On Tue, 2008-06-17 at 20:27 +0200, Michael Buesch wrote: > On Tuesday 17 June 2008 20:23:22 Jouni Malinen wrote: > > On Tue, Jun 17, 2008 at 07:52:52PM +0200, Michael Buesch wrote: > > > > > Well, as long as the checksum will fail in that case we're OK for b43, > > > as the driver will notify the need for software crypto for those packets. > > > > Yes, MIC won't match (or well, in theory it could, but in practice..) > > and if the original frame is available after failed hw-decryption > > attempt, this is indeed all that's needed here. Some hardware designs > > are not able to deliver the unmodified frame due to the way AES hwaccel > > is implemented in them and that gets bit tricky to handle in software > > for IEEE 802.11w. > > Yeah I see. Probably need to disable HW crypto for them. > (If firmware modification to pass MGMT frames untouched is impossible) Broadcom's firmware already passes MGMT frames through untouched (unless they are auth frames and those aren't protected in 802.11w I think.) johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
