RTL8822BE WiFi Disabled in Kernel 4.18.0-12

This change was made by a bot.

Please try the hotkey "Alt+PrintScreen+x", then reload rtl8822be?

Hi, not sure what the hotkey was supposed to do if anything, I don't have any dmesg entries after executing it and there's no change in the status of the r8822be module when I attempt a modprobe afterwards.

Ok, can you test if disabling secure boot in BIOS helps?

Yep, disabling Secure Boot seems to allow the driver to load no problem.
Attached is dmesg output of this boot sequence with Secure Boot disabled.

Thanks for your testing.

This means staging drivers don't work when kernel lockdown is enabled. I'll discuss with kernel team members how to sort this out.

Hey,

Still seems to be an issue with Kernel v4.18.0-13 too. Tried to modprobe r8822be module and received the same "operation not permitted" error as before.

Installed 18.04 LTS with kernel 4.15 - was required to disabled secure boot mode to get the r8822be wifi module working. Seems unsigned here as well.

lappy5k:~$ sudo uname -a
Linux lappy5k 4.15.0-43-generic #46-Ubuntu SMP Thu Dec 6 14:45:28 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

---- modinfo, no signature ----
@lappy5k:~$ sudo modinfo r8822be
filename: /lib/modules/4.15.0-43-generic/kernel/drivers/staging/rtlwifi/r8822be.ko
description: Realtek 802.11n PCI wireless core
license: GPL
author: Larry Finger <email address hidden>
author: Realtek WlanFAE <email address hidden>
author: lizhaoming <email address hidden>
description: PCI basic driver for rtlwifi
license: GPL
author: Larry Finger <email address hidden>
author: Realtek WlanFAE <email address hidden>
author: lizhaoming <email address hidden>
firmware: rtlwifi/rtl8822befw.bin
description: Realtek 8822BE 802.11n PCI wireless
license: GPL
author: Larry Finger <email address hidden>
author: Realtek WlanFAE <email address hidden>
description: Realtek 802.11n PCI wireless core
license: GPL
author: Larry Finger <email address hidden>
author: Realtek WlanFAE <email address hidden>
description: Realtek 802.11n PCI wireless core
license: GPL
author: Larry Finger <email address hidden>
author: Realtek WlanFAE <email address hidden>
srcversion: 9AE3E31830D5363CA6C8264
alias: pci:v000010ECd0000B822sv*sd*bc*sc*i*
depends: mac80211,cfg80211
staging: Y
retpoline: Y
intree: Y
name: r8822be
vermagic: 4.15.0-43-generic SMP mod_unload
parm: debug_level:int
parm: swenc:Set to 1 for software crypto (default 0)
 (bool)
parm: ips:Set to 0 to not use link power save (default 1)
 (bool)
parm: swlps:Set to 1 to use SW control power save (default 0)
 (bool)
parm: fwlps:Set to 1 to use FW control power save (default 1)
 (bool)
parm: msi:Set to 1 to use MSI interrupts mode (default 1)
 (bool)
parm: dma64:Set to 1 to use DMA 64 (default 0)
 (bool)
parm: aspm:Set to 1 to enable ASPM (default 1)
 (int)
parm: debug:Set debug level (0-5) (default 0)
parm: debug_mask:Set debug mask (default 0) (ullong)
parm: disable_watchdog:Set to 1 to disable the watchdog (default 0)
 (bool)
$

So, the driver was previously unsigned, then signed and included in the original Ubuntu kernel for 18.10, then subsequently unsigned during an update somewhere along the way?

That doesn't make sense to me - would have to try and find upstream to work out what has happened.
Larry Finger suggests that Realtek has rewritten the driver and his GitHub repo is only for older kernels that do not already ship the r8822be driver. 4.21 is quoted as when this new driver will drop.

https://github.com/lwfinger/rtlwifi_new/issues/408#issuecomment-426299298

The drivers in staging won't get loaded when lockdown is enabled to provide safety. There's a list to override behavior though.

The r8822be in its current form defaults to enable debugfs, which can be less secure as it exposes and extra interface to userspace. But we are not sure if the driver still works once the debugfs gets disabled, so please test this kernel:
https://people.canonical.com/~khfeng/lp1806472/

Once we are sure r8822be still works when debugfs is disabled, we can include this fix to Cosmic.

Hey,

This kernel seems to be working fine on a fresh install of KDE Neon (based on Bionic). I had to roll back due to other reasons, but installing this kernel has fixed it for me here. If you require any logs let me know.

Short of reinstalling to 18.10 I haven't got a way to test it on there, unfortunately.

Hopefully it won't break when Realtek releases the rewritten driver :)

This bug was fixed in the package linux - 4.19.0-12.13

---------------
linux (4.19.0-12.13) disco; urgency=medium

  * linux: 4.19.0-12.13 -proposed tracker (LP: #1813664)

  * kernel oops in bcache module (LP: #1793901)
    - SAUCE: bcache: never writeback a discard operation

  * Disco update: 4.19.18 upstream stable release (LP: #1813611)
    - ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped address
    - mlxsw: spectrum: Disable lag port TX before removing it
    - mlxsw: spectrum_switchdev: Set PVID correctly during VLAN deletion
    - net: dsa: mv88x6xxx: mv88e6390 errata
    - net, skbuff: do not prefer skb allocation fails early
    - qmi_wwan: add MTU default to qmap network interface
    - ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses
    - net: clear skb->tstamp in bridge forwarding path
    - netfilter: ipset: Allow matching on destination MAC address for mac and
      ipmac sets
    - gpio: pl061: Move irq_chip definition inside struct pl061
    - drm/amd/display: Guard against null stream_state in set_crc_source
    - drm/amdkfd: fix interrupt spin lock
    - ixgbe: allow IPsec Tx offload in VEPA mode
    - platform/x86: asus-wmi: Tell the EC the OS will handle the display off
      hotkey
    - e1000e: allow non-monotonic SYSTIM readings
    - usb: typec: tcpm: Do not disconnect link for self powered devices
    - selftests/bpf: enable (uncomment) all tests in test_libbpf.sh
    - of: overlay: add missing of_node_put() after add new node to changeset
    - writeback: don't decrement wb->refcnt if !wb->bdi
    - serial: set suppress_bind_attrs flag only if builtin
    - bpf: Allow narrow loads with offset > 0
    - ALSA: oxfw: add support for APOGEE duet FireWire
    - x86/mce: Fix -Wmissing-prototypes warnings
    - MIPS: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur
    - crypto: ecc - regularize scalar for scalar multiplication
    - arm64: perf: set suppress_bind_attrs flag to true
    - drm/atomic-helper: Complete fake_commit->flip_done potentially earlier
    - clk: meson: meson8b: fix incorrect divider mapping in cpu_scale_table
    - samples: bpf: fix: error handling regarding kprobe_events
    - usb: gadget: udc: renesas_usb3: add a safety connection way for
      forced_b_device
    - fpga: altera-cvp: fix probing for multiple FPGAs on the bus
    - selinux: always allow mounting submounts
    - ASoC: pcm3168a: Don't disable pcm3168a when CONFIG_PM defined
    - scsi: qedi: Check for session online before getting iSCSI TLV data.
    - drm/amdgpu: Reorder uvd ring init before uvd resume
    - rxe: IB_WR_REG_MR does not capture MR's iova field
    - efi/libstub: Disable some warnings for x86{,_64}
    - jffs2: Fix use of uninitialized delayed_work, lockdep breakage
    - clk: imx: make mux parent strings const
    - pstore/ram: Do not treat empty buffers as valid
    - media: uvcvideo: Refactor teardown of uvc on USB disconnect
    - powerpc/xmon: Fix invocation inside lock region
    - powerpc/pseries/cpuidle: Fix preempt warning
    - media: firewire: Fix app_info parameter type in avc_ca{,_app}_info
    - ASoC: use dma_ops of parent device for acp_audio_dma
    - media: ve...

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-cosmic' to 'verification-done-cosmic'. If the problem still exists, change the tag 'verification-needed-cosmic' to 'verification-failed-cosmic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Didn't test this on a full install but enabled the 4.18.0-16 signed kernel through the cosmic-proposed repository on a Bionic install. Works fine! mokutil reports secure-boot enabled and release shows as 4.18.0-16 :)

It should be noted that just installing this kernel itself did not fix the issue, the kernel-modules-extra package must be installed!

Thanks.

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This looks like it works on 4.15.0-46-generic #49 now. Wifi seems to be working while booted in secure mode.

modinfo attached showing it as signed with ver PKCS#7 / md4

lappy5k:~$ uname -a
Linux lappy5k 4.15.0-46-generic #49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

lappy5k:~$ mokutil --sb-state
SecureBoot enabled

lappy5k:~$ cat iwconfig-info.txt
wlo1 IEEE 802.11 ESSID:"LEDE"
          Mode:Managed Frequency:2.412 GHz Access Point: 16:91:82:35:66:B8
          Bit Rate=144.4 Mb/s Tx-Power=20 dBm
          Retry short limit:7 RTS thr=2347 B Fragment thr:off
          Encryption key:off
          Power Management:on
          Link Quality=61/70 Signal level=-49 dBm
          Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
          Tx excessive retries:0 Invalid misc:3 Missed beacon:0

lappy5k:~$ cat /etc/os-release
NAME="Ubuntu"
VERSION="18.04.2 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.2 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic

This bug was fixed in the package linux - 4.15.0-46.49

---------------
linux (4.15.0-46.49) bionic; urgency=medium

  * linux: 4.15.0-46.49 -proposed tracker (LP: #1814726)

  * mprotect fails on ext4 with dax (LP: #1799237)
    - x86/speculation/l1tf: Exempt zeroed PTEs from inversion

  * kernel BUG at /build/linux-vxxS7y/linux-4.15.0/mm/slub.c:296! (LP: #1812086)
    - iscsi target: fix session creation failure handling
    - scsi: iscsi: target: Set conn->sess to NULL when iscsi_login_set_conn_values
      fails
    - scsi: iscsi: target: Fix conn_ops double free

  * user_copy in user from ubuntu_kernel_selftests failed on KVM kernel
    (LP: #1812198)
    - selftests: user: return Kselftest Skip code for skipped tests
    - selftests: kselftest: change KSFT_SKIP=4 instead of KSFT_PASS
    - selftests: kselftest: Remove outdated comment

  * RTL8822BE WiFi Disabled in Kernel 4.18.0-12 (LP: #1806472)
    - SAUCE: staging: rtlwifi: allow RTLWIFI_DEBUG_ST to be disabled
    - [Config] CONFIG_RTLWIFI_DEBUG_ST=n
    - SAUCE: Add r8822be to signature inclusion list

  * kernel oops in bcache module (LP: #1793901)
    - SAUCE: bcache: never writeback a discard operation

  * CVE-2018-18397
    - userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
    - userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
    - userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas
    - userfaultfd: shmem: add i_size checks
    - userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set

  * Ignore "incomplete report" from Elan touchpanels (LP: #1813733)
    - HID: i2c-hid: Ignore input report if there's no data present on Elan
      touchpanels

  * Vsock connect fails with ENODEV for large CID (LP: #1813934)
    - vhost/vsock: fix vhost vsock cid hashing inconsistent

  * SRU: Fix thinkpad 11e 3rd boot hang (LP: #1804604)
    - ACPI / LPSS: Force LPSS quirks on boot

  * Bionic update: upstream stable patchset 2019-01-17 (LP: #1812229)
    - scsi: sd_zbc: Fix variable type and bogus comment
    - KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in
      parallel.
    - x86/apm: Don't access __preempt_count with zeroed fs
    - x86/events/intel/ds: Fix bts_interrupt_threshold alignment
    - x86/MCE: Remove min interval polling limitation
    - fat: fix memory allocation failure handling of match_strdup()
    - ALSA: hda/realtek - Add Panasonic CF-SZ6 headset jack quirk
    - ARCv2: [plat-hsdk]: Save accl reg pair by default
    - ARC: Fix CONFIG_SWAP
    - ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
    - ARC: mm: allow mprotect to make stack mappings executable
    - mm: memcg: fix use after free in mem_cgroup_iter()
    - mm/huge_memory.c: fix data loss when splitting a file pmd
    - cpufreq: intel_pstate: Register when ACPI PCCH is present
    - vfio/pci: Fix potential Spectre v1
    - stop_machine: Disable preemption when waking two stopper threads
    - drm/i915: Fix hotplug irq ack on i965/g4x
    - drm/nouveau: Use drm_connector_list_iter_* for iterating connectors
    - drm/nouveau: Avoid looping through fake MST connectors
    - gen_stats: Fix netl...

This bug was fixed in the package linux - 4.18.0-16.17

---------------
linux (4.18.0-16.17) cosmic; urgency=medium

  * linux: 4.18.0-16.17 -proposed tracker (LP: #1814749)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts

  * CVE-2018-16880
    - vhost: fix OOB in get_rx_bufs()

  * RTL8822BE WiFi Disabled in Kernel 4.18.0-12 (LP: #1806472)
    - SAUCE: staging: rtlwifi: allow RTLWIFI_DEBUG_ST to be disabled
    - [Config] CONFIG_RTLWIFI_DEBUG_ST=n
    - SAUCE: Add r8822be to signature inclusion list

  * kernel oops in bcache module (LP: #1793901)
    - SAUCE: bcache: never writeback a discard operation

  * CVE-2018-18397
    - userfaultfd: use ENOENT instead of EFAULT if the atomic copy user fails
    - userfaultfd: shmem: allocate anonymous memory for MAP_PRIVATE shmem
    - userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas
    - userfaultfd: shmem: add i_size checks
    - userfaultfd: shmem: UFFDIO_COPY: set the page dirty if VM_WRITE is not set

  * Ignore "incomplete report" from Elan touchpanels (LP: #1813733)
    - HID: i2c-hid: Ignore input report if there's no data present on Elan
      touchpanels

  * Vsock connect fails with ENODEV for large CID (LP: #1813934)
    - vhost/vsock: fix vhost vsock cid hashing inconsistent

  * Fix non-working pinctrl-intel (LP: #1811777)
    - pinctrl: intel: Do pin translation in other GPIO operations as well

  * ip6_gre: fix tunnel list corruption for x-netns (LP: #1812875)
    - ip6_gre: fix tunnel list corruption for x-netns

  * Backported commit breaks audio (fixed upstream) (LP: #1811566)
    - ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0
    - ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook
      Clapper
    - ASoC: intel: cht_bsw_max98090_ti: Add pmc_plt_clk_0 quirk for Chromebook
      Gnawty

  * kvm_stat : missing python dependency (LP: #1798776)
    - tools/kvm_stat: switch to python3

  * [SRU] Fix Xorg crash with nomodeset when BIOS enable 64-bit fb addr
    (LP: #1812797)
    - vgaarb: Add support for 64-bit frame buffer address
    - vgaarb: Keep adding VGA device in queue

  * Fix non-working QCA Rome Bluetooth after S3 (LP: #1812812)
    - USB: Add new USB LPM helpers
    - USB: Consolidate LPM checks to avoid enabling LPM twice

  * [SRU] IO's are issued with incorrect Scatter Gather Buffer (LP: #1795453)
    - scsi: megaraid_sas: Use 63-bit DMA addressing

  * x86/mm: Found insecure W+X mapping at address (ptrval)/0xc00a0000
    (LP: #1813532)
    - x86/mm: Do not warn about PCI BIOS W+X mappings

  * CVE-2019-6133
    - fork: record start_time late

  * Fix not working Goodix touchpad (LP: #1811929)
    - HID: i2c-hid: Disable runtime PM on Goodix touchpad

  * bluetooth controller not detected with 4.15 kernel (LP: #1810797)
    - SAUCE: btqcomsmd: introduce BT_QCOMSMD_HACK
    - [Config] arm64: snapdragon: BT_QCOMSMD_HACK=y

  * X1 Extreme: only one of the two SSDs is loaded (LP: #1811755)
    - nvme-core: rework a NQN copying operation
    - nvme: pad fake subsys NQN vid and ssvid with zeros
    - nvme: introduce NVME_QUIRK_IGNORE_DEV_SUBNQN

  * Crash on "ip link add f...