[PATCH cgroup/for-4.7-fixes] cgroup: set css->id to -1 during init

From: Tejun Heo
Date: Thu May 26 2016 - 15:42:19 EST


Hello,

A follow-up patch. Will queue in cgroup/for-4.7-fixes.

Thanks.
------ 8< ------
If percpu_ref initialization fails during css_create(), the free path
can end up trying to free css->id of zero. As ID 0 is unused, it
doesn't cause a critical breakage but it does trigger a warning
message. Fix it by setting css->id to -1 from init_and_link_css().

Signed-off-by: Tejun Heo <tj@xxxxxxxxxx>
Cc: Wenwei Tao <ww.tao0320@xxxxxxxxx>
Fixes: 01e586598b22 ("cgroup: release css->id after css_free")
Cc: stable@xxxxxxxxxxxxxxx # v4.0+
---
kernel/cgroup.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index 789b84f..688eb0c 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -5063,6 +5063,7 @@ static void init_and_link_css(struct cgroup_subsys_state *css,
memset(css, 0, sizeof(*css));
css->cgroup = cgrp;
css->ss = ss;
+ css->id = -1;
INIT_LIST_HEAD(&css->sibling);
INIT_LIST_HEAD(&css->children);
css->serial_nr = css_serial_nr_next++;