update kernel to 5.10.198

hc

2024-01-03 2f7c68cb55ecb7331f2381deb497c27155f32faf

 kernel/drivers/net/wireless/marvell/mwifiex/tdls.c
..
..
@@ -735,6 +735,7 @@
735
735
 	int ret;
736
736
 	u16 capab;
737
737
 	struct ieee80211_ht_cap *ht_cap;
738
+	unsigned int extra;
738
739
 	u8 radio, *pos;
739
740
 
740
741
 	capab = priv->curr_bss_params.bss_descriptor.cap_info_bitmap;
..
..
@@ -753,7 +754,10 @@
753
754
 
754
755
 	switch (action_code) {
755
756
 	case WLAN_PUB_ACTION_TDLS_DISCOVER_RES:
756
-		skb_put(skb, sizeof(mgmt->u.action.u.tdls_discover_resp) + 1);
757
+		/* See the layout of 'struct ieee80211_mgmt'. */
758
+		extra = sizeof(mgmt->u.action.u.tdls_discover_resp) +
759
+			sizeof(mgmt->u.action.category);
760
+		skb_put(skb, extra);
757
761
 		mgmt->u.action.category = WLAN_CATEGORY_PUBLIC;
758
762
 		mgmt->u.action.u.tdls_discover_resp.action_code =
759
763
 					      WLAN_PUB_ACTION_TDLS_DISCOVER_RES;
..
..
@@ -762,8 +766,7 @@
762
766
 		mgmt->u.action.u.tdls_discover_resp.capability =
763
767
 							     cpu_to_le16(capab);
764
768
 		/* move back for addr4 */
765
-		memmove(pos + ETH_ALEN, &mgmt->u.action.category,
766
-			sizeof(mgmt->u.action.u.tdls_discover_resp));
769
+		memmove(pos + ETH_ALEN, &mgmt->u.action, extra);
767
770
 		/* init address 4 */
768
771
 		eth_broadcast_addr(pos);
769
772