mac80211: Properly access radiotap vendor data

The radiotap vendor data might be placed after some other
radiotap elements, and thus when accessing it, need to access
the correct offset in the skb data. Fix the code accordingly.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
Signed-off-by: Luca Coelho <luciano.coelho@intel.com>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index c90904c..b33d371 100644 (file)
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -762,8 +762,12 @@ ieee80211_rx_monitor(struct ieee80211_local *local, struct sk_buff *origskb,
        if (status->flag & RX_FLAG_RADIOTAP_HE_MU)
                rtap_space += sizeof(struct ieee80211_radiotap_he_mu);
 
+       if (status->flag & RX_FLAG_RADIOTAP_LSIG)
+               rtap_space += sizeof(struct ieee80211_radiotap_lsig);
+
        if (unlikely(status->flag & RX_FLAG_RADIOTAP_VENDOR_DATA)) {
-               struct ieee80211_vendor_radiotap *rtap = (void *)origskb->data;
+               struct ieee80211_vendor_radiotap *rtap =
+                       (void *)(origskb->data + rtap_space);
 
                rtap_space += sizeof(*rtap) + rtap->len + rtap->pad;
        }