svn commit: r225747 - user/adrian/if_ath_tx/sys/dev/ath

Adrian Chadd adrian at FreeBSD.org
Sun Sep 25 02:41:51 UTC 2011 

Author: adrian
Date: Sun Sep 25 02:41:50 2011
New Revision: 225747
URL: http://svn.freebsd.org/changeset/base/225747

Log:
  Begin to flesh out the random crypto related issues I've seen crop up here.

Added:
  user/adrian/if_ath_tx/sys/dev/ath/README-crypto

Added: user/adrian/if_ath_tx/sys/dev/ath/README-crypto
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ user/adrian/if_ath_tx/sys/dev/ath/README-crypto	Sun Sep 25 02:41:50 2011	(r225747)
@@ -0,0 +1,56 @@
+Crypto related issues
+:
+
+eg, on the hostap (ar9160) from an AR5416 STA.
+iperf tcp - client on STA, server on box behind hostap.
+
+ccmp_decap: whoa there, talk about whacked.
+ccmp_decap: ic_flags=0x000c2408
+ccmp_decap: tid=16, keyix=5, wk_rxkeyix=5
+TODS 00:23:6c:bf:38:3e->00:1b:b1:58:f6:f0(00:1b:b1:58:f6:f0) data WEP [IV a6 3e 00 e4 17 00 KID 0]
+ 0841 3c00 001b b158 f6f0 0023 6cbf 383e 001b b158 f6f0 2015 a63e 0020 e417 0000 aaaa 0300 0000 888e 0103 005f 0203 0200 0000 0000 0000 0000 cb00 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0
+000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0069 4b5f 5689 d8de 3fda d3e2 7be3 ceaa 8b00 0079 ced4 2296 60bc ac
+
+.. then later:
+
+ccmp_decap: whoa there, talk about whacked.
+ccmp_decap: ic_flags=0x000c2408
+ccmp_decap: tid=0, keyix=5, wk_rxkeyix=5
+TODS 00:23:6c:bf:38:3e->00:1c:c0:43:87:2b(00:1b:b1:58:f6:f0) data QoS [TID 0] WEP [IV 88 09 00 11 19 00 KID 0]
+ 8849 2c00 001b b158 f6f0 0023 6cbf 383e 001c c043 872b 308b 0000 3000 8809 0020 1119 0066 d9a3 41da 6979 a898 3a05 495f 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3
+637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 383
+9 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031
+3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 34
+35 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637
+ 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3
+031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 323
+3 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435
+3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 38
+39 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031
+ 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 3839 3031 3233 3435 3637 6a98 32d1 0a13 ee7b
+wlan0: [00:23:6c:bf:38:3e] discard MPDU frame, BA win <2228:2291> (4 frames) rxseq 2227 tid 0 (retransmit)
+wlan0: [00:23:6c:bf:38:3e] discard MPDU frame, BA win <2236:2299> (3 frames) rxseq 2235 tid 0 (retransmit)
+
+.. then later:
+
+ccmp_decap: whoa there, talk about whacked.
+ccmp_decap: ic_flags=0x000c2408
+ccmp_decap: tid=16, keyix=5, wk_rxkeyix=5
+TODS 00:23:6c:bf:38:3e->00:1b:b1:58:f6:f0(00:1b:b1:58:f6:f0) data WEP [IV 2a 0a 00 11 19 00 KID 0]
+ 0841 3c00 001b b158 f6f0 0023 6cbf 383e 001b b158 f6f0 601b 2a0a 0020 1119 0000 aaaa 0300 0000 888e 0103 005f 0203 0200 0000 0000 0000 0000 d700 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0
+000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 00af 015a 18af 9806 7015 56e0 a174 c423 d000 0098 73cc c4a6 13d9 99
+
+.. at which point the traffic had stopped hard; the RX side was discarding
+frames due to failing CCMP replay.
+
+wlan0: [00:23:6c:bf:38:3e] AES-CCM replay detected <rsc 420547143, csc 112150606580104, keyix 5 rxkeyix 5>
+wlan0: [00:23:6c:bf:38:3e] AES-CCM replay detected <rsc 420547144, csc 112150606580104, keyix 5 rxkeyix 5>
+wlan0: [00:23:6c:bf:38:3e] AES-CCM replay detected <rsc 420547145, csc 112150606580104, keyix 5 rxkeyix 5>
+wlan0: [00:23:6c:bf:38:3e] AES-CCM replay detected <rsc 420547146, csc 112150606580104, keyix 5 rxkeyix 5>
+wlan0: [00:23:6c:bf:38:3e] AES-CCM replay detected <rsc 420547147, csc 112150606580104, keyix 5 rxkeyix 5>
+
+
+(after crypto debugging had been enabled on the RX side, to see what was going on.)
+
+So the question here - why is it that the crypto IV suddenly was invalid
+for one frame? Is it an RX or TX problem?

More information about the svn-src-user mailing list