memcg: add refcnt for pcpu stock to avoid UAF problem in drain_all_stock()

hulk inclusion
category: bugfix
bugzilla: 189183, https://gitee.com/openeuler/kernel/issues/I7Z1ZU


CVE: NA

----------------------------------------

It is found that the last bugfix patch for this problem is not enough
for higher version like 4.19, since drain_all_stock() now has nothing to
do with css's offline process, and so a memcg could still be on the
stock after it's been freed.

Fix this problem by adding (and decreasing) css's refcnt when the css is
put onto (and removed from) stock. After all, "being on the stock" is a
kind of reference with regards to memcg. As such, it's guaranteed that a
css on stock would not be freed.

Signed-off-by: GONG, Ruiqi <gongruiqi1@huawei.com>