Am 12.10.2016 14:25, schrieb Johannes Berg:
So, I actually think my first instinct that you were erroneously
changing the inner header *was* right.
You're right.
Seems like this code should be inserted towards the end of
ieee80211_amsdu_aggregate() instead, where it's adding the RFC 1042
header?
I'm not convinced.
ieee80211_amsdu_aggregate handles two skbs: the "skb" var and the "head"
var.
The skb is appended to the frag list of head by setting frag_tail and
does not appear to have an ieee80211_hdr, as memmove is only 2 *
ETH_ALEN. Additionally, the rfc1042_header is written after 2 bytes
containing subframe_len, so it looks like an A-MSDU subframe with
rfc1042_header is inserted at the beginning of the inner MSDU.
Only the head skb is processed by ieee80211_amsdu_prepare_head and
appears to have an 802.11 header. So its da/sa address should be
changed.
Regards,
M. Braun
