qcacld-3.0: Remove unlink BSS from CSA handler
Kernel includes the BSS entry in to the following
data structures.
1. bss list rdev->bss_list
2. bss search tree rdev->bss_tree
It also stores the pointer of the connected bss in
“current_bss” .
If the driver does an unlink of the bss it deletes
the entries from the above data structures,
but does not update the current_bss data structure.
This leaves the current_bss pointing to the
previous deleted bss entry.
Thus, when the next set of newly found bss entries
start finding for the bss entries in the bss_tree,
the comparison with the already freed bss entry
above shall lead to an invalid access.
Fix is to remove unlink BSS from the channel change
notify path as the kernel can take care of it.
Change-Id: Ic0dfa6423db169e63ac80cd5a0f3ce05f0438c5d
CRs-Fixed: 2673629
1 file changed