hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I650K6

--------------------------------

There is a double delete list problem in sp_group_exit
Unable to handle kernel paging request at virtual address
dead000000000108
Call trace:
 sp_group_exit+0x104/0x238
  do_exit+0x188/0xb88
  __arm64_sys_exit+0x24/0x28

Calls to sp_group_exit depends on the value of group_dead, which is
controlled by CLONE_THREAD. If process A clone B with CLONE_VM and
*NO* CLONE_THREAD. A and B will have group_dead = 1 and have the same
mm_struct on exit. So sp_group_exit processes an mm_struct more than
once.

To sovle the problem, we check the tgid in sp_group_exit and allow only
the parent process to continue.

Similar check should be added in mg_sp_group_add/del_task.
Signed-off-by: NWang Wensheng <wangwensheng4@huawei.com>