Commit 740676ac authored by Johannes Berg's avatar Johannes Berg Committed by Stefan Bader

mac80211: fix radiotap vendor presence bitmap handling

BugLink: https://bugs.launchpad.net/bugs/1818813

[ Upstream commit efc38dd7 ]

Due to the alignment handling, it actually matters where in the code
we add the 4 bytes for the presence bitmap to the length; the first
field is the timestamp with 8 byte alignment so we need to add the
space for the extra vendor namespace presence bitmap *before* we do
any alignment for the fields.

Move the presence bitmap length accounting to the right place to fix
the alignment for the data properly.
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
Signed-off-by: default avatarLuca Coelho <luciano.coelho@intel.com>
Signed-off-by: default avatarJohannes Berg <johannes.berg@intel.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarJuerg Haefliger <juergh@canonical.com>
Signed-off-by: default avatarKhalid Elmously <khalid.elmously@canonical.com>
parent 0f2e4457
...@@ -149,6 +149,9 @@ ieee80211_rx_radiotap_hdrlen(struct ieee80211_local *local, ...@@ -149,6 +149,9 @@ ieee80211_rx_radiotap_hdrlen(struct ieee80211_local *local,
/* allocate extra bitmaps */ /* allocate extra bitmaps */
if (status->chains) if (status->chains)
len += 4 * hweight8(status->chains); len += 4 * hweight8(status->chains);
/* vendor presence bitmap */
if (status->flag & RX_FLAG_RADIOTAP_VENDOR_DATA)
len += 4;
if (ieee80211_have_rx_timestamp(status)) { if (ieee80211_have_rx_timestamp(status)) {
len = ALIGN(len, 8); len = ALIGN(len, 8);
...@@ -185,8 +188,6 @@ ieee80211_rx_radiotap_hdrlen(struct ieee80211_local *local, ...@@ -185,8 +188,6 @@ ieee80211_rx_radiotap_hdrlen(struct ieee80211_local *local,
if (status->flag & RX_FLAG_RADIOTAP_VENDOR_DATA) { if (status->flag & RX_FLAG_RADIOTAP_VENDOR_DATA) {
struct ieee80211_vendor_radiotap *rtap = (void *)skb->data; struct ieee80211_vendor_radiotap *rtap = (void *)skb->data;
/* vendor presence bitmap */
len += 4;
/* alignment for fixed 6-byte vendor data header */ /* alignment for fixed 6-byte vendor data header */
len = ALIGN(len, 2); len = ALIGN(len, 2);
/* vendor data header */ /* vendor data header */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment