Hello, this fixes a race condition between memcg and UFFD_EVENT_FORK that was reproduced on aarch64 with qemu with syzkaller. While at it I also added more WRITE_ONCE in places that shall use it (in theory) against the rcu_deferenfence issued in the in rcu_read_lock critical section. Andrea Arcangeli (2): userfaultfd: use RCU to free the task struct when fork fails mm: change mm_update_next_owner() to update mm->owner with WRITE_ONCE kernel/exit.c | 6 +++--- kernel/fork.c | 34 ++++++++++++++++++++++++++++++++-- 2 files changed, 35 insertions(+), 5 deletions(-)
