Fix a use-after-free when "zpool import" fails

clear vd->vdev_tsd in vdev_geom_close_locked instead of vdev_geom_detach.
In the latter function, it would fail to happen in certain circumstances
where cp->private was unset.  Ideally, the latter should never happen, but
it can happen when vdev open fails, or where spares are involved.

MFC after:	4 weeks
X-MFC-With:	298786
Sponsored by:	Spectra Logic Corp

sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c

@@ -276,10 +276,6 @@ vdev_geom_detach(struct g_consumer *cp, boolean_t open_for_read)
 	    cp->provider && cp->provider->name ? cp->provider->name : "NULL");
 
 	vd = cp->private;
-	if (vd != NULL) {
-		vd->vdev_tsd = NULL;
-		vd->vdev_delayed_close = B_FALSE;
-	}
 	cp->private = NULL;
 
 	gp = cp->geom;
@@ -311,6 +307,8 @@ vdev_geom_close_locked(vdev_t *vd)
 	g_topology_assert();
 
 	cp = vd->vdev_tsd;
+	vd->vdev_tsd = NULL;
+	vd->vdev_delayed_close = B_FALSE;
 	if (cp == NULL)
 		return;