NFS: nfs_igrab_and_active must first reference the superblock

commit 896567ee7f17a8a736cda8a28cc987228410a2ac upstream.

Before referencing the inode, we must ensure that the superblock can be
referenced. Otherwise, we can end up with iput() calling superblock
operations that are no longer valid or accessible.

Fixes: ea7c38fef0b7 ("NFSv4: Ensure we reference the inode for return-on-close in delegreturn")
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 578350fd96e1144f99fe5df9aac2d8d2e703a190..7eeab683a81f8f960a9822e88b8a722f55c7fc6f 100644 (file)
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -534,12 +534,14 @@ extern int nfs41_walk_client_list(struct nfs_client *clp,
 
 static inline struct inode *nfs_igrab_and_active(struct inode *inode)
 {
-       inode = igrab(inode);
-       if (inode != NULL && !nfs_sb_active(inode->i_sb)) {
-               iput(inode);
-               inode = NULL;
+       struct super_block *sb = inode->i_sb;
+
+       if (sb && nfs_sb_active(sb)) {
+               if (igrab(inode))
+                       return inode;
+               nfs_sb_deactive(sb);
        }
-       return inode;
+       return NULL;
 }
 
 static inline void nfs_iput_and_deactive(struct inode *inode)