iwlwifi: fix locking in iwl_mac_add_interface

The corresponding iwl_mac_remove_interface only
acquires the mutex, leading me to believe that
the spinlock is not necessary. However, this
doesn't actually acquire the mutex around the
vif pointer check and assignment, fix that.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Reinette Chatre <reinette.chatre@intel.com>

drivers/net/wireless/iwlwifi/iwl-core.c

@@ -2631,23 +2631,21 @@ int iwl_mac_add_interface(struct ieee80211_hw *hw,
 				 struct ieee80211_vif *vif)
 {
 	struct iwl_priv *priv = hw->priv;
-	unsigned long flags;
+	int err = 0;
 
 	IWL_DEBUG_MAC80211(priv, "enter: type %d\n", vif->type);
 
+	mutex_lock(&priv->mutex);
+
 	if (priv->vif) {
 		IWL_DEBUG_MAC80211(priv, "leave - vif != NULL\n");
-		return -EOPNOTSUPP;
+		err = -EOPNOTSUPP;
+		goto out;
 	}
 
-	spin_lock_irqsave(&priv->lock, flags);
 	priv->vif = vif;
 	priv->iw_mode = vif->type;
 
-	spin_unlock_irqrestore(&priv->lock, flags);
-
-	mutex_lock(&priv->mutex);
-
 	if (vif->addr) {
 		IWL_DEBUG_MAC80211(priv, "Set %pM\n", vif->addr);
 		memcpy(priv->mac_addr, vif->addr, ETH_ALEN);
@@ -2657,10 +2655,11 @@ int iwl_mac_add_interface(struct ieee80211_hw *hw,
 		/* we are not ready, will run again when ready */
 		set_bit(STATUS_MODE_PENDING, &priv->status);
 
+ out:
 	mutex_unlock(&priv->mutex);
 
 	IWL_DEBUG_MAC80211(priv, "leave\n");
-	return 0;
+	return err;
 }
 EXPORT_SYMBOL(iwl_mac_add_interface);