r8152 tx status -71

Trying rmmod r8169 && modprobe r8169 doesn't seem to work:

[ 1273.946335] r8169 0000:02:00.0: can't disable ASPM; OS doesn't have ASPM control
[ 1273.964669] libphy: r8169: probed
[ 1273.965172] r8169 0000:02:00.0 eth0: RTL8168ep/8111ep, 8c:8c:aa:1d:93:ca, XID 502, IRQ 48
[ 1273.965178] r8169 0000:02:00.0 eth0: jumbo features [frames: 9194 bytes, tx checksumming: ko]
[ 1273.970331] r8169 0000:02:00.0 enp2s0f0: renamed from eth0
[ 1274.041619] Generic FE-GE Realtek PHY r8169-200:00: attached PHY driver [Generic FE-GE Realtek PHY] (mii_bus:phy_addr=r8169-200:00, irq=IGNORE)
[ 1274.157641] r8169 0000:02:00.0 enp2s0f0: Link is Down
[ 1304.326079] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1322.474202] wlp3s0: deauthenticating from b0:95:75:04:6f:ea by local choice (Reason: 3=DEAUTH_LEAVING)
[ 1337.865675] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1338.837702] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1339.896810] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1339.905573] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1340.469696] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1340.566179] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.494091] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.505622] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.803331] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1341.817618] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1342.998669] net_ratelimit: 5 callbacks suppressed
[ 1342.998713] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1343.979560] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1344.064021] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 1344.635990] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

Finally, powering the notebook off (which seemingly also powered the docking station off) then on after a couple of seconds seem to be working as a workaround - the network works perfectly while the computer is turned on.

This change was made by a bot.

I need to correct myself: the card stopped working out of the blue and started to print Tx status -71 to dmesg. So the statement "network works perfectly while the computer is turned on" is not true.

Excerpt from the dmesg:

[11284.014421] audit: type=1400 audit(1617704946.490:148): apparmor="DENIED" operation="capable" profile="/snap/snapd/11588/usr/lib/snapd/snap-confine" pid=24752 comm="snap-confine" capability=4 capname="fsetid"
[11292.590915] audit: type=1400 audit(1617704955.062:149): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/udev/data/c510:0" pid=24752 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[11292.590920] audit: type=1400 audit(1617704955.062:150): apparmor="DENIED" operation="open" profile="snap.chromium.chromium" name="/run/udev/data/c510:1" pid=24752 comm="ThreadPoolForeg" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[11328.103406] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.111513] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.119627] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.127759] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.135889] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.144009] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.152141] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.160250] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.168395] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11328.176506] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11333.085154] retire_capture_urb: 2492 callbacks suppressed
[11333.110654] net_ratelimit: 596 callbacks suppressed
[11333.110660] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11333.118785] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[11333.126913] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

Interestingly, the card does not seem to act as an USB device, but rather as a PCI device. That's weird, since the card is located on a docking station which is connected to the computer via USB. I guess this is because Thunderbolt-over-USB or similar?

~> lspci|grep -i eth
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0e)

BUT the Network Manager says "USB Ethernet" for the docking station ethernet port, so perhaps the PCI device refers to the ethernet "dongle" which can be attached to the computer? Yes: Network Manager says "PCI Ethernet Connected" when I plug the cable into the dongle.

Found it:

~> lsusb -t|grep r8
        |__ Port 1: Dev 3, If 0, Class=Vendor Specific Class, Driver=r8152, 5000M

It's this guy (even though lsusb says "USB3.1 Hub"):
Bus 005 Device 003: ID 17ef:a387 Lenovo USB3.1 Hub

Indeed this page confirms this finding: https://linux-hardware.org/index.php?id=usb:17ef-a387 : Lenovo USB-C Dock Ethernet

I've seen comments regarding using usbcore.quirks; I'll try usbcore.quirks=17ef:a387:k in order to disable the link power management.

Okay the network seems to be working so far, this is encouraging, I'll observe and let you know.

Indeed: the PCI device is controlled by a different kernel driver (r8169) as shown via lspci -k:

02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 0e)
 Subsystem: Lenovo RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
 Kernel driver in use: r8169
 Kernel modules: r8169

Therefore, we can safely ignore this PCI device and focus on the USB device 17ef:a387 controlled by the r8152 driver.

The "usbcore.quirks=17ef:a387:k" kernel parameter workaround seems to be working excellent so far!

Is it possible to send a kernel patch for it? Thanks!

I placed the parameter into /etc/default/grub as follows:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash usbcore.quirks=17ef:a387:k"

I'm not sure how to create a patch from that.

Right, I wrote on for this issue:
https://lkml.org/lkml/2021/4/12/1112

Oh, I misunderstood you then. Awesome work with the patch, it would be great to have that directly in the kernel.

Hold on please, it looks like the bug is back - upon a boot I'm randomly getting

[ 271.935097] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 272.959356] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 273.983324] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

even though I have the kernel parameter usbcore.quirks=17ef:a387:k . Now I'm running Ubuntu 21.04 using kernel 5.11.0-16-generic. lsusb now identifies the device correctly:

Bus 005 Device 003: ID 17ef:a387 Lenovo USB-C Dock Ethernet

So, the k option, while improving the situation, doesn't seem to solve it fully.

Maybe the Lenovo USB3.1 Hub device would benefit from having the 'k' parameter? I'll try.

> So, the k option, while improving the situation, doesn't seem to solve it fully.

Or maybe the new kernel enabled link power management for the "Lenovo USB3.1 Hub" devices?

The devices in question (excerpt from `lsusb`):

Bus 005 Device 003: ID 17ef:a393 Lenovo USB3.1 Hub
Bus 005 Device 004: ID 17ef:a387 Lenovo USB-C Dock Ethernet
Bus 005 Device 002: ID 17ef:a391 Lenovo USB3.1 Hub

I've therefore started using usbcore.quirks=17ef:a387:k,17ef:a393:k,17ef:a391:k , I'll test and post more.

It did not help, I'm still getting

[ 299.648322] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 300.672037] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71
[ 301.695990] r8152 5-1.1:1.0 enx482ae3a2a6f0: Tx status -71

on kernel 5.11.0-16-generic. As if the USB_QUIRK_NO_LPM quirk is no longer taken into effect... Or maybe there was an update to the docking station's firmware (via the Lenovo Windows app) and that's when the problem reappeared? Or was it that the problem reappeared because of kernel v bump? Hard to say.

Can you please attach full dmesg with parameter "usbcore.quirks=17ef:a387:k,17ef:a393:k,17ef:a391:k"?

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

I've successfully upgraded to 5.11.0-18-generic and removed all usbcore.quirks kernel parameters; so far everything is working. I'll test more and I'll update the tags tomorrow appropriately.

I confirm that the situation improved a lot, I'm not getting the error anymore.

Upstream stable patch from 5.11.19 referred to this bug.

Patch came to 20.04/Focal via v5.4.117 stable.

The fix for this bug has been applied to 18.04 Bionic kernel as part of " Bionic update: upstream stable patchset 2021-05-25" (bug 1929603).

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-hirsute' to 'verification-done-hirsute'. If the problem still exists, change the tag 'verification-needed-hirsute' to 'verification-failed-hirsute'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This patch has been applied to Groovy (20.10) via upstream stable update (bug 1929132).

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-groovy' to 'verification-done-groovy'. If the problem still exists, change the tag 'verification-needed-groovy' to 'verification-failed-groovy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug was fixed in the package linux - 5.11.0-20.21+21.10.1

---------------
linux (5.11.0-20.21+21.10.1) impish; urgency=medium

  * impish/linux: 5.11.0-20.21+21.10.1 -proposed tracker (LP: #1930056)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  [ Ubuntu: 5.11.0-20.21 ]

  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)
  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

  [ Ubuntu: 5.11.0-19.20 ]

  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve ra...

This bug was fixed in the package linux - 5.11.0-22.23

---------------
linux (5.11.0-22.23) hirsute; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.11.0-20.21) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)

  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

linux (5.11.0-19.20) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - ...

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

  * groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one...

This bug was fixed in the package linux - 5.4.0-77.86

---------------
linux (5.4.0-77.86) focal; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.4.0-76.85) focal; urgency=medium

  * focal/linux: 5.4.0-76.85 -proposed tracker (LP: #1932123)

  * Upstream v5.9 introduced 'module' patches that removed exported symbols
    (LP: #1932065)
    - SAUCE: Revert "modules: inherit TAINT_PROPRIETARY_MODULE"
    - SAUCE: Revert "modules: return licensing information from find_symbol"
    - SAUCE: Revert "modules: rename the licence field in struct symsearch to
      license"
    - SAUCE: Revert "modules: unexport __module_address"
    - SAUCE: Revert "modules: unexport __module_text_address"
    - SAUCE: Revert "modules: mark each_symbol_section static"
    - SAUCE: Revert "modules: mark find_symbol static"
    - SAUCE: Revert "modules: mark ref_module static"

linux (5.4.0-75.84) focal; urgency=medium

  * focal/linux: 5.4.0-75.84 -proposed tracker (LP: #1930032)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: remove unnecessary discard limi...

This bug was fixed in the package linux - 4.15.0-147.151

---------------
linux (4.15.0-147.151) bionic; urgency=medium

  * CVE-2021-3444
    - bpf: Fix truncation handling for mod32 dst reg wrt zero

  * CVE-2021-3600
    - SAUCE: bpf: Do not use ax register in interpreter on div/mod
    - bpf: fix subprog verifier bypass by div/mod by 0 exception
    - SAUCE: bpf: Fix 32-bit register truncation on div/mod instruction

linux (4.15.0-146.150) bionic; urgency=medium

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (4.15.0-145.149) bionic; urgency=medium

  * bionic/linux: 4.15.0-145.149 -proposed tracker (LP: #1929967)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout

  * CVE-2021-23133
    - sctp: delay auto_asconf init until binding the first addr

  * Bionic update: upstream stable patchset 2021-05-25 (LP: #1929603)
    - Input: nspire-keypad - enable interrupts only when opened
    - dmaengine: dw: Make it dependent to HAS_IOMEM
    - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
    - arc: kernel: Return -EFAULT if copy_to_user() fails
    - neighbour: Disregard DEAD dst in neigh_update
    - ARM: keystone: fix integer overflow warning
    - ASoC: fsl_esai: Fix TDM slot setup for I2S mode
    - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state
    - net: ieee802154: stop dump llsec keys for monitors
    - net: ieee802154: stop dump llsec devs for monitors
    - net: ieee802154: forbid monitor for add llsec dev
    - net: ieee802154: stop dump llsec devkeys for monitors
    - net: ieee802154: forbid monitor for add llsec devkey
    - net: ieee802154: stop dump llsec seclevels for monitors
    - net: ieee802154: forbid monitor for add llsec seclevel
    - pcnet32: Use pci_resource_len to validate PCI resource
    - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
    - Input: i8042 - fix Pegatron C15B ID entry
    - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices
    - readdir: make sure to verify directory entry for legacy interfaces too
    - arm64: fix inline asm in load_unaligned_zeropad()
    - arm64: alternatives: Move length validation in alternative_{insn, endif}
    - scsi: libsas: Reset num_scatter if libata marks qc as NODATA
    - netfilter: conntrack: do not print icmpv6 as unknown via /proc
    - netfilter: nft_limit: avoid possible divide error in nft_limit_init
    - net: davicom: Fix regulator not turned off on failed probe
    - net: sit: Unregister catch-all devices
    - i40e: fix the panic when running bpf in xdpdrv mode
    - ibmvnic: avoid calling napi_disable() twice
    - ibmvnic: remove duplicate napi_schedule call in do_reset function
  ...