wlan: Memory leak in cfg80211
In sta+p2p cases, wpa_supplicant tries to setup connection without
knowing wlan driver is unloading by calling cfg80211 to update
bss info, causing memory leak
Change-Id: Ib5b3aa77dfa91657861f4818960b686df05f02ad
CRs-fixed: 545745
diff --git a/CORE/HDD/src/wlan_hdd_cfg80211.c b/CORE/HDD/src/wlan_hdd_cfg80211.c
index f925dd9..718f885 100644
--- a/CORE/HDD/src/wlan_hdd_cfg80211.c
+++ b/CORE/HDD/src/wlan_hdd_cfg80211.c
@@ -4086,14 +4086,40 @@
struct cfg80211_bss *bss_status = NULL;
size_t frame_len = sizeof (struct ieee80211_mgmt) + ie_length;
int rssi = 0;
+ hdd_context_t *pHddCtx;
+ int status;
#ifdef WLAN_OPEN_SOURCE
struct timespec ts;
#endif
ENTER();
- if (!mgmt)
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+ status = wlan_hdd_validate_context(pHddCtx);
+
+ /*bss_update is not allowed during wlan driver loading or unloading*/
+ if (pHddCtx->isLoadUnloadInProgress)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s:Loading_unloading in Progress. Ignore!!!",__func__);
+ return NULL;
+ }
+
+
+ if (0 != status)
+ {
+ VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: HDD context is not valid", __func__);
return NULL;
+ }
+
+
+ if (!mgmt)
+ {
+ VOS_TRACE( VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s: memory allocation failed ", __func__);
+ return NULL;
+ }
memcpy(mgmt->bssid, bss_desc->bssId, ETH_ALEN);
@@ -4251,15 +4277,29 @@
eHalStatus status = 0;
tScanResultHandle pResult;
struct cfg80211_bss *bss_status = NULL;
+ hdd_context_t *pHddCtx;
ENTER();
- if ((WLAN_HDD_GET_CTX(pAdapter))->isLogpInProgress)
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+
+ if (pHddCtx->isLogpInProgress)
{
- VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL, "%s:LOGP in Progress. Ignore!!!",__func__);
- return -EAGAIN;
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_FATAL,
+ "%s:LOGP in Progress. Ignore!!!",__func__);
+ return -EAGAIN;
}
+
+ /*bss_update is not allowed during wlan driver loading or unloading*/
+ if (pHddCtx->isLoadUnloadInProgress)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s:Loading_unloading in Progress. Ignore!!!",__func__);
+ return VOS_STATUS_E_PERM;
+ }
+
+
/*
* start getting scan results and populate cgf80211 BSS database
*/
diff --git a/CORE/HDD/src/wlan_hdd_softap_tx_rx.c b/CORE/HDD/src/wlan_hdd_softap_tx_rx.c
index e8c7c7d..9c35a68 100644
--- a/CORE/HDD/src/wlan_hdd_softap_tx_rx.c
+++ b/CORE/HDD/src/wlan_hdd_softap_tx_rx.c
@@ -1693,8 +1693,18 @@
VOS_STATUS hdd_softap_stop_bss( hdd_adapter_t *pAdapter)
{
+ hdd_context_t *pHddCtx;
VOS_STATUS vosStatus = VOS_STATUS_E_FAILURE;
v_U8_t staId = 0;
+ pHddCtx = WLAN_HDD_GET_CTX(pAdapter);
+
+ /*bss deregister is not allowed during wlan driver loading or unloading*/
+ if (pHddCtx->isLoadUnloadInProgress)
+ {
+ VOS_TRACE(VOS_MODULE_ID_HDD, VOS_TRACE_LEVEL_ERROR,
+ "%s:Loading_unloading in Progress. Ignore!!!",__func__);
+ return VOS_STATUS_E_PERM;
+ }
vosStatus = hdd_softap_Deregister_BC_STA( pAdapter);