CVE-2022-50091

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> locking/csd_lock: Change csdlock_debug from early_param to __setup<br /> <br /> The csdlock_debug kernel-boot parameter is parsed by the<br /> early_param() function csdlock_debug(). If set, csdlock_debug()<br /> invokes static_branch_enable() to enable csd_lock_wait feature, which<br /> triggers a panic on arm64 for kernels built with CONFIG_SPARSEMEM=y and<br /> CONFIG_SPARSEMEM_VMEMMAP=n.<br /> <br /> With CONFIG_SPARSEMEM_VMEMMAP=n, __nr_to_section is called in<br /> static_key_enable() and returns NULL, resulting in a NULL dereference<br /> because mem_section is initialized only later in sparse_init().<br /> <br /> This is also a problem for powerpc because early_param() functions<br /> are invoked earlier than jump_label_init(), also resulting in<br /> static_key_enable() failures. These failures cause the warning "static<br /> key &amp;#39;xxx&amp;#39; used before call to jump_label_init()".<br /> <br /> Thus, early_param is too early for csd_lock_wait to run<br /> static_branch_enable(), so changes it to __setup to fix these.