From: Tejun Heo Date: Thu, 21 Jan 2016 20:32:15 +0000 (-0500) Subject: cgroup: make sure a parent css isn't freed before its children X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=8bb5ef79bc0f4016ecf79e8dce6096a3c63603e4;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git cgroup: make sure a parent css isn't freed before its children There are three subsystem callbacks in css shutdown path - css_offline(), css_released() and css_free(). Except for css_released(), cgroup core didn't guarantee the order of invocation. css_offline() or css_free() could be called on a parent css before its children. This behavior is unexpected and led to bugs in cpu and memory controller. The previous patch updated ordering for css_offline() which fixes the cpu controller issue. While there currently isn't a known bug caused by misordering of css_free() invocations, let's fix it too for consistency. css_free() ordering can be trivially fixed by moving putting of the parent css below css_free() invocation. Signed-off-by: Tejun Heo Cc: Peter Zijlstra --- diff --git a/kernel/cgroup.c b/kernel/cgroup.c index d01587793865..d27904c193da 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c @@ -4657,14 +4657,15 @@ static void css_free_work_fn(struct work_struct *work) if (ss) { /* css free path */ + struct cgroup_subsys_state *parent = css->parent; int id = css->id; - if (css->parent) - css_put(css->parent); - ss->css_free(css); cgroup_idr_remove(&ss->css_idr, id); cgroup_put(cgrp); + + if (parent) + css_put(parent); } else { /* cgroup free path */ atomic_dec(&cgrp->root->nr_cgrps);