Re: How does IWD handle setting MAC address?

From: Marcel Holtmann <marcel holtmann org>
To: Thomas Haller <thaller redhat com>
Cc: Andrew Zaborowski <andrew zaborowski intel com>, networkmanager-list gnome org
Subject: Re: How does IWD handle setting MAC address?
Date: Wed, 3 Jan 2018 20:58:59 +0100

Hi Thomas,

I think a valueable feature with NetworkManager + Wi-Fi +
wpa_supplicant is that MAC address options.

I tried to explain how that works here:
https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/
and some ideas here:

https://cgit.freedesktop.org/NetworkManager/NetworkManager/tree/examples/nm-conf.d/30-anon.conf?id=b936ccd2837199d5851388122c2e44951bf20012

Basically, NM changes the current MAC address of the Wi-Fi device under the hood.
But only while scanning, early when activation starts, or after deactivation.

Grep the sources for nm_device_hw_addr_set() and nm_device_hw_addr_set_cloned().

There were/are a few issues with supplicant, where it would cope badly with NM
externally changing the MAC address:
E.g. https://w1.fi/cgit/hostap/commit/?id=290834df69556b903b49f2a45671cc62b44f13bb
http://lists.infradead.org/pipermail/hostap/2017-October/038035.html

Also, some drivers don't support changing the MAC address at all. In the past,
NM would fail badly in that case, nowadays, it should just log a warning
and otherwise work fine.

Anyway, how does iwd cope with NM externally changing the MAC address (via netlink)?
Otherwise, could/does iwd provide a SetMacAddress() D-Bus method?
I don't think iwd should contain the logic for selecting a MAC address. NM knows which
profile is active, and it knows how to generate the desired MAC address. iwd could contain
some MAC address randomization schemes, I don't care as long as there is a way for NM
to explicitly set the desired MAC address.


I think that MAC address randomization should be done inside the kernel at cfg80211 level or to some level 
via nl80211 level from iwd. Doing that the hard way via RTNL and behind the back of a WiFi daemon is really a 
bad idea.

So for iwd we most likely just want to provide an option to enable privacy (aka address randomization) and 
nothing else.

Regards

Marcel

Follow-Ups:
- Re: How does IWD handle setting MAC address?
  - From: Andrew Zaborowski

References:
- How does IWD handle setting MAC address?
  - From: Thomas Haller

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]