qcacld-3.0: Fix NULL acs_cfg ptr access

acs_cfg is not initialized when sap starts
failed. And acs_cfg is accessed during
Random channel selection when sap interface
gets Radar event.

Fix by checking sap ctx state and acs_cfg
During dfs radar event.

Change-Id: I7e04e1a9e357ccd0b39b4edcc4c8a34b54e388ce
CRs-Fixed: 2174532

core/sap/src/sap_api_link_cntl.c

@@ -1005,7 +1005,13 @@ wlansap_roam_callback(void *ctx, struct csr_roam_info *csr_roam_info,
 	case eCSR_ROAM_DFS_RADAR_IND:
 		QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
 			  FL("Received Radar Indication"));
-
+		if (sap_ctx->sapsMachine != eSAP_STARTED &&
+		    sap_ctx->sapsMachine != eSAP_DFS_CAC_WAIT) {
+			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_HIGH,
+				  FL("Ignore Radar event in sap state %d"),
+				  sap_ctx->sapsMachine);
+			break;
+		}
 		if (sap_ctx->is_pre_cac_on) {
 			QDF_TRACE(QDF_MODULE_ID_SAP, QDF_TRACE_LEVEL_INFO_MED,
 				FL("sapdfs: Radar detect on pre cac:%d"),

core/sap/src/sap_fsm.c

@@ -959,9 +959,13 @@ static uint8_t sap_random_channel_sel(struct sap_context *sap_ctx)
 	}
 
 	ch_params->ch_width = ch_wd;
-	acs_info.acs_mode = sap_ctx->acs_cfg->acs_mode;
-	acs_info.start_ch = sap_ctx->acs_cfg->start_ch;
-	acs_info.end_ch = sap_ctx->acs_cfg->end_ch;
+	if (sap_ctx->acs_cfg) {
+		acs_info.acs_mode = sap_ctx->acs_cfg->acs_mode;
+		acs_info.start_ch = sap_ctx->acs_cfg->start_ch;
+		acs_info.end_ch = sap_ctx->acs_cfg->end_ch;
+	} else {
+		acs_info.acs_mode = false;
+	}
 	if (QDF_IS_STATUS_ERROR(utils_dfs_get_random_channel(
 	    pdev, 0, ch_params, &hw_mode, &ch, &acs_info))) {
 		/* No available channel found */