hulk inclusion category: bugfix bugzilla: 189183, https://gitee.com/openeuler/kernel/issues/I7Z1ZU CVE: NA
--------------------------------
This reverts commit 616e708277a2 ("memcg: fix a UAF problem in drain_all_stock()"), which was produced based on in-house 3.10 and later was found to be not suitable for in-house 4.18/4.19, as both of them use async version of drain_all_stock() whose actual draining could be delayed, and some of them even removed drain_all_stock() from memcg's offline process. In these cases the commit doesn't fix the original problem.
Fixes: 616e708277a2 ("memcg: fix a UAF problem in drain_all_stock()") Signed-off-by: GONG, Ruiqi gongruiqi1@huawei.com --- mm/memcontrol.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/memcontrol.c b/mm/memcontrol.c index 29d430885b1a..7dc68b1792ef 100644 --- a/mm/memcontrol.c +++ b/mm/memcontrol.c @@ -2232,7 +2232,8 @@ static void drain_all_stock(struct mem_cgroup *root_memcg)
rcu_read_lock(); memcg = stock->cached; - if (memcg && mem_cgroup_is_descendant(memcg, root_memcg)) + if (memcg && stock->nr_pages && + mem_cgroup_is_descendant(memcg, root_memcg)) flush = true; rcu_read_unlock();