From b6480353136adb6ba9cc4107ebeffac1d5926dfe Mon Sep 17 00:00:00 2001
From: Hans Petter Selasky <hselasky@FreeBSD.org>
Date: Thu, 31 Dec 2015 14:47:45 +0000
Subject: [PATCH] Handle when filedescriptors are closed before initialized. An
 early fdclose() call can cause fget_unlocked() to fail.

Found by:	mjg @
MFC after:	1 week
Reviewed by:	Mark Block <markb@mellanox.com>
Sponsored by:	Mellanox Technologies
Differential Revision:	https://reviews.freebsd.org/D4351
---
 sys/compat/linuxkpi/common/include/linux/file.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/sys/compat/linuxkpi/common/include/linux/file.h b/sys/compat/linuxkpi/common/include/linux/file.h
index e52afa55f202..559ac0437681 100644
--- a/sys/compat/linuxkpi/common/include/linux/file.h
+++ b/sys/compat/linuxkpi/common/include/linux/file.h
@@ -101,10 +101,11 @@ fd_install(unsigned int fd, struct linux_file *filp)
 
 	if (fget_unlocked(curthread->td_proc->p_fd, fd,
 	    cap_rights_init(&rights), &file, NULL) != 0) {
-		file = NULL;
+		filp->_file = NULL;
+	} else {
+		filp->_file = file;
+		finit(file, filp->f_mode, DTYPE_DEV, filp, &linuxfileops);
 	}
-	filp->_file = file;
-	finit(file, filp->f_mode, DTYPE_DEV, filp, &linuxfileops);
 
 	/* drop the extra reference */
 	fput(filp);