is expected to be completed.
1174 * EVENT_ASSOCINFO - Report optional extra information for association
1176 * This event can be used to report extra association information for
1177 * EVENT_ASSOC processing. This extra information includes IEs from
1178 * association frames and Beacon/Probe Response frames in union
1179 * wpa_event_data::assoc_info. EVENT_ASSOCINFO must be send just before
1180 * EVENT_ASSOC. Alternatively, the driver interface can include
1181 * assoc_info data in the EVENT_ASSOC call if it has all the
1182 * information available at the same point.
1187 * EVENT_INTERFACE_STATUS - Report interface status changes
1189 * This optional event can be used to report changes in interface
1190 * status (interface added/removed) using union
1191 * wpa_event_data::interface_status. This can be used to trigger
1192 * wpa_supplicant to stop and re-start processing for the interface,
1193 * e.g., when a cardbus card is ejected/inserted.
1195 EVENT_INTERFACE_STATUS,
1198 * EVENT_PMKID_CANDIDATE - Report a candidate AP for pre-authentication
1200 * This event can be used to inform wpa_supplicant about candidates for
1201 * RSN (WPA2) pre-authentication. If wpa_supplicant is not responsible
1202 * for scan request (ap_scan=2 mode), this event is required for
1203 * pre-authentication. If wpa_supplicant is performing scan request
1204 * (ap_scan=1), this event is optional since scan results can be used
1205 * to add pre-authentication candidates. union
1206 * wpa_event_data::pmkid_candidate is used to report the BSSID of the
1207 * candidate and priority of the candidate, e.g., based on the signal
1208 * strength, in order to try to pre-authenticate first with candidates
1209 * that are most likely targets for re-association.
1211 * EVENT_PMKID_CANDIDATE can be called whenever the driver has updates
1212 * on the candidate list. In addition, it can be called for the current
1213 * AP and APs that have existing PMKSA cache entries. wpa_supplicant
1214 * will automatically skip pre-authentication in cases where a valid
1215 * PMKSA exists. When more than one candidate exists, this event should
1216 * be generated once for each candidate.
1218 * Driver will be notified about successful pre-authentication with
1219 * struct wpa_driver_ops::add_pmkid() calls.
1221 EVENT_PMKID_CANDIDATE,
1224 * EVENT_STKSTART - Request STK handshake (MLME-STKSTART.request)
1226 * This event can be used to inform wpa_supplicant about desire to set
1227 * up secure direct link connection between two stations as defined in
1228 * IEEE 802.11e with a new PeerKey mechanism that replaced the original
1229 * STAKey negotiation. The caller will need to set peer address for the
1235 * EVENT_FT_RESPONSE - Report FT (IEEE 802.11r) response IEs
1237 * The driver is expected to report the received FT IEs from
1238 * FT authentication sequence from the AP. The FT IEs are included in
1239 * the extra information in union wpa_event_data::ft_ies.
1244 * EVENT_IBSS_RSN_START - Request RSN authentication in IBSS
1246 * The driver can use this event to inform wpa_supplicant about a STA
1247 * in an IBSS with which protected frames could be exchanged. This
1248 * event starts RSN authentication with the other STA to authenticate
1249 * the STA and set up encryption keys with it.
1251 EVENT_IBSS_RSN_START,
1254 * EVENT_AUTH - Authentication result
1256 * This event should be called when authentication attempt has been
1257 * completed. This is only used if the driver supports separate
1258 * authentication step (struct wpa_driver_ops::authenticate).
1259 * Information about authentication result is included in
1260 * union wpa_event_data::auth.
1265 * EVENT_DEAUTH - Authentication lost
1267 * This event should be called when authentication is lost either due
1268 * to receiving deauthenticate frame from the AP or when sending that
1269 * frame to the current AP.
1274 * EVENT_ASSOC_REJECT - Association rejected
1276 * This event should be called when (re)association attempt has been
1277 * rejected by the AP. Information about authentication result is
1278 * included in union wpa_event_data::assoc_reject.
1285 * union wpa_event_data - Additional data for wpa_supplicant_event() calls
1287 union wpa_event_data {
1289 * struct assoc_info - Data for EVENT_ASSOC and EVENT_ASSOCINFO events
1291 * This structure is optional for EVENT_ASSOC calls and required for
1292 * EVENT_ASSOCINFO calls. By using EVENT_ASSOC with this data, the
1293 * driver interface does not need to generate separate EVENT_ASSOCINFO
1298 * req_ies - (Re)Association Request IEs
1300 * If the driver generates WPA/RSN IE, this event data must be
1301 * returned for WPA handshake to have needed information. If
1302 * wpa_supplicant-generated WPA/RSN IE is used, this
1303 * information event is optional.
1305 * This should start with the first IE (fixed fields before IEs
1306 * are not included).
1311 * req_ies_len - Length of req_ies in bytes
1316 * resp_ies - (Re)Association Response IEs
1318 * Optional association data from the driver. This data is not
1319 * required WPA, but may be useful for some protocols and as
1320 * such, should be reported if this is available to the driver
1323 * This should start with the first IE (fixed fields before IEs
1324 * are not included).
1329 * resp_ies_len - Length of resp_ies in bytes
1331 size_t resp_ies_len;
1334 * beacon_ies - Beacon or Probe Response IEs
1336 * Optional Beacon/ProbeResp data: IEs included in Beacon or
1337 * Probe Response frames from the current AP (i.e., the one
1338 * that the client just associated with). This information is
1339 * used to update WPA/RSN IE for the AP. If this field is not
1340 * set, the results from previous scan will be used. If no
1341 * data for the new AP is found, scan results will be requested
1342 * again (without scan request). At this point, the driver is
1343 * expected to provide WPA/RSN IE for the AP (if WPA/WPA2 is
1346 * This should start with the first IE (fixed fields before IEs
1347 * are not included).
1352 * beacon_ies_len - Length of beacon_ies */
1353 size_t beacon_ies_len;
1357 * struct michael_mic_failure - Data for EVENT_MICHAEL_MIC_FAILURE
1359 struct michael_mic_failure {
1361 } michael_mic_failure;
1364 * struct interface_status - Data for EVENT_INTERFACE_STATUS
1366 struct interface_status {
1369 EVENT_INTERFACE_ADDED, EVENT_INTERFACE_REMOVED
1374 * struct pmkid_candidate - Data for EVENT_PMKID_CANDIDATE
1376 struct pmkid_candidate {
1377 /** BSSID of the PMKID candidate */
1379 /** Smaller the index, higher the priority */
1381 /** Whether RSN IE includes pre-authenticate flag */
1386 * struct stkstart - Data for EVENT_STKSTART
1393 * struct ft_ies - FT information elements (EVENT_FT_RESPONSE)
1395 * During FT (IEEE 802.11r) authentication sequence, the driver is
1396 * expected to use this event to report received FT IEs (MDIE, FTIE,
1397 * RSN IE, TIE, possible resource request) to the supplicant. The FT
1398 * IEs for the next message will be delivered through the
1399 * struct wpa_driver_ops::update_ft_ies() callback.
1405 u8 target_ap[ETH_ALEN];
1406 /** Optional IE(s), e.g., WMM TSPEC(s), for RIC-Request */
1408 /** Length of ric_ies buffer in octets */
1413 * struct ibss_rsn_start - Data for EVENT_IBSS_RSN_START
1415 struct ibss_rsn_start {
1420 * struct auth_info - Data for EVENT_AUTH events
1431 * struct assoc_reject - Data for EVENT_ASSOC_REJECT events
1433 struct assoc_reject {
1435 * resp_ies - (Re)Association Response IEs
1437 * Optional association data from the driver. This data is not
1438 * required WPA, but may be useful for some protocols and as
1439 * such, should be reported if this is available to the driver
1442 * This should start with the first IE (fixed fields before IEs
1443 * are not included).
1448 * resp_ies_len - Length of resp_ies in bytes
1450 size_t resp_ies_len;
1453 * status_code - Status Code from (Re)association Response
1460 * wpa_supplicant_event - Report a driver event for wpa_supplicant
1461 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1462 * with struct wpa_driver_ops::init()
1463 * @event: event type (defined above)
1464 * @data: possible extra data for the event
1466 * Driver wrapper code should call this function whenever an event is received
1469 void wpa_supplicant_event(void *ctx, wpa_event_type event,
1470 union wpa_event_data *data);
1473 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1474 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1475 * with struct wpa_driver_ops::init()
1476 * @src_addr: Source address of the EAPOL frame
1477 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1478 * @len: Length of the EAPOL data
1480 * This function is called for each received EAPOL frame. Most driver
1481 * interfaces rely on more generic OS mechanism for receiving frames through
1482 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1483 * take care of received EAPOL frames and deliver them to the core supplicant
1484 * code by calling this function.
1486 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1487 const u8 *buf, size_t len);
1489 void wpa_supplicant_sta_rx(void *ctx, const u8 *buf, size_t len,
1490 struct ieee80211_rx_status *rx_status);
1491 void wpa_supplicant_sta_free_hw_features(struct hostapd_hw_modes *hw_features,
1492 size_t num_hw_features);
1494 const u8 * wpa_scan_get_ie(const struct wpa_scan_res *res, u8 ie);
1495 #define WPA_IE_VENDOR_TYPE 0x0050f201
1496 #define WPS_IE_VENDOR_TYPE 0x0050f204
1497 const u8 * wpa_scan_get_vendor_ie(const struct wpa_scan_res *res,
1499 struct wpabuf * wpa_scan_get_vendor_ie_multi(const struct wpa_scan_res *res,
1501 int wpa_scan_get_max_rate(const struct wpa_scan_res *res);
1502 void wpa_scan_results_free(struct wpa_scan_results *res);
1503 void wpa_scan_sort_results(struct wpa_scan_results *res);
1505 #endif /* DRIVER_H */