From 19fa32351f2735a8832798effd472a9f3f021ea8 Mon Sep 17 00:00:00 2001
From: Disha Das <dishad@codeaurora.org>
Date: Fri, 16 Feb 2018 14:58:19 +0530
Subject: [PATCH] qcacmn: Set mpdu data ptr correctly

Handle mpdu data pointer for PMF frames based on EXT IV bit

Change-Id: I7c1b585a538402ae784985852c873537c0e4eb86
---
 .../cmn_defs/inc/wlan_cmn_ieee80211.h          |  3 +++
 .../crypto/src/wlan_crypto_global_api.c        |  3 ++-
 .../dispatcher/src/wlan_mgmt_txrx_tgt_api.c    | 18 ++++++++++++++----
 3 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/umac/cmn_services/cmn_defs/inc/wlan_cmn_ieee80211.h b/umac/cmn_services/cmn_defs/inc/wlan_cmn_ieee80211.h
index 9fa2fd683d..b3e53b4ed6 100644
--- a/umac/cmn_services/cmn_defs/inc/wlan_cmn_ieee80211.h
+++ b/umac/cmn_services/cmn_defs/inc/wlan_cmn_ieee80211.h
@@ -28,6 +28,9 @@
 #define IEEE80211_CCMP_HEADERLEN    8
 #define IEEE80211_CCMP_MICLEN       8
 #define IEEE80211_FC1_WEP           0x40
+#define WLAN_HDR_IV_LEN            3
+#define WLAN_HDR_EXT_IV_BIT        0x20
+#define WLAN_HDR_EXT_IV_LEN        4
 
 #define WLAN_SEQ_SEQ_SHIFT 4
 
diff --git a/umac/cmn_services/crypto/src/wlan_crypto_global_api.c b/umac/cmn_services/crypto/src/wlan_crypto_global_api.c
index 49df0613f8..6660232768 100644
--- a/umac/cmn_services/crypto/src/wlan_crypto_global_api.c
+++ b/umac/cmn_services/crypto/src/wlan_crypto_global_api.c
@@ -779,7 +779,8 @@ QDF_STATUS wlan_crypto_delkey(struct wlan_objmgr_vdev *vdev,
 	if (!vdev || !macaddr ||
 		(key_idx >
 			(WLAN_CRYPTO_MAXKEYIDX + WLAN_CRYPTO_MAXIGTKKEYIDX))) {
-		qdf_print("%s[%d] Invalid params vdev %pK, macaddr %pK"
+			QDF_TRACE(QDF_MODULE_ID_CRYPTO, QDF_TRACE_LEVEL_ERROR,
+				"%s[%d] Invalid params vdev %pK, macaddr %pK"
 					"keyidx %d\n", __func__, __LINE__, vdev,
 					macaddr, key_idx);
 		return QDF_STATUS_E_INVAL;
diff --git a/umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_tgt_api.c b/umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_tgt_api.c
index fb5dcf1667..a171f0e03b 100644
--- a/umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_tgt_api.c
+++ b/umac/cmn_services/mgmt_txrx/dispatcher/src/wlan_mgmt_txrx_tgt_api.c
@@ -846,6 +846,8 @@ QDF_STATUS tgt_mgmt_txrx_rx_frame_handler(
 	enum mgmt_frame_type frm_type;
 	struct mgmt_rx_handler *rx_handler;
 	struct mgmt_rx_handler *rx_handler_head = NULL, *rx_handler_tail = NULL;
+	u_int8_t *data, *ivp = NULL;
+	uint16_t buflen;
 	QDF_STATUS status = QDF_STATUS_SUCCESS;
 
 	if (!buf) {
@@ -859,7 +861,12 @@ QDF_STATUS tgt_mgmt_txrx_rx_frame_handler(
 		return QDF_STATUS_E_INVAL;
 	}
 
-	wh = (struct ieee80211_frame *)qdf_nbuf_data(buf);
+	data = (uint8_t *)qdf_nbuf_data(buf);
+	wh = (struct ieee80211_frame *)data;
+	buflen = qdf_nbuf_len(buf);
+
+	if (buflen > (sizeof(struct ieee80211_frame) + WLAN_HDR_EXT_IV_LEN))
+		ivp = data + sizeof(struct ieee80211_frame);
 
 	/* peer can be NULL in following 2 scenarios:
 	 * 1. broadcast frame received
@@ -897,10 +904,13 @@ QDF_STATUS tgt_mgmt_txrx_rx_frame_handler(
 	mpdu_data_ptr = (uint8_t *)qdf_nbuf_data(buf) +
 			sizeof(struct ieee80211_frame);
 	if ((wh->i_fc[1] & IEEE80211_FC1_WEP) &&
-	    (mgmt_subtype == MGMT_SUBTYPE_ACTION) &&
 	    !qdf_is_macaddr_group((struct qdf_mac_addr *)wh->i_addr1) &&
-	    !qdf_is_macaddr_broadcast((struct qdf_mac_addr *)wh->i_addr1))
-		mpdu_data_ptr += IEEE80211_CCMP_HEADERLEN;
+	    !qdf_is_macaddr_broadcast((struct qdf_mac_addr *)wh->i_addr1)) {
+		if (ivp[WLAN_HDR_IV_LEN] & WLAN_HDR_EXT_IV_BIT)
+			mpdu_data_ptr += IEEE80211_CCMP_HEADERLEN;
+		else
+			mpdu_data_ptr += WLAN_HDR_EXT_IV_LEN;
+	}
 
 	frm_type = mgmt_txrx_get_frm_type(mgmt_subtype, mpdu_data_ptr);
 	if (frm_type == MGMT_FRM_UNSPECIFIED) {