qcacld-3.0: sanitize the mode and state in testmode handler

This is to fix a null pointer dereference in testmode handler.

In the case of driver is close state, userspace still sends testmode
command to the callback, where the hdd_ctx->pdev is already deallocated,
and reset to NULL that causes a null pointer reference.

The failure callstack as below.

012|QDF_DEBUG_PANIC()
013|wlan_objmgr_pdev_get_comp_private_obj(pdev=null)
014|wlan_cfg80211_ftm_testmode_cmd()
015|__wlan_hdd_cfg80211_testmode(inline)

Change-Id: I26cb132a3f5b2eb9cd83892a80bea25a8d511962
CRs-fixed: 2261847

core/hdd/src/wlan_hdd_cfg80211.c

@@ -21412,6 +21412,11 @@ static int __wlan_hdd_cfg80211_testmode(struct wiphy *wiphy,
 	if (err)
 		return err;
 
+	if (hdd_ctx->driver_status == DRIVER_MODULES_CLOSED) {
+		hdd_err("Driver Modules are closed");
+		return -EINVAL;
+	}
+
 	err = wlan_cfg80211_nla_parse(tb, WLAN_HDD_TM_ATTR_MAX, data,
 				      len, wlan_hdd_tm_policy);
 	if (err) {
@@ -21481,6 +21486,12 @@ static int __wlan_hdd_cfg80211_testmode(struct wiphy *wiphy,
 #if  defined(QCA_WIFI_FTM)
 	case WLAN_HDD_TM_CMD_WLAN_FTM:
 	{
+		if (QDF_GLOBAL_FTM_MODE != hdd_get_conparam()) {
+			hdd_err("Command not allowed in FTM mode, mode %d",
+				hdd_get_conparam());
+			return -EINVAL;
+		}
+
 		err = wlan_cfg80211_ftm_testmode_cmd(hdd_ctx->hdd_pdev,
 						     data, len);
 		break;