nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()

Claude pointed out that there is a nfs4_file refcount leak in
nfsd_get_dir_deleg(). Ensure that the reference to "fp" is released
before returning.

Fixes: 8b99f6a8c116 ("nfsd: wire up GET_DIR_DELEGATION handling")
Cc: stable@vger.kernel.org
Cc: Chris Mason <clm@meta.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index 4a896c7b494fcfe4b7ec5e89c26475656a03d79f..d854eac6db4206ad4129eea872c1205841b983a1 100644 (file)
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -9516,8 +9516,10 @@ nfsd_get_dir_deleg(struct nfsd4_compound_state *cstate,
        spin_unlock(&clp->cl_lock);
        spin_unlock(&state_lock);
 
-       if (!status)
+       if (!status) {
+               put_nfs4_file(fp);
                return dp;
+       }
 
        /* Something failed. Drop the lease and clean up the stid */
        kernel_setlease(fp->fi_deleg_file->nf_file, F_UNLCK, NULL, (void **)&dp);
@@ -9525,5 +9527,6 @@ out_put_stid:
        nfs4_put_stid(&dp->dl_stid);
 out_delegees:
        put_deleg_file(fp);
+       put_nfs4_file(fp);
        return ERR_PTR(status);
 }