NFC: NCI: Fix nci_register_device init sequence

All contexts have to be initiliazed before calling
nfc_register_device otherwise it is possible to call
nci_dev_up before ending the nci_register_device
function. In such case kernel will crash on non
initialized variables.

Signed-off-by: Vincent Cuissard <cuissard@marvell.com>
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>

diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index 860080803a3e889525817a3abe35b9a3711e48be..90b16cb4005880214f1eca87cc5e72f2f75c7c34 100644 (file)
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -759,10 +759,6 @@ int nci_register_device(struct nci_dev *ndev)
        struct device *dev = &ndev->nfc_dev->dev;
        char name[32];
 
-       rc = nfc_register_device(ndev->nfc_dev);
-       if (rc)
-               goto exit;
-
        ndev->flags = 0;
 
        INIT_WORK(&ndev->cmd_work, nci_cmd_work);
@@ -770,7 +766,7 @@ int nci_register_device(struct nci_dev *ndev)
        ndev->cmd_wq = create_singlethread_workqueue(name);
        if (!ndev->cmd_wq) {
                rc = -ENOMEM;
-               goto unreg_exit;
+               goto exit;
        }
 
        INIT_WORK(&ndev->rx_work, nci_rx_work);
@@ -800,6 +796,10 @@ int nci_register_device(struct nci_dev *ndev)
 
        mutex_init(&ndev->req_lock);
 
+       rc = nfc_register_device(ndev->nfc_dev);
+       if (rc)
+               goto destroy_rx_wq_exit;
+
        goto exit;
 
 destroy_rx_wq_exit:
@@ -808,9 +808,6 @@ destroy_rx_wq_exit:
 destroy_cmd_wq_exit:
        destroy_workqueue(ndev->cmd_wq);
 
-unreg_exit:
-       nfc_unregister_device(ndev->nfc_dev);
-
 exit:
        return rc;
 }