CVE-2022-49675

In the Linux kernel, the following vulnerability has been resolved:

tick/nohz: unexport _init-annotated ticknohzfullsetup()

EXPORT_SYMBOL and __init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated __init. The access to a freed symbol may end up with kernel panic.

modpost used to detect it, but it had been broken for a decade.

Commit 28438794aba4 ("modpost: fix section mismatch check for exported init/exit sections") fixed it so modpost started to warn it again, then this showed up:

MODPOST vmlinux.symvers

WARNING: modpost: vmlinux.o(___ksymtabgpl+ticknohzfullsetup+0x0): Section mismatch in reference from the variable __ksymtabticknohzfullsetup to the function .init.text:ticknohzfullsetup() The symbol ticknohzfullsetup is exported and annotated __init Fix this by removing the _init annotation of ticknohzfullsetup or drop the export.

Drop the export because ticknohzfull_setup() is only called from the built-in code in kernel/sched/isolation.c.