qcacld-3.0: Lock all the entry of ch power info
If the entry of ch power info is not locked, free after use may be
happened. For example, csr_save_to_channel_power2_g_5_g does
csr_purge_channel_power, while csr_save_tx_power_to_cfg is called
in another thread and it calls csr_ll_peek_head then does some
operation on the entry.
Change-Id: If6cc4d8e0072e97288b60d3c72499b79c0a2bf67
CRs-Fixed: 2580147
Bug: 245611633
Signed-off-by: Aditya Kodukula <quic_akodukul@quicinc.com>
diff --git a/core/sme/src/csr/csr_api_scan.c b/core/sme/src/csr/csr_api_scan.c
index 426c751..7e7bdc8 100644
--- a/core/sme/src/csr/csr_api_scan.c
+++ b/core/sme/src/csr/csr_api_scan.c
@@ -760,7 +760,8 @@
struct csr_channel_powerinfo *ch_set;
/* Get 2.4Ghz first */
- entry = csr_ll_peek_head(list, LL_ACCESS_LOCK);
+ csr_ll_lock(list);
+ entry = csr_ll_peek_head(list, LL_ACCESS_NOLOCK);
while (entry && (chn_idx < *num_ch)) {
ch_set = GET_BASE_ADDR(entry,
struct csr_channel_powerinfo, link);
@@ -771,8 +772,9 @@
+ (idx * ch_set->interChannelOffset));
chn_pwr_info[chn_idx++].tx_power = ch_set->txPower;
}
- entry = csr_ll_next(list, entry, LL_ACCESS_LOCK);
+ entry = csr_ll_next(list, entry, LL_ACCESS_NOLOCK);
}
+ csr_ll_unlock(list);
*num_ch = chn_idx;
}
@@ -1615,7 +1617,8 @@
return;
ch_pwr_set = (tSirMacChanInfo *) (pBuf);
- pEntry = csr_ll_peek_head(pList, LL_ACCESS_LOCK);
+ csr_ll_lock(pList);
+ pEntry = csr_ll_peek_head(pList, LL_ACCESS_NOLOCK);
/*
* write the tuples (startChan, numChan, txPower) for each channel found
* in the channel power list.
@@ -1685,8 +1688,9 @@
cbLen += sizeof(tSirMacChanInfo);
ch_pwr_set++;
}
- pEntry = csr_ll_next(pList, pEntry, LL_ACCESS_LOCK);
+ pEntry = csr_ll_next(pList, pEntry, LL_ACCESS_NOLOCK);
}
+ csr_ll_unlock(pList);
if (cbLen)
cfg_set_str(pMac, cfgId, (uint8_t *) pBuf, cbLen);
