wlan: Fix bss ref leak in wlan_hdd_cfg80211_update_bss_list
When cfg80211_get_bss return bss entry it take a ref count and its
responsibility of the caller to free it.
So Decrement ref count of the bss once used in
wlan_hdd_cfg80211_update_bss_list.
Change-Id: I8457391e437558c15a4c3a9573591eef45d99e2c
CRs-Fixed: 2421598
diff --git a/CORE/HDD/src/wlan_hdd_assoc.c b/CORE/HDD/src/wlan_hdd_assoc.c
index f7ce1b8..aa6bf28 100644
--- a/CORE/HDD/src/wlan_hdd_assoc.c
+++ b/CORE/HDD/src/wlan_hdd_assoc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012-2018 The Linux Foundation. All rights reserved.
+ * Copyright (c) 2012-2019 The Linux Foundation. All rights reserved.
*
* Previously licensed under the ISC license by Qualcomm Atheros, Inc.
*
@@ -1872,7 +1872,7 @@
/* clear scan cache for Link Lost */
if (pRoamInfo && !pRoamInfo->reasonCode &&
(eCSR_ROAM_LOSTLINK == roamStatus)) {
- wlan_hdd_cfg80211_update_bss_list(pAdapter,
+ wlan_hdd_cfg80211_unlink_bss(pAdapter,
pHddStaCtx->conn_info.bssId);
sme_remove_bssid_from_scan_list(pHddCtx->hHal,
pHddStaCtx->conn_info.bssId);
@@ -2668,7 +2668,7 @@
((eSIR_SME_JOIN_TIMEOUT_RESULT_CODE == pRoamInfo->statusCode) ||
(eSIR_SME_AUTH_TIMEOUT_RESULT_CODE == pRoamInfo->statusCode) ||
(eSIR_SME_ASSOC_TIMEOUT_RESULT_CODE == pRoamInfo->statusCode)))) {
- wlan_hdd_cfg80211_update_bss_list(pAdapter,
+ wlan_hdd_cfg80211_unlink_bss(pAdapter,
pRoamInfo ? pRoamInfo->bssid : pWextState->req_bssId);
sme_remove_bssid_from_scan_list(pHddCtx->hHal,
pRoamInfo ? pRoamInfo->bssid : pWextState->req_bssId);
diff --git a/CORE/HDD/src/wlan_hdd_cfg80211.c b/CORE/HDD/src/wlan_hdd_cfg80211.c
index 80fadbb..6cc8c65 100644
--- a/CORE/HDD/src/wlan_hdd_cfg80211.c
+++ b/CORE/HDD/src/wlan_hdd_cfg80211.c
@@ -14247,16 +14247,7 @@
rssi, GFP_KERNEL );
}
-/*
- * wlan_hdd_cfg80211_update_bss_list :to inform nl80211
- * interface that BSS might have been lost.
- * @pAdapter: adaptor
- * @bssid: bssid which might have been lost
- *
- * Return: bss which is unlinked from kernel cache
- */
-struct cfg80211_bss* wlan_hdd_cfg80211_update_bss_list(
- hdd_adapter_t *pAdapter, tSirMacAddr bssid)
+void wlan_hdd_cfg80211_unlink_bss(hdd_adapter_t *pAdapter, tSirMacAddr bssid)
{
struct net_device *dev = pAdapter->dev;
struct wireless_dev *wdev = dev->ieee80211_ptr;
@@ -14266,14 +14257,15 @@
bss = hdd_get_bss_entry(wiphy,
NULL, bssid,
NULL, 0);
- if (bss == NULL) {
+ if (!bss) {
hddLog(LOGE, FL("BSS not present"));
} else {
hddLog(LOG1, FL("cfg80211_unlink_bss called for BSSID "
MAC_ADDRESS_STR), MAC_ADDR_ARRAY(bssid));
cfg80211_unlink_bss(wiphy, bss);
+ /* cfg80211_get_bss get bss with ref count so release it */
+ cfg80211_put_bss(wiphy, bss);
}
- return bss;
}