From 47e28f41dce90ea4317d35cf23f232c1a6b07adf Mon Sep 17 00:00:00 2001
From: Johannes Berg <johannes.berg@intel.com>
Date: Wed, 20 Jan 2010 11:21:06 -0800
Subject: iwlwifi: fix locking in iwl_mac_add_interface

The corresponding iwl_mac_remove_interface only
acquires the mutex, leading me to believe that
the spinlock is not necessary. However, this
doesn't actually acquire the mutex around the
vif pointer check and assignment, fix that.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>
---
 drivers/net/wireless/iwlwifi/iwl-core.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

(limited to 'drivers/net')

diff --git a/drivers/net/wireless/iwlwifi/iwl-core.c b/drivers/net/wireless/iwlwifi/iwl-core.c
index 1cfabd6be0b..02bf17ecaf5 100644
--- a/drivers/net/wireless/iwlwifi/iwl-core.c
+++ b/drivers/net/wireless/iwlwifi/iwl-core.c
@@ -2631,23 +2631,21 @@ int iwl_mac_add_interface(struct ieee80211_hw *hw,
 				 struct ieee80211_vif *vif)
 {
 	struct iwl_priv *priv = hw->priv;
-	unsigned long flags;
+	int err = 0;
 
 	IWL_DEBUG_MAC80211(priv, "enter: type %d\n", vif->type);
 
+	mutex_lock(&priv->mutex);
+
 	if (priv->vif) {
 		IWL_DEBUG_MAC80211(priv, "leave - vif != NULL\n");
-		return -EOPNOTSUPP;
+		err = -EOPNOTSUPP;
+		goto out;
 	}
 
-	spin_lock_irqsave(&priv->lock, flags);
 	priv->vif = vif;
 	priv->iw_mode = vif->type;
 
-	spin_unlock_irqrestore(&priv->lock, flags);
-
-	mutex_lock(&priv->mutex);
-
 	if (vif->addr) {
 		IWL_DEBUG_MAC80211(priv, "Set %pM\n", vif->addr);
 		memcpy(priv->mac_addr, vif->addr, ETH_ALEN);
@@ -2657,10 +2655,11 @@ int iwl_mac_add_interface(struct ieee80211_hw *hw,
 		/* we are not ready, will run again when ready */
 		set_bit(STATUS_MODE_PENDING, &priv->status);
 
+ out:
 	mutex_unlock(&priv->mutex);
 
 	IWL_DEBUG_MAC80211(priv, "leave\n");
-	return 0;
+	return err;
 }
 EXPORT_SYMBOL(iwl_mac_add_interface);
 
-- 
cgit v1.2.3