usb: gadget: f_fs: edit epfile->ep under lock

epfile->ep is protected by ffs->eps_lock (not epfile->mutex) so clear it
while holding the spin lock.

Tested-by: John Stultz <john.stultz@linaro.org>
Tested-by: Chen Yu <chenyu56@huawei.com>
Signed-off-by: Michal Nazarewicz <mina86@mina86.com>
Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>

diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c
index 54ad100..b31aa95 100644 (file)
--- a/drivers/usb/gadget/function/f_fs.c
+++ b/drivers/usb/gadget/function/f_fs.c
@@ -1725,17 +1725,17 @@ static void ffs_func_eps_disable(struct ffs_function *func)
        unsigned long flags;
 
        do {
-               if (epfile)
-                       mutex_lock(&epfile->mutex);
                spin_lock_irqsave(&func->ffs->eps_lock, flags);
                /* pending requests get nuked */
                if (likely(ep->ep))
                        usb_ep_disable(ep->ep);
                ++ep;
+               if (epfile)
+                       epfile->ep = NULL;
                spin_unlock_irqrestore(&func->ffs->eps_lock, flags);
 
                if (epfile) {
-                       epfile->ep = NULL;
+                       mutex_lock(&epfile->mutex);
                        kfree(epfile->read_buffer);
                        epfile->read_buffer = NULL;
                        mutex_unlock(&epfile->mutex);