qcacld-3.0: Flush previous cac work before starting a new pre cac

Currently, previous pre_cac work is not being flushed before starting
a new pre_cac work. This may result in use after free access if a
new pre_cac request comes when cleanup in progress for previous
pre_cac work.

To avoid this, flush existing pre_cac work before handling a new
pre_cac request.

Change-Id: I2da535acce8b4a097214597bbc2169ca5521db57
CRs-Fixed: 2841644

core/hdd/src/wlan_hdd_hostapd.c

@@ -1134,7 +1134,6 @@ static void __wlan_hdd_sap_pre_cac_success(struct hdd_adapter *adapter)
 		return;
 	}
 
-	wlan_hdd_release_intf_addr(hdd_ctx, adapter->mac_addr.bytes);
 	hdd_stop_adapter(hdd_ctx, adapter);
 
 	/* Prepare to switch AP from 2.4GHz channel to the pre CAC channel */

core/hdd/src/wlan_hdd_sap_cond_chan_switch.c

@@ -181,6 +181,14 @@ static int __wlan_hdd_request_pre_cac(struct hdd_context *hdd_ctx,
 	mac_handle_t mac_handle;
 	bool val;
 
+	pre_cac_adapter = hdd_get_adapter_by_iface_name(hdd_ctx,
+							SAP_PRE_CAC_IFNAME);
+	if (pre_cac_adapter) {
+		/* Flush existing pre_cac work */
+		if (hdd_ctx->sap_pre_cac_work.fn)
+			cds_flush_work(&hdd_ctx->sap_pre_cac_work);
+	}
+
 	if (policy_mgr_get_connection_count(hdd_ctx->psoc) > 1) {
 		hdd_err("pre cac not allowed in concurrency");
 		return -EINVAL;
@@ -229,8 +237,6 @@ static int __wlan_hdd_request_pre_cac(struct hdd_context *hdd_ctx,
 
 	hdd_debug("starting pre cac SAP  adapter");
 
-	pre_cac_adapter = hdd_get_adapter_by_iface_name(hdd_ctx,
-							SAP_PRE_CAC_IFNAME);
 	if (!pre_cac_adapter) {
 		mac_addr = wlan_hdd_get_intf_addr(hdd_ctx, QDF_SAP_MODE);
 		if (!mac_addr) {