This is a note to let you know that I've just added the patch titled 9p: Avoid creating multiple slab caches with the same name to the 4.19-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: 9p-avoid-creating-multiple-slab-caches-with-the-same.patch and it can be found in the queue-4.19 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. commit d7c6c07a7fa09988407c21206d9255a00f7f249f Author: Pedro Falcato <pedro.falcato@xxxxxxxxx> Date: Wed Aug 7 10:47:25 2024 +0100 9p: Avoid creating multiple slab caches with the same name [ Upstream commit 79efebae4afc2221fa814c3cae001bede66ab259 ] In the spirit of [1], avoid creating multiple slab caches with the same name. Instead, add the dev_name into the mix. [1]: https://lore.kernel.org/all/20240807090746.2146479-1-pedro.falcato@xxxxxxxxx/ Signed-off-by: Pedro Falcato <pedro.falcato@xxxxxxxxx> Reported-by: syzbot+3c5d43e97993e1fa612b@xxxxxxxxxxxxxxxxxxxxxxxxx Message-ID: <20240807094725.2193423-1-pedro.falcato@xxxxxxxxx> Signed-off-by: Dominique Martinet <asmadeus@xxxxxxxxxxxxx> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> diff --git a/net/9p/client.c b/net/9p/client.c index a7518e8e76265..e6eee4eecf24b 100644 --- a/net/9p/client.c +++ b/net/9p/client.c @@ -1018,6 +1018,7 @@ struct p9_client *p9_client_create(const char *dev_name, char *options) int err; struct p9_client *clnt; char *client_id; + char *cache_name; err = 0; clnt = kmalloc(sizeof(struct p9_client), GFP_KERNEL); @@ -1070,15 +1071,22 @@ struct p9_client *p9_client_create(const char *dev_name, char *options) if (err) goto close_trans; + cache_name = kasprintf(GFP_KERNEL, "9p-fcall-cache-%s", dev_name); + if (!cache_name) { + err = -ENOMEM; + goto close_trans; + } + /* P9_HDRSZ + 4 is the smallest packet header we can have that is * followed by data accessed from userspace by read */ clnt->fcall_cache = - kmem_cache_create_usercopy("9p-fcall-cache", clnt->msize, + kmem_cache_create_usercopy(cache_name, clnt->msize, 0, 0, P9_HDRSZ + 4, clnt->msize - (P9_HDRSZ + 4), NULL); + kfree(cache_name); return clnt; close_trans: