diff --git a/fs/hmdfs/comm/device_node.c b/fs/hmdfs/comm/device_node.c
index 0f2585de61fe6ab0f95b70ebbaef0dddbd0f0635..d702e50275484e0ef58e153eb2ccb8c63b86809d 100644
--- a/fs/hmdfs/comm/device_node.c
+++ b/fs/hmdfs/comm/device_node.c
@@ -47,6 +47,11 @@ static void ctrl_cmd_update_socket_handler(const char *buf, size_t len,
 		goto out;
 	}
 	memcpy(&cmd, buf, sizeof(cmd));
+        if (cmd.status != CONNECT_STAT_WAIT_REQUEST &&
+                cmd.status != CONNECT_STAT_WAIT_RESPONSE) {
+                hmdfs_err("invalid status");
+                goto out;
+        }
 
 	node = hmdfs_get_peer(sbi, cmd.cid, cmd.devsl);
 	if (unlikely(!node)) {
diff --git a/fs/hmdfs/comm/transport.c b/fs/hmdfs/comm/transport.c
index c9eaaa7dca376fc284dbd1435efda428162df1a6..e6c6768f0ab7926af54be16dc89dc81bb2ae5f93 100644
--- a/fs/hmdfs/comm/transport.c
+++ b/fs/hmdfs/comm/transport.c
@@ -904,8 +904,14 @@ static int tcp_update_socket(struct tcp_handle *tcp, int fd,
 		goto put_sock;
 	}
 
-	hmdfs_info("socket fd %d, state %d, refcount %ld",
-		   fd, socket->state, file_count(socket->file));
+        hmdfs_info("socket fd %d, state %d, refcount %ld protocol %d",
+                fd, socket->state, file_count(socket->file),
+                   socket->sk->sk_protocol);
+
+        if (socket->sk->sk_protocol != IPPROTO_TCP) {
+                hmdfs_err("invalid socket protocol");
+                return -EINVAL;
+        }
 
 	tcp->recv_cache = kmem_cache_create("hmdfs_socket",
 					    tcp->recvbuf_maxsize,
diff --git a/fs/hmdfs/file_merge.c b/fs/hmdfs/file_merge.c
index 0b45586b39ca4d66924360a14ee1ed65420f6ee9..8048a203a8e67f17401959aca54182a359f6c70a 100644
--- a/fs/hmdfs/file_merge.c
+++ b/fs/hmdfs/file_merge.c
@@ -470,7 +470,9 @@ long hmdfs_dir_unlocked_ioctl_merge(struct file *file, unsigned int cmd,
 				  comrade_list) {
 		if (fi_iter->device_id == 0) {
 			lower_file = fi_iter->lower_file;
-			error = lower_file->f_op->unlocked_ioctl(lower_file, cmd, arg);
+                        if (lower_file->f_op->unlocked_ioctl)
+			        error = lower_file->f_op->unlocked_ioctl(
+                                        lower_file, cmd, arg);
 			break;
 		}
 	}
@@ -492,7 +494,9 @@ long hmdfs_dir_compat_ioctl_merge(struct file *file, unsigned int cmd,
 				  comrade_list) {
 		if (fi_iter->device_id == 0) {
 			lower_file = fi_iter->lower_file;
-			error = lower_file->f_op->compat_ioctl(lower_file, cmd, arg);
+                        if (lower_file->f_op->compat_ioctl)
+			        error = lower_file->f_op->compat_ioctl(
+                                        lower_file, cmd, arg);
 			break;
 		}
 	}
diff --git a/fs/hmdfs/main.c b/fs/hmdfs/main.c
index 1316cb1996e15c6e41fd29d859824e05e50103e1..b3bd822842554b119cff1d2830dfafd65dee9d9e 100644
--- a/fs/hmdfs/main.c
+++ b/fs/hmdfs/main.c
@@ -842,6 +842,9 @@ static int hmdfs_fill_super(struct super_block *sb, void *data, int silent)
 	char ctrl_path[CTRL_PATH_MAX_LEN];
 	uint64_t ctrl_hash;
 
+        if (!raw_data)
+                return -EINVAL;
+
 	sbi = kzalloc(sizeof(*sbi), GFP_KERNEL);
 	if (!sbi) {
 		err = -ENOMEM;