qcacld-3.0: Refine CSR scan related action sequences
1) In csr_start, CSR module's scan callback function is currently
registered after scan is enabled. This can result in a potential
memory leak of the per-session CSR scan profile's child buffers
when the following events take place in sequence:
(1) CSR scan is enabled
(2) Upper layer invokes CSR module for scan requests
(per-session CSR scan profile's child buffers are
allocated here)
(3) Scan finished, but no CSR callback is registered to
handle it so the previously allocated child buffers
are leaked
(4) CSR scan callback function is registered later, but
it's already too late
Move the CSR scan enabling code to a place after CSR scan
callback is registered to fix the potential memory leakage.
2) CSR scan should be stopped before sessions are closed, and
session init code should not re-enable CSR scan again during
session clean up stage. Or there will be another chance for
the same issue as in 1) to happen again.
3) CSR scan callback function should be deregistered before
a session is closed and cleaned up.
4) Per-session CSR scan profile pointer should be checked
during session clean up and its buffer and child buffers
should be freed to avoid any potential memory leak.
Change-Id: I99101170a58f63b239db620dea01d210e83d9367
CRs-Fixed: 2228321
Esse commit está contido em:
wadesong
@@ -1122,7 +1122,6 @@ QDF_STATUS csr_start(tpAniSirGlobal pMac)
|
||||
break;
|
||||
|
||||
pMac->roam.sPendingCommands = 0;
|
||||
ucfg_scan_set_enable(pMac->psoc, true);
|
||||
for (i = 0; i < CSR_ROAM_SESSION_MAX; i++)
|
||||
status = csr_neighbor_roam_init(pMac, i);
|
||||
pMac->roam.tlStatsReqInfo.numClient = 0;
|
||||
@@ -1136,6 +1135,7 @@ QDF_STATUS csr_start(tpAniSirGlobal pMac)
|
||||
pMac->scan.requester_id = ucfg_scan_register_requester(
|
||||
pMac->psoc,
|
||||
"CSR", csr_scan_callback, pMac);
|
||||
ucfg_scan_set_enable(pMac->psoc, true);
|
||||
} while (0);
|
||||
return status;
|
||||
}
|
||||
@@ -1144,11 +1144,12 @@ QDF_STATUS csr_stop(tpAniSirGlobal pMac, tHalStopType stopType)
|
||||
{
|
||||
uint32_t sessionId;
|
||||
|
||||
ucfg_scan_set_enable(pMac->psoc, false);
|
||||
ucfg_scan_unregister_requester(pMac->psoc, pMac->scan.requester_id);
|
||||
|
||||
for (sessionId = 0; sessionId < CSR_ROAM_SESSION_MAX; sessionId++)
|
||||
csr_roam_close_session(pMac, sessionId, true);
|
||||
|
||||
ucfg_scan_set_enable(pMac->psoc, false);
|
||||
|
||||
for (sessionId = 0; sessionId < CSR_ROAM_SESSION_MAX; sessionId++)
|
||||
csr_neighbor_roam_close(pMac, sessionId);
|
||||
for (sessionId = 0; sessionId < CSR_ROAM_SESSION_MAX; sessionId++)
|
||||
@@ -1163,7 +1164,6 @@ QDF_STATUS csr_stop(tpAniSirGlobal pMac, tHalStopType stopType)
|
||||
csr_roam_substate_change(pMac, eCSR_ROAM_SUBSTATE_NONE,
|
||||
sessionId);
|
||||
}
|
||||
ucfg_scan_unregister_requester(pMac->psoc, pMac->scan.requester_id);
|
||||
|
||||
return QDF_STATUS_SUCCESS;
|
||||
}
|
||||
@@ -17117,11 +17117,11 @@ static void csr_init_session(tpAniSirGlobal pMac, uint32_t sessionId)
|
||||
pSession->callback = NULL;
|
||||
pSession->pContext = NULL;
|
||||
pSession->connectState = eCSR_ASSOC_STATE_TYPE_NOT_CONNECTED;
|
||||
csr_saved_scan_cmd_free_fields(pMac, pSession);
|
||||
csr_free_roam_profile(pMac, sessionId);
|
||||
csr_roam_free_connect_profile(&pSession->connectedProfile);
|
||||
csr_roam_free_connected_info(pMac, &pSession->connectedInfo);
|
||||
csr_free_connect_bss_desc(pMac, sessionId);
|
||||
ucfg_scan_set_enable(pMac->psoc, true);
|
||||
qdf_mem_set(&pSession->selfMacAddr, sizeof(struct qdf_mac_addr), 0);
|
||||
if (pSession->pWpaRsnReqIE) {
|
||||
qdf_mem_free(pSession->pWpaRsnReqIE);
|
||||
|
||||
Referência em uma nova issue
Block a user