Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow UDMA_CHAN_RT_*BCNT_REG stores the real-time channel bytecount statistics. These registers are 32-bit hardware counters and the driver uses these counters to monitor the operational progress status for a channel, when transferring more than 4GB of data it was observed that these counters overflow and completion calculation of a operation gets affected and the transfer hangs indefinitely. This commit adds changes to decrease the byte count for every complete transaction so that these registers never overflow and the proper byte count statistics is maintained for ongoing transaction by the RT counters. Earlier uc->bcnt used to maintain a count of the completed bytes at driver side, since the RT counters maintain the statistics of current transaction now, the maintenance of uc->bcnt is not necessary.
Product status
25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 (git) before d68da10b0cceb4177b653833e794b2923a4ffbd7
25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 (git) before e0b16bfbd3a4a8d09614046335f4482313e7c0c4
25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 (git) before a065657643a62a24b4435ddcaea45f1e9378749e
25dcb5dd7b7ce5587c1df18f584ff78f51a68a94 (git) before 7c94dcfa8fcff2dba53915f1dabfee49a3df8b88
5.6
Any version before 5.6
5.15.75 (semver)
5.19.17 (semver)
6.0.3 (semver)
6.1 (original_commit_for_fix)
References
git.kernel.org/...c/d68da10b0cceb4177b653833e794b2923a4ffbd7
git.kernel.org/...c/e0b16bfbd3a4a8d09614046335f4482313e7c0c4
git.kernel.org/...c/a065657643a62a24b4435ddcaea45f1e9378749e
git.kernel.org/...c/7c94dcfa8fcff2dba53915f1dabfee49a3df8b88
