qcacmn: fix dp_vdev use after free caused by racing condition
crash scenario:
a. dp_peer_unref_delete remove peer from vdev->peer_list.
b. dp_vdev_detach_wifi3 skip setting vdev->delete.pending as
vdev->peer_list is empty, dp_vdev is freed.
c. dp_peer_unref_delete still try to access dp_vdev after first
peer_ref_mutex released, invalid accessing happened.
solution:
a. Get vdev member like vdev->delete.pending flag within
first peer_ref_mutex in dp_peer_unref_delete to avoid vdev freed.
b. Separate dp_reset_and_release_peer_mem function into two function
dp_vdev_reset_peer/dp_peer_release_mem, dp__vdev_reset_peer
will be invoked within first peer_ref_mutex. after first
peer_ref_mutex is released, invoke dp_peer_release_mem since dp_soc
->cdp_soc.ol_ops->peer_unref_delete should be outside of
peer_ref_mutex in case deadlock issue reported from WIN.
Change-Id: I90f3b139030c5ce399d85723ae4f67ce0faf4b28
CRs-Fixed: 2568256
1 file changed