CVE-2023-53094

In the Linux kernel, the following vulnerability has been resolved:

tty: serial: fsl_lpuart: fix race on RX DMA shutdown

From time to time DMA completion can come in the middle of DMA shutdown:

<process ctx>: <IRQ>: lpuart32shutdown() lpuartdmashutdown() deltimersync() lpuartdmarxcomplete() lpuartcopyrxtotty() modtimer() lpuartdmarxfree()

When the timer fires a bit later, sport->dmarxdesc is NULL:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 pc : lpuartcopyrxtotty+0xcc/0x5bc lr : lpuarttimerfunc+0x1c/0x2c Call trace: lpuartcopyrxtotty lpuarttimerfunc calltimerfn __runtimers.part.0 runtimer_softirq __do_softirq __irqexitrcu irqexit handledomainirq gichandleirq callonirqstack dointerrupthandler ...

To fix this fold deltimersync() into lpuartdmarxfree() after dmaengineterminatesync() to make sure timer will not be re-started in lpuartcopyrxtotty() <= lpuartdmarxcomplete().