v4:
- Update comment and commit logs for both patches.
v3:
- Drop v2 patch 2 as it may not be needed.
- Replace css_tryget() with percpu_ref_is_zero() in patch 1 as
suggested by Tejun.
- Expand comment on patch 2 to elaborate the reason for this patch.
v2:
- Remove unnecessary rcu_read_{lock|unlock} from
cgroup_rstat_css_cpu_flush() in patch 3.
It was found that blkcg_destroy_blkgs() may be called with all blkcg
references gone. This may potentially cause user-after-free and so should
be fixed. The second patch flushes rstat when calling blkcg_destroy_blkgs().
Waiman Long (2):
bdi, blk-cgroup: Fix potential UAF of blkcg
blk-cgroup: Flush stats at blkgs destruction path
block/blk-cgroup.c | 23 +++++++++++++++++++++++
include/linux/cgroup.h | 1 +
kernel/cgroup/rstat.c | 18 ++++++++++++++++++
mm/backing-dev.c | 8 ++++++--
4 files changed, 48 insertions(+), 2 deletions(-)
--
2.31.1
