CVE-2023-52517

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain<br /> <br /> Previously the transfer complete IRQ immediately drained to RX FIFO to<br /> read any data remaining in FIFO to the RX buffer. This behaviour is<br /> correct when dealing with SPI in interrupt mode. However in DMA mode the<br /> transfer complete interrupt still fires as soon as all bytes to be<br /> transferred have been stored in the FIFO. At that point data in the FIFO<br /> still needs to be picked up by the DMA engine. Thus the drain procedure<br /> and DMA engine end up racing to read from RX FIFO, corrupting any data<br /> read. Additionally the RX buffer pointer is never adjusted according to<br /> DMA progress in DMA mode, thus calling the RX FIFO drain procedure in DMA<br /> mode is a bug.<br /> Fix corruptions in DMA RX mode by draining RX FIFO only in interrupt mode.<br /> Also wait for completion of RX DMA when in DMA mode before returning to<br /> ensure all data has been copied to the supplied memory buffer.