diff --git a/kernel/exit.c b/kernel/exit.c
index e6330709df092acb1a6c3b3e114bbcdc04fde106..936333b9f25b9b7ac522d59352d6986884e745cc 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -422,7 +422,7 @@ void mm_update_next_owner(struct mm_struct *mm)
 	 * freed task structure.
 	 */
 	if (atomic_read(&mm->mm_users) <= 1) {
-		mm->owner = NULL;
+		WRITE_ONCE(mm->owner, NULL);
 		return;
 	}
 
@@ -462,7 +462,7 @@ void mm_update_next_owner(struct mm_struct *mm)
 	 * most likely racing with swapoff (try_to_unuse()) or /proc or
 	 * ptrace or page migration (get_task_mm()).  Mark owner as NULL.
 	 */
-	mm->owner = NULL;
+	WRITE_ONCE(mm->owner, NULL);
 	return;
 
 assign_new_owner:
@@ -483,7 +483,7 @@ void mm_update_next_owner(struct mm_struct *mm)
 		put_task_struct(c);
 		goto retry;
 	}
-	mm->owner = c;
+	WRITE_ONCE(mm->owner, c);
 	task_unlock(c);
 	put_task_struct(c);
 }
diff --git a/kernel/fork.c b/kernel/fork.c
index a04b468c1ce2cb6f7557f13c29fd657b8b6416a9..487f392c5cef92d70111a385b50fff0d28b64c46 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -961,7 +961,7 @@ static __always_inline void mm_clear_owner(struct mm_struct *mm,
 {
 #ifdef CONFIG_MEMCG
 	if (mm->owner == p)
-		mm->owner = NULL;
+		WRITE_ONCE(mm->owner, NULL);
 #endif
 }