diff --git a/drivers/net/wireless/mwifiex/fw.h b/drivers/net/wireless/mwifiex/fw.h index d8014c87d470054ccaf0ab97c0885c55e403d7ed..9b267901832ac5076993a606c6bef1b598f3d1c3 100644 --- a/drivers/net/wireless/mwifiex/fw.h +++ b/drivers/net/wireless/mwifiex/fw.h @@ -1047,9 +1047,7 @@ struct host_cmd_ds_rf_ant_siso { __le16 ant_mode; }; -struct mwifiex_bcn_param { - u8 bssid[ETH_ALEN]; - u8 rssi; +struct mwifiex_fixed_bcn_param { __le64 timestamp; __le16 beacon_period; __le16 cap_info_bitmap; diff --git a/drivers/net/wireless/mwifiex/scan.c b/drivers/net/wireless/mwifiex/scan.c index 0a8a26e10f01a421361a5872065954a8ae79c614..b0be830aa3426d2395594e4abd07aee9d067cf4a 100644 --- a/drivers/net/wireless/mwifiex/scan.c +++ b/drivers/net/wireless/mwifiex/scan.c @@ -1689,7 +1689,7 @@ int mwifiex_ret_802_11_scan(struct mwifiex_private *priv, u16 cap_info_bitmap; u8 *current_ptr; u64 timestamp; - struct mwifiex_bcn_param *bcn_param; + struct mwifiex_fixed_bcn_param *bcn_param; struct mwifiex_bss_priv *bss_priv; if (bytes_left >= sizeof(beacon_size)) { @@ -1716,25 +1716,30 @@ int mwifiex_ret_802_11_scan(struct mwifiex_private *priv, curr_bcn_bytes = beacon_size; - /* - * First 5 fields are bssid, RSSI, time stamp, beacon interval, - * and capability information + /* First 5 fields are bssid, RSSI(for legacy scan only), + * time stamp, beacon interval, and capability information */ - if (curr_bcn_bytes < sizeof(struct mwifiex_bcn_param)) { + if (curr_bcn_bytes < ETH_ALEN + sizeof(u8) + + sizeof(struct mwifiex_fixed_bcn_param)) { dev_err(adapter->dev, "InterpretIE: not enough bytes left\n"); continue; } - bcn_param = (struct mwifiex_bcn_param *)current_ptr; - current_ptr += sizeof(*bcn_param); - curr_bcn_bytes -= sizeof(*bcn_param); - memcpy(bssid, bcn_param->bssid, ETH_ALEN); + memcpy(bssid, current_ptr, ETH_ALEN); + current_ptr += ETH_ALEN; + curr_bcn_bytes -= ETH_ALEN; - rssi = (s32) bcn_param->rssi; + rssi = (s32) *(u8 *)current_ptr; rssi = (-rssi) * 100; /* Convert dBm to mBm */ + current_ptr += sizeof(u8); + curr_bcn_bytes -= sizeof(u8); dev_dbg(adapter->dev, "info: InterpretIE: RSSI=%d\n", rssi); + bcn_param = (struct mwifiex_fixed_bcn_param *)current_ptr; + current_ptr += sizeof(*bcn_param); + curr_bcn_bytes -= sizeof(*bcn_param); + timestamp = le64_to_cpu(bcn_param->timestamp); beacon_period = le16_to_cpu(bcn_param->beacon_period);