Sākums Izpētīt Palīdzība
Pierakstīties
samsung-sm8650
/
android_kernel_samsung_sm8650-modules
2
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Pārlūkot izejas kodu

qcacld-3.0: Fix peer ref leak in lim_is_pkt_candidate_for_drop

In case deauth is received during roaming started peer
ref is not released.

Fix is to move the roam started check before peer logic and make sure
peer and vdev ref are released in all cases.

Change-Id: Icfe377de23348133c84b22f749dcecf5786f5186
CRs-Fixed: 3659824
Abhishek Singh 1 gadu atpakaļ
vecāks
ed102a0909
revīzija
d18ebf6455
1 mainītis faili ar 11 papildinājumiem un 17 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 11 17
      core/mac/src/pe/lim/lim_api.c

+ 11 - 17
core/mac/src/pe/lim/lim_api.c
Parādīt failu 

@@ -3295,15 +3295,21 @@ tMgmtFrmDropReason lim_is_pkt_candidate_for_drop(struct mac_context *mac,
 
 		if (!vdev)
 
 			return eMGMT_DROP_SPURIOUS_FRAME;
 
 
+		if (wlan_vdev_mlme_get_opmode(vdev) == QDF_STA_MODE &&
 
+		    wlan_cm_is_vdev_roam_started(vdev) &&
 
+		    (subType == SIR_MAC_MGMT_DISASSOC ||
 
+		     subType == SIR_MAC_MGMT_DEAUTH)) {
 
+			wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
+			return eMGMT_DROP_DEAUTH_DURING_ROAM_STARTED;
 
+		}
 
+		wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
+
 
 		peer = wlan_objmgr_get_peer_by_mac(mac->psoc,
 
 						   pHdr->sa,
 
 						   WLAN_LEGACY_MAC_ID);
 
 		if (!peer) {
 
-			if (subType == SIR_MAC_MGMT_ASSOC_REQ) {
 
-				wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
+			if (subType == SIR_MAC_MGMT_ASSOC_REQ)
 
 				return eMGMT_DROP_NO_DROP;
 
-			}
 
-			wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
 			return eMGMT_DROP_SPURIOUS_FRAME;
 
 		}
 
 
@@ -3311,23 +3317,11 @@ tMgmtFrmDropReason lim_is_pkt_candidate_for_drop(struct mac_context *mac,
 
 							WLAN_UMAC_COMP_MLME);
 
 		if (!peer_priv) {
 
 			wlan_objmgr_peer_release_ref(peer, WLAN_LEGACY_MAC_ID);
 
-			if (subType == SIR_MAC_MGMT_ASSOC_REQ) {
 
-				wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
+			if (subType == SIR_MAC_MGMT_ASSOC_REQ)
 
 				return eMGMT_DROP_NO_DROP;
 
-			}
 
-			wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
 			return eMGMT_DROP_SPURIOUS_FRAME;
 
 		}
 
 
-		if (QDF_STA_MODE == wlan_vdev_mlme_get_opmode(vdev) &&
 
-		    wlan_cm_is_vdev_roam_started(vdev) &&
 
-		    (subType == SIR_MAC_MGMT_DISASSOC ||
 
-		     subType == SIR_MAC_MGMT_DEAUTH)) {
 
-			wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
-			return eMGMT_DROP_DEAUTH_DURING_ROAM_STARTED;
 
-		}
 
-		wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_MAC_ID);
 
-
 
 		if (subType == SIR_MAC_MGMT_ASSOC_REQ)
 
 			timestamp =
 
 			   &peer_priv->last_assoc_received_time;