wifi: mac80211: move action length check up

We'd like to add more checks to the function here for
action frames, so move up the length check from the
action processing.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Gregory Greenman <gregory.greenman@intel.com>
Link: https://lore.kernel.org/r/20230619161906.e799254e923f.I0a1de5f6bbdc1b2ef5efaa0ac80c7c3f39415538@changeid
Signed-off-by: Johannes Berg <johannes.berg@intel.com>

diff --git a/net/mac80211/rx.c b/net/mac80211/rx.c
index 1d2e7a6..e35d6ba 100644 (file)
--- a/net/mac80211/rx.c
+++ b/net/mac80211/rx.c
@@ -3363,6 +3363,11 @@ ieee80211_rx_h_mgmt_check(struct ieee80211_rx_data *rx)
        if (!ieee80211_is_mgmt(mgmt->frame_control))
                return RX_DROP_MONITOR;
 
+       /* drop too small action frames */
+       if (ieee80211_is_action(mgmt->frame_control) &&
+           rx->skb->len < IEEE80211_MIN_ACTION_SIZE)
+               return RX_DROP_UNUSABLE;
+
        if (rx->sdata->vif.type == NL80211_IFTYPE_AP &&
            ieee80211_is_beacon(mgmt->frame_control) &&
            !(rx->flags & IEEE80211_RX_BEACON_REPORTED)) {
@@ -3452,10 +3457,6 @@ ieee80211_rx_h_action(struct ieee80211_rx_data *rx)
        if (!ieee80211_is_action(mgmt->frame_control))
                return RX_CONTINUE;
 
-       /* drop too small frames */
-       if (len < IEEE80211_MIN_ACTION_SIZE)
-               return RX_DROP_UNUSABLE;
-
        if (!rx->sta && mgmt->u.action.category != WLAN_CATEGORY_PUBLIC &&
            mgmt->u.action.category != WLAN_CATEGORY_SELF_PROTECTED &&
            mgmt->u.action.category != WLAN_CATEGORY_SPECTRUM_MGMT)