r8152 tx status -71

Bug #1922651 reported by Martin Vysny
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Unassigned
Bionic
Fix Released
Undecided
Unassigned
Focal
Fix Released
Medium
Unassigned
Groovy
Fix Released
Undecided
Unassigned
Hirsute
Fix Released
Medium
Unassigned

Bug Description

I've bought ThinkPad T14s with a USB-based docking station. Everything is working marvelously, but from time to time the ethernet port on the docking station won't connect. I've discovered the following messages in my dmesg:

[ 400.597506] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 401.164370] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 463.168412] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 465.314415] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 529.409871] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 533.718163] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 591.168537] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 594.335383] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

Rebooting the machine doesn't seem to work, turning the ethernet connection off and on doesn't seem to work. I have a dualboot Linux+Windows (one wants to play games from time to time :-p ) and it could be that rebooting from Win to Lin causes this issue, but this needs to be confirmed yet. I will try to power off the computer and/or the docking station, to see whether that would help.

I've found numerous bug reports, but they are rather old or may not apply to this situation, therefore I figured it's best to open a new bug report.

Thank you so much for your hard work!

ProblemType: Bug
DistroRelease: Ubuntu 20.10
Package: linux-image-5.8.0-48-generic 5.8.0-48.54
ProcVersionSignature: Ubuntu 5.8.0-48.54-generic 5.8.18
Uname: Linux 5.8.0-48-generic x86_64
ApportVersion: 2.20.11-0ubuntu50.5
Architecture: amd64
CasperMD5CheckResult: skip
CurrentDesktop: ubuntu:GNOME
Date: Tue Apr 6 10:00:29 2021
InstallationDate: Installed on 2021-03-24 (12 days ago)
InstallationMedia: Ubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022)
MachineType: LENOVO 20UH001QMX
ProcFB: 0 amdgpudrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-5.8.0-48-generic root=UUID=555514a0-0947-4e58-ade1-ad9963053d85 ro quiet splash vt.handoff=7
RelatedPackageVersions:
 linux-restricted-modules-5.8.0-48-generic N/A
 linux-backports-modules-5.8.0-48-generic N/A
 linux-firmware 1.190.3
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/21/2020
dmi.bios.release: 1.30
dmi.bios.vendor: LENOVO
dmi.bios.version: R1CET61W(1.30 )
dmi.board.asset.tag: Not Available
dmi.board.name: 20UH001QMX
dmi.board.vendor: LENOVO
dmi.board.version: Not Defined
dmi.chassis.asset.tag: No Asset Information
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.version: None
dmi.ec.firmware.release: 1.30
dmi.modalias: dmi:bvnLENOVO:bvrR1CET61W(1.30):bd12/21/2020:br1.30:efr1.30:svnLENOVO:pn20UH001QMX:pvrThinkPadT14sGen1:rvnLENOVO:rn20UH001QMX:rvrNotDefined:cvnLENOVO:ct10:cvrNone:
dmi.product.family: ThinkPad T14s Gen 1
dmi.product.name: 20UH001QMX
dmi.product.sku: LENOVO_MT_20UH_BU_Think_FM_ThinkPad T14s Gen 1
dmi.product.version: ThinkPad T14s Gen 1
dmi.sys.vendor: LENOVO

Revision history for this message
Martin Vysny (vyzivus) wrote :
Revision history for this message
Martin Vysny (vyzivus) wrote :

Trying rmmod r8169 && modprobe r8169 doesn't seem to work:

[ 1273.946335] r8169 0000:02:00.0: can't disable ASPM; OS doesn't have ASPM control
[ 1273.964669] libphy: r8169: probed
[ 1273.965172] r8169 0000:02:00.0 eth0: RTL8168ep/8111ep, 8c:8c:aa:1d:93:ca, XID 502, IRQ 48
[ 1273.965178] r8169 0000:02:00.0 eth0: jumbo features [frames: 9194 bytes, tx checksumming: ko]
[ 1273.970331] r8169 0000:02:00.0 enp2s0f0: renamed from eth0
[ 1274.041619] Generic FE-GE Realtek PHY r8169-200:00: attached PHY driver [Generic FE-GE Realtek PHY] (mii_bus:phy_addr=r8169-200:00, irq=IGNORE)
[ 1274.157641] r8169 0000:02:00.0 enp2s0f0: Link is Down
[ 1304.326079] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1322.474202] wlp3s0: deauthenticating from b0:95:75:04:6f:ea by local choice (Reason: 3=DEAUTH_LEAVING)
[ 1337.865675] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1338.837702] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1339.896810] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1339.905573] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1340.469696] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1340.566179] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.494091] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.505622] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.803331] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.817618] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1342.998669] net_ratelimit: 5 callbacks suppressed
[ 1342.998713] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1343.979560] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1344.064021] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1344.635990] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

Revision history for this message
Martin Vysny (vyzivus) wrote :

Finally, powering the notebook off (which seemingly also powered the docking station off) then on after a couple of seconds seem to be working as a workaround - the network works perfectly while the computer is turned on.

Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Martin Vysny (vyzivus) wrote :

I need to correct myself: the card stopped working out of the blue and started to print Tx status -71 to dmesg. So the statement "network works perfectly while the computer is turned on" is not true.

Excerpt from the dmesg:

[11284.014421] audit: type=1400 audit(1617704946.490:148): apparmor="DENIED" operation="capable" profile="/snap/snapd/11588/usr/lib/snapd/snap-confine" pid=24752 comm="snap-confine" capability=4 capname="fsetid"
[11292.590915] audit: type=1400 audit(1617704955.062:149): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/udev/data/c510:0" pid=24752 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[11292.590920] audit: type=1400 audit(1617704955.062:150): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/udev/data/c510:1" pid=24752 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[11328.103406] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.111513] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.119627] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.127759] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.135889] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.144009] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.152141] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.160250] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.168395] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.176506] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11333.085154] retire_capture_urb: 2492 callbacks suppressed
[11333.110654] net_ratelimit: 596 callbacks suppressed
[11333.110660] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11333.118785] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11333.126913] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

Revision history for this message
Martin Vysny (vyzivus) wrote :

Interestingly, the card does not seem to act as an USB device, but rather as a PCI device. That's weird, since the card is located on a docking station which is connected to the computer via USB. I guess this is because Thunderbolt-over-USB or similar?

~> lspci|grep -i eth
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0e)

Revision history for this message
Martin Vysny (vyzivus) wrote :

BUT the Network Manager says "USB Ethernet" for the docking station ethernet port, so perhaps the PCI device refers to the ethernet "dongle" which can be attached to the computer? Yes: Network Manager says "PCI Ethernet Connected" when I plug the cable into the dongle.

Found it:

~> lsusb -t|grep r8
        |__ Port 1: Dev 3, If 0, Class=Vendor Specific Class, Driver=r8152, 5000M

It's this guy (even though lsusb says "USB3.1 Hub"):
Bus 005 Device 003: ID 17ef:a387 Lenovo USB3.1 Hub

Indeed this page confirms this finding: https://linux-hardware.org/index.php?id=usb:17ef-a387 : Lenovo USB-C Dock Ethernet

Revision history for this message
Martin Vysny (vyzivus) wrote :

I've seen comments regarding using usbcore.quirks; I'll try usbcore.quirks=17ef:a387:k in order to disable the link power management.

Revision history for this message
Martin Vysny (vyzivus) wrote :

Okay the network seems to be working so far, this is encouraging, I'll observe and let you know.

Revision history for this message
Martin Vysny (vyzivus) wrote :

Indeed: the PCI device is controlled by a different kernel driver (r8169) as shown via lspci -k:

02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0e)
 Subsystem: Lenovo RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
 Kernel driver in use: r8169
 Kernel modules: r8169

Therefore, we can safely ignore this PCI device and focus on the USB device 17ef:a387 controlled by the r8152 driver.

Revision history for this message
Martin Vysny (vyzivus) wrote :

The "usbcore.quirks=17ef:a387:k" kernel parameter workaround seems to be working excellent so far!

Revision history for this message
Kai-Heng Feng (kaihengfeng) wrote :

Is it possible to send a kernel patch for it? Thanks!

Revision history for this message
Martin Vysny (vyzivus) wrote :

I placed the parameter into /etc/default/grub as follows:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash usbcore.quirks=17ef:a387:k"

I'm not sure how to create a patch from that.

Revision history for this message
Kai-Heng Feng (kaihengfeng) wrote :

Right, I wrote on for this issue:
https://lkml.org/lkml/2021/4/12/1112

Revision history for this message
Martin Vysny (vyzivus) wrote :

Oh, I misunderstood you then. Awesome work with the patch, it would be great to have that directly in the kernel.

Revision history for this message
Martin Vysny (vyzivus) wrote :

Hold on please, it looks like the bug is back - upon a boot I'm randomly getting

[ 271.935097] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 272.959356] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 273.983324] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

even though I have the kernel parameter usbcore.quirks=17ef:a387:k . Now I'm running Ubuntu 21.04 using kernel 5.11.0-16-generic. lsusb now identifies the device correctly:

Bus 005 Device 003: ID 17ef:a387 Lenovo USB-C Dock Ethernet

So, the k option, while improving the situation, doesn't seem to solve it fully.

Revision history for this message
Martin Vysny (vyzivus) wrote :

Maybe the Lenovo USB3.1 Hub device would benefit from having the 'k' parameter? I'll try.

Revision history for this message
Martin Vysny (vyzivus) wrote :

> So, the k option, while improving the situation, doesn't seem to solve it fully.

Or maybe the new kernel enabled link power management for the "Lenovo USB3.1 Hub" devices?

The devices in question (excerpt from `lsusb`):

Bus 005 Device 003: ID 17ef:a393 Lenovo USB3.1 Hub
Bus 005 Device 004: ID 17ef:a387 Lenovo USB-C Dock Ethernet
Bus 005 Device 002: ID 17ef:a391 Lenovo USB3.1 Hub

I've therefore started using usbcore.quirks=17ef:a387:k,17ef:a393:k,17ef:a391:k , I'll test and post more.

Revision history for this message
Martin Vysny (vyzivus) wrote :

It did not help, I'm still getting

[ 299.648322] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 300.672037] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 301.695990] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

on kernel 5.11.0-16-generic. As if the USB_QUIRK_NO_LPM quirk is no longer taken into effect... Or maybe there was an update to the docking station's firmware (via the Lenovo Windows app) and that's when the problem reappeared? Or was it that the problem reappeared because of kernel v bump? Hard to say.

Revision history for this message
Kai-Heng Feng (kaihengfeng) wrote :

Can you please attach full dmesg with parameter "usbcore.quirks=17ef:a387:k,17ef:a393:k,17ef:a391:k"?

Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-focal
Revision history for this message
Martin Vysny (vyzivus) wrote :

I've successfully upgraded to 5.11.0-18-generic and removed all usbcore.quirks kernel parameters; so far everything is working. I'll test more and I'll update the tags tomorrow appropriately.

Revision history for this message
Martin Vysny (vyzivus) wrote :

I confirm that the situation improved a lot, I'm not getting the error anymore.

tags: added: verification-done-focal
removed: verification-needed-focal
Revision history for this message
Stefan Bader (smb) wrote :

Upstream stable patch from 5.11.19 referred to this bug.

Changed in linux (Ubuntu Hirsute):
importance: Undecided → Medium
status: New → Fix Committed
Revision history for this message
Stefan Bader (smb) wrote :

Patch came to 20.04/Focal via v5.4.117 stable.

Changed in linux (Ubuntu Focal):
importance: Undecided → Medium
status: New → Fix Committed
Revision history for this message
Kleber Sacilotto de Souza (kleber-souza) wrote :

The fix for this bug has been applied to 18.04 Bionic kernel as part of " Bionic update: upstream stable patchset 2021-05-25" (bug 1929603).

Changed in linux (Ubuntu Bionic):
status: New → Fix Committed
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-hirsute' to 'verification-done-hirsute'. If the problem still exists, change the tag 'verification-needed-hirsute' to 'verification-failed-hirsute'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-hirsute
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-bionic
Revision history for this message
Kleber Sacilotto de Souza (kleber-souza) wrote :

This patch has been applied to Groovy (20.10) via upstream stable update (bug 1929132).

Changed in linux (Ubuntu Groovy):
status: New → Fix Committed
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-groovy' to 'verification-done-groovy'. If the problem still exists, change the tag 'verification-needed-groovy' to 'verification-failed-groovy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-groovy
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (65.7 KiB)

This bug was fixed in the package linux - 5.11.0-20.21+21.10.1

---------------
linux (5.11.0-20.21+21.10.1) impish; urgency=medium

  * impish/linux: 5.11.0-20.21+21.10.1 -proposed tracker (LP: #1930056)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  [ Ubuntu: 5.11.0-20.21 ]

  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)
  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

  [ Ubuntu: 5.11.0-19.20 ]

  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve ra...

Changed in linux (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (65.9 KiB)

This bug was fixed in the package linux - 5.11.0-22.23

---------------
linux (5.11.0-22.23) hirsute; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.11.0-20.21) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)

  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

linux (5.11.0-19.20) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - ...

Changed in linux (Ubuntu Hirsute):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (23.2 KiB)

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

  * groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one...

Changed in linux (Ubuntu Groovy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (34.3 KiB)

This bug was fixed in the package linux - 5.4.0-77.86

---------------
linux (5.4.0-77.86) focal; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.4.0-76.85) focal; urgency=medium

  * focal/linux: 5.4.0-76.85 -proposed tracker (LP: #1932123)

  * Upstream v5.9 introduced 'module' patches that removed exported symbols
    (LP: #1932065)
    - SAUCE: Revert "modules: inherit TAINT_PROPRIETARY_MODULE"
    - SAUCE: Revert "modules: return licensing information from find_symbol"
    - SAUCE: Revert "modules: rename the licence field in struct symsearch to
      license"
    - SAUCE: Revert "modules: unexport __module_address"
    - SAUCE: Revert "modules: unexport __module_text_address"
    - SAUCE: Revert "modules: mark each_symbol_section static"
    - SAUCE: Revert "modules: mark find_symbol static"
    - SAUCE: Revert "modules: mark ref_module static"

linux (5.4.0-75.84) focal; urgency=medium

  * focal/linux: 5.4.0-75.84 -proposed tracker (LP: #1930032)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limi...

Changed in linux (Ubuntu Focal):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (5.5 KiB)

This bug was fixed in the package linux - 4.15.0-147.151

---------------
linux (4.15.0-147.151) bionic; urgency=medium

  * CVE-2021-3444
    - bpf: Fix truncation handling for mod32 dst reg wrt zero

  * CVE-2021-3600
    - SAUCE: bpf: Do not use ax register in interpreter on div/mod
    - bpf: fix subprog verifier bypass by div/mod by 0 exception
    - SAUCE: bpf: Fix 32-bit register truncation on div/mod instruction

linux (4.15.0-146.150) bionic; urgency=medium

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (4.15.0-145.149) bionic; urgency=medium

  * bionic/linux: 4.15.0-145.149 -proposed tracker (LP: #1929967)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout

  * CVE-2021-23133
    - sctp: delay auto_asconf init until binding the first addr

  * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603)
    - Input: nspire-keypad - enable interrupts only when opened
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee802154: stop dump llsec seclevels for monitors
    - net: ieee802154: forbid monitor for add llsec seclevel
    - pcnet32: Use pci_resource_len to validate PCI resource
    - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
    - Input: i8042 - fix Pegatron C15B ID entry
    - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
    - readdir: make sure to verify directory entry for legacy interfaces too
    - arm64: fix inline asm in load_unaligned_zeropad()
    - arm64: alternatives: Move length validation in alternative_{insn, endif}
    - scsi: libsas: Reset num_scatter if libata marks qc as NODATA
    - netfilter: conntrack: do not print icmpv6 as unknown via /proc
    - netfilter: nft_limit: avoid possible divide error in nft_limit_init
    - net: davicom: Fix regulator not turned off on failed probe
    - net: sit: Unregister catch-all devices
    - i40e: fix the panic when running bpf in xdpdrv mode
    - ibmvnic: avoid calling napi_disable() twice
    - ibmvnic: remove duplicate napi_schedule call in do_reset function
  ...

Read more...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers