qcacld-2.0: Fix potential BUG_ON in the htt_rx_offload_msdu_pop_ll

For HTT_T2H_MSG_TYPE_RX_OFFLOAD_DELIVER_IND, the msdu_cnt is a signed
integer coming from firmware. If set the msdu_cnt to a negative value,
or be greater than the number of current elements in the queue, the loop
will execute lots of times in ol_rx_offload_deliver_ind_handler, the
htt_rx_netbuf_pop will cause the BUG_ON issue sooner or later if it is
low latency solution.

Change the msdu_cnt type from signed to unsigned and add the validity
msdu_cnt checking will fix this issue.

Change-Id: I436557a124074f59ab11fd937dfdc975b9caebe8
CRs-Fixed: 2149461
5 files changed
tree: f4b432e2ef55ac9968f564badf5e68db2d39cb95
  1. CORE/
  2. firmware_bin/
  3. wcnss/
  4. Android.mk
  5. Kbuild
  6. Kconfig
  7. Makefile