From: Xiongfeng Wang <wangxiongfeng2@huawei.com> hulk inclusion category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/ICYAB4 CVE: CVE-2023-53280 -------------------------------- If we enter a error branch in qla_nvme_ls_req(), we will wakeup 'sp->nvme_ls_waitq', but it is not initilized. It will cause system crash. Fix it by initilizing 'nvme_ls_waitq' in qla_nvme_ls_req(). This commit is based on the mainline commit 20fce500b232b970e40312a9c97e7f3b6d7a709c 'scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue'. But we are still use nvme_ls_waitq wait queue because commit 219d27d7147e ("scsi: qla2xxx: Fix race conditions in the code for aborting SCSI commands") is not merged. Fixes: 5621b0dd7453 ("scsi: qla2xxx: Simpify unregistration of FC-NVMe local/remote ports") Signed-off-by: Xiongfeng Wang <wangxiongfeng2@huawei.com> --- drivers/scsi/qla2xxx/qla_nvme.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/scsi/qla2xxx/qla_nvme.c b/drivers/scsi/qla2xxx/qla_nvme.c index daa412667d6e..120bc13d8dcd 100644 --- a/drivers/scsi/qla2xxx/qla_nvme.c +++ b/drivers/scsi/qla2xxx/qla_nvme.c @@ -237,6 +237,7 @@ static int qla_nvme_ls_req(struct nvme_fc_local_port *lport, sp->name = "nvme_ls"; sp->done = qla_nvme_sp_ls_done; atomic_set(&sp->ref_count, 1); + init_waitqueue_head(&sp->nvme_ls_waitq); nvme = &sp->u.iocb_cmd; priv->sp = sp; priv->fd = fd; -- 2.20.1