From: Martin Kaiser <martin@kaiser.cx>
Date: Sun, 8 May 2022 16:14:51 +0000 (+0200)
Subject: staging: r8188eu: read back action code from ieee80211_mgmt
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=073d44eaccf07ffbc48e941c62ccd95324df93bf;p=linux.git

staging: r8188eu: read back action code from ieee80211_mgmt

Read the back action code from struct ieee80211_mgmt.

struct ieee80211_mgmt contains an "action" union. Each of its members
starts with an 8-bit action code. Treat the union as addba_req when we
read the action code although we do not yet know if it is an addba_req.
This approach is similar to ieee80211_iface_process_skb.

Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Link: https://lore.kernel.org/r/20220508161451.115847-6-martin@kaiser.cx
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/drivers/staging/r8188eu/core/rtw_mlme_ext.c b/drivers/staging/r8188eu/core/rtw_mlme_ext.c
index 2a7b85aefa562..8a9236ba7c662 100644
--- a/drivers/staging/r8188eu/core/rtw_mlme_ext.c
+++ b/drivers/staging/r8188eu/core/rtw_mlme_ext.c
@@ -1471,7 +1471,6 @@ unsigned int OnAction_back(struct adapter *padapter, struct recv_frame *precv_fr
 	struct sta_info *psta = NULL;
 	struct recv_reorder_ctrl *preorder_ctrl;
 	unsigned char		*frame_body;
-	unsigned char		action;
 	unsigned short	tid, status;
 	struct mlme_ext_priv	*pmlmeext = &padapter->mlmeextpriv;
 	struct mlme_ext_info	*pmlmeinfo = &pmlmeext->mlmext_info;
@@ -1494,8 +1493,8 @@ unsigned int OnAction_back(struct adapter *padapter, struct recv_frame *precv_fr
 
 	if (!pmlmeinfo->HT_enable)
 		return _SUCCESS;
-	action = frame_body[1];
-	switch (action) {
+	/* All union members start with an action code, it's ok to use addba_req. */
+	switch (mgmt->u.action.u.addba_req.action_code) {
 	case WLAN_ACTION_ADDBA_REQ:
 		memcpy(&pmlmeinfo->ADDBA_req, &frame_body[2], sizeof(struct ADDBA_request));
 		process_addba_req(padapter, (u8 *)&pmlmeinfo->ADDBA_req, mgmt->sa);