qcacld-2.0: Restore 802.11 header pointer for PMF case

In PMF case CCMP header and trailers of rx management frames are stripped out. After stripping security headers we are using old 802.11 header pointer, this is resulting in invalid dereference to 802.11 header fields. Restore 802.11 header pointer after security headers are stripped out in case of PMF. Change-Id: I6a26dbb0707b7981ea091526d1e49dc5bf8c9e91 CRs-Fixed: 1024097
2024-11-01 02:21:16 +00:00 · 2016-06-03 16:53:25 +05:30 · 2016-06-03 16:53:25 +05:30 · 74ddae80eb
commit 74ddae80eb
parent 2841d21310
1 changed files with 4 additions and 0 deletions
--- a/drivers/net/wireless/qcacld-2.0/CORE/CLD_TXRX/TLSHIM/tl_shim.c
+++ b/drivers/net/wireless/qcacld-2.0/CORE/CLD_TXRX/TLSHIM/tl_shim.c
@ -827,6 +827,10 @@ static int tlshim_mgmt_rx_process(void *context, u_int8_t *data,
 				adf_nbuf_pull_head(wbuf, IEEE80211_CCMP_HEADERLEN);
 				adf_nbuf_trim_tail(wbuf, IEEE80211_CCMP_MICLEN);

+				/* wh is moved, restore wh with relocated
+				 * ieee80211_frame header.
+				 */
+				wh = (struct ieee80211_frame *) adf_nbuf_data(wbuf);
 				rx_pkt->pkt_meta.mpdu_hdr_ptr = adf_nbuf_data(wbuf);
 				rx_pkt->pkt_meta.mpdu_len = adf_nbuf_len(wbuf);
 				rx_pkt->pkt_meta.mpdu_data_len =