lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 17 Jan 2007 12:38:44 -0500
From:	Brandon Craig Rhodes <>
To:	Larry Finger <>
Subject: Re: TKIP encryption should allocate enough tailroom

Larry Finger <> writes:

> Brandon Craig Rhodes wrote:
>> Having further reviewed my code, I have changed my mind; the
>> ieee80211_crypt_tkip routines are not designed to be responsible for
>> creating enough headroom and tailroom.  The "hostap" driver should be
>> doing this.
> This makes sense. I have used the bcm43xx driver with WPA-PSK TKIP
> encryption for at least a year, and I have never seen this error.

>From what I can tell, even people using the "hostap" driver never see
this error!  The kernel must allocate such large skb's in normal
operation that there is always more than enough tailroom for twelve
bytes of TKIP encryption.

In my case, packets are arriving on the physical machine from a Xen
virtual machine that the physical machine is hosting.  The Xen code
receiving the packets must allocate much tighter skb's than does the
normal kernel code that receives packets from hardware.  (Perhaps
because Xen knows the packet size ahead of time, whereas hardware
drivers do not?)  Searching for the error message:

 kernel: Invalid packet for Michael MIC add (tailroom=6 hdr_len=24 skb->len=92)

on Google returned, if I recall, only references to the kernel source
code itself - which always gives me the sinking feeling that I've
gotten myself into a configuration shared with no one else on earth!

Brandon Craig Rhodes
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists