From: Yu Kuai <yukuai3@huawei.com> hulk inclusion category: bugfix bugzilla: 187345, https://gitee.com/openeuler/kernel/issues/I5KZZ0 CVE: NA -------------------------------- Otherwise, null pointer crash can be triggered to handle bio in blk_mq_submit_bio() while queue is not initialized. Since queue is registered right after initialization, use the flag 'QUEUE_FLAG_REGISTERED' to make sure queue is initialized, althrough this will delay a little when bio can be handled, it doesn't hurt in real user case. Signed-off-by: Yu Kuai <yukuai3@huawei.com> Reviewed-by: Jason Yan <yanaijie@huawei.com> Signed-off-by: Yongqiang Liu <liuyongqiang13@huawei.com> --- block/blk-mq.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/block/blk-mq.c b/block/blk-mq.c index 34d4fdb4e717..eb89afa84ac5 100644 --- a/block/blk-mq.c +++ b/block/blk-mq.c @@ -1957,6 +1957,11 @@ static blk_qc_t blk_mq_make_request(struct request_queue *q, struct bio *bio) struct request *same_queue_rq = NULL; blk_qc_t cookie; + if (!test_bit(QUEUE_FLAG_REGISTERED, &q->queue_flags)) { + bio_io_error(bio); + return BLK_QC_T_NONE; + } + blk_queue_bounce(q, &bio); blk_queue_split(q, &bio); -- 2.25.1