[SRU] Patch for flicker and glitching on common LCD display panels, intel framebuffer

Can you please also test [1] on top of that fix?
[1] https://cgit.freedesktop.org/drm-tip/commit/?id=acca7762eb71bc05a8f28d29320d193150051f79

Hi Kai-Heng,

We built a combined patch (attached) from that commit and our initial patch and tested, and it seems to work even better. We tested on only one system, but we intend to test on all the glitchy systems to ensure it is stable.

That said, the commit you pointed out seems to work well in combination with our initial patch.

Thanks for the testing. I'll send an SRU once the patch hits linux-next.

My plan is to only backport to Ubuntu kernel >= 5.10 to minimize the regression risk on older kernels. What kernel version do you need this patch for?

Hi Kai-Heng:

Thank you for the response. Could we see this applied to 20.04 LTS (kernel 5.8)
as we do not ship non-LTS releases.

To help ensure the safety of this patch, we did extensive testing throughout the
weekend on 8 systems and 10 configurations.

We found the following:

1. The ‘Patched’ kernel FIXED ALL ISSUES for all flickering panels
2. The 'Patched' kernel systems CONTINUED TO WORK WELL an additional 5 systems
   tested, all with different panels
3. The 'Unpatched' kernel almost always caused severe flickering for susceptible
   systems after a single sleep-wake cycle or after warm
4. We saw similar flickering regardless of which GFX driver was used. Flickering
   was eliminated on all when the patch was applied.

The patch we provided and tested (https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1925685/+attachment/5491421/+files/drm-intel-both.patch
) combines the original patch with your proposed changes. We did this because
applying both patches sequentially resulted in a minor conflict. We encourage
you to try it to see for yourself. Your suggestion worked better than the original
proposal, as it fixed ALL issues on affected systems.

+---------------------------------------------------------------------------+
| Intel GFX Patch Test Results |
+-----------+----------+---------+-----------------+------------+-----------+
| CPU | GPUs | Driver | Panel | Unpatched | Patched |
+-----------+----------+---------+-----------------+------------+-----------+
| i7-10870H | i630 | Nouveau | LG Display | Bad Glitch | No Issues |
| 3 Samples | RTX 3060 | (USB) | LP156WFG-SPB3 | + Flicker | |
| | 3070 | | LGD Model 1573 | | |
| | 3080 | | | | |
+-----------+----------+---------+-----------------+------------+-----------+
| i7-10870H | i630 | Intel | LG Display | Bad Glitch | No Issues |
| | RTX 3060 | (NVMe) | LP156WFG-SPB3 | + Flicker | |
| | | | LGD Model 1573 | | |
+-----------+----------+---------+-----------------+------------+-----------+
| i7-10870H | i630 | Nvidia | LG Display | Bad Glitch | No Issues |
| | RTX 3060 | (NVMe) | LP156WFG-SPB3 | + Flicker | |
| | | | LGD Model 1573 | | |
+-----------+----------+---------+-----------------+------------+-----------+
| i7-10875H | i630 | Nouveau | LM156LF-1F02 | No Issues | No Issues |
| | RTX 2060 | (USB) | NCP Model 75 | | |
+-----------+----------+---------+-----------------+------------+-----------+
| i7-9750H | i630 | Nouveau | CMN N161HCA-GA1 | -- | No Issues |
| | RTX 2070 | (USB) | | | |
+-----------+----------+---------+-----------------+------------+-----------+
| i7-8750H | i630 | Nouveau | LGD Model 1472 | No Issues | No Issues |
| | GTX 1060 | (USB) | | | ...

Hi Kai-Heng:

Sorry for the awful formatting of the last comment. If you download the full text it is much more readable.

Sincerely, Mike

Eventually HWE kernel will switch to use 5.11 kernel, so it'll get fixed eventually.

Sadly, we can't wait that long, Kai-Heng. This is a patch that is critical to our operation and is causing money to be lost daily on machines we can't sell. There are other OEMs that are affected by this as well.

The aforementioned patch is headed to kernel 5.13, due out in June. If this weren't so time-sensitive, we could have just waited for that kernel or later kernels, such as what will land in 22.04 LTS. Unfortunately, that's a year away, which is an unacceptable wait time.

What you're currently asking us to do is wait until July/August for the HWE kernel to get updated prior to 20.04.3's release. That's also an unacceptable wait time as those are sales that we can't make in that time. We've been working with our ODM to try to resolve it from a hardware standpoint, but they're having a tough time accepting it as a defect since it works fine on Windows, so it must be a Linux thing (which is also unacceptable that Linux can even let this happen).

So, I guess I'm asking you (or someone else on the kernel team) to do the right thing. As you can see from Mike's post above, the testing we have done is extensive and uses the 5.8 kernel, and even tested on older machines. I understand your reluctance, but we're not simply a user having trouble with their machine, we're a company trying successfully to sell Ubuntu (Kubuntu, in this case) on laptops. We have a partnership with Canonical on this as well as the Kubuntu council as the only OEM allowed to use the Kubuntu name on its products.

Basically, "eventually" doesn't work for us, we need this ASAP, hence the "critical" priority.

Sounds like it's really important to you so it's compelling enough :)

I'll start the backport and SRU once it hits linux-next.

Timo, can we get an explanation for the "Won't Fix" status as it relates to Focal? This directly affects our business as we only use LTS, therefore Focal in this case.

Added linux-hwe-5.8 because that's really where the issues against Focal appear. I now understand why Timo marked as "Won't fix" since that's for the 5.4 kernel in Focal.

Status changed to 'Confirmed' because the bug affects multiple users.

FWIW, we found today that the CMN N161HCA-GA1 panel from the i7-9750H model also began flickering after resume from sleep. We tested the 5.8.0-50 patched kernel on this system and it also fixed this condition.

Please give this bug a better title, not just "certain hardware".

fyi, hwe kernels don't use bug trackers

https://lists.ubuntu.com/archives/kernel-team/2021-May/119972.html

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Installed and ran on systems containing issue. Kernel seemed to work flawlessly. We are going to roll with this kernel and resume sales of our systems.

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-hirsute' to 'verification-done-hirsute'. If the problem still exists, change the tag 'verification-needed-hirsute' to 'verification-failed-hirsute'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug was fixed in the package linux-oem-5.10 - 5.10.0-1029.30

---------------
linux-oem-5.10 (5.10.0-1029.30) focal; urgency=medium

  * focal/linux-oem-5.10: 5.10.0-1029.30 -proposed tracker (LP: #1930076)

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

linux-oem-5.10 (5.10.0-1028.29) focal; urgency=medium

  * focal/linux-oem-5.10: 5.10.0-1028.29 -proposed tracker (LP: #1929167)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * TGL-H system NV GPU fallen off the bus after resuming from s2idle with the
    external display connected via docking station (LP: #1929166)
    - SAUCE: ACPI: avoid NVIDIA GPU fallen with an _OSI string

  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - drm/i915: Tweaked Wa_14010685332 for all PCHs

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
    - Revert "USB: Add reset-resume quirk for WD19's Realtek Hub"

  * Support mic-mute on Dell's platform (LP: #1928750)
    - ASoC: rt715: add main capture switch and main capture volume
    - ASoC: rt715: remove kcontrols which no longer be used
    - ASoC: rt715: modification for code simplicity
    - platform/x86: Move all dell drivers to their own subdirectory
    - SAUCE: platform/x86: dell-privacy: Add support for Dell hardware privacy
    - SAUCE: ASoC: rt715:add micmute led state control supports
    - [Config] Update configs for Dell's E-Privacy

linux-oem-5.10 (5.10.0-1027.28) focal; urgency=medium

  * focal/linux-oem-5.10: 5.10.0-1027.28 -proposed tracker (LP: #1927620)

  * Introduce the 465 driver series, fabric-manager, and libnvidia-nscq
    (LP: #1925522)
    - debian/dkms-versions -- add NVIDIA 465 and migrate 450 to 460

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * On TGL platforms screen shows garbage when browsing website by scrolling
    mouse (LP: #1926579)
    - SAUCE: drm/i915/display: Disable PSR2 if TGL Display stepping is B1 from A0

  * Add s2idle support on AMD Renoir and Cezanne (LP: #1927067)
    - drm/amd/display: setup system context in dm_init
    - drm/amd/display: add S/G support for Renoir
    - drm/amdgpu: drop extra drm_kms_helper_poll_enable/disable calls
    - drm/amdgpu: use runpm flag rather than fbcon for kfd runtime suspend (v2)
    - drm/amdgpu: reset runpm flag if device suspend fails
    - drm/amdgpu: add s0i3 capacity check for s0i3 routine (v2)
    - drm/amdgpu: add amdgpu_gfx_state_change_set() set gfx power change entry
      (v2)
    - drm/amdgpu: update amdgpu device suspend/resume sequence for s0i3 support
    - drm/amd/pm: add gfx_state_change_set() for rn gfx power switch (v2)
    - drm/amdgpu: add judgement for suspend/resume sequence
    - drm/amdgpu/pm: no need GPU status set since
      mmnbif_gpu_BIF_DOORBELL_FENCE_CNTL added in FSDL
    - drm/amdgpu: fix shutdown and poweroff process failed with s0ix
    - drm/amdgpu: Only check for S0ix if AMD_PMC ...

Verified fixes work in Hirsute as well using above method.

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-groovy' to 'verification-done-groovy'. If the problem still exists, change the tag 'verification-needed-groovy' to 'verification-failed-groovy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Verified fixes work in Groovy as well using the above method.

This bug was fixed in the package linux - 5.11.0-20.21+21.10.1

---------------
linux (5.11.0-20.21+21.10.1) impish; urgency=medium

  * impish/linux: 5.11.0-20.21+21.10.1 -proposed tracker (LP: #1930056)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  [ Ubuntu: 5.11.0-20.21 ]

  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)
  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

  [ Ubuntu: 5.11.0-19.20 ]

  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one function
    - md/raid10: improve ra...

This bug was fixed in the package linux - 5.11.0-22.23

---------------
linux (5.11.0-22.23) hirsute; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.11.0-20.21) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-20.21 -proposed tracker (LP: #1930854)

  * ath11k WIFI not working in proposed kernel 5.11.0-19-generic (LP: #1930637)
    - bus: mhi: core: Download AMSS image from appropriate function

linux (5.11.0-19.20) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-19.20 -proposed tracker (LP: #1930075)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * AX201 BT will cause system could not enter S0i3 (LP: #1928047)
    - SAUCE: drm/i915: Tweaked Wa_14010685332 for all PCHs

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Select correct boot VGA when BIOS doesn't do it properly (LP: #1929217)
    - vgaarb: Use ACPI HID name to find integrated GPU

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - ...

This bug was fixed in the package linux - 5.8.0-59.66

---------------
linux (5.8.0-59.66) groovy; urgency=medium

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu

  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux (5.8.0-57.64) groovy; urgency=medium

  * groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)

  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux (5.8.0-56.63) groovy; urgency=medium

  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues

  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates

  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations

  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages

  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend

  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe

  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe

  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install

  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO

  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames

  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks

  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well

  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull the code that wait for blocked dev into one...

This bug was fixed in the package linux-hwe-5.8 - 5.8.0-59.66~20.04.1

---------------
linux-hwe-5.8 (5.8.0-59.66~20.04.1) focal; urgency=medium

  [ Ubuntu: 5.8.0-59.66 ]

  * UAF on CAN J1939 j1939_can_recv (LP: #1932209)
    - SAUCE: can: j1939: delay release of j1939_priv after synchronize_rcu
  * UAF on CAN BCM bcm_rx_handler (LP: #1931855)
    - SAUCE: can: bcm: delay release of struct bcm_op after synchronize_rcu

linux-hwe-5.8 (5.8.0-57.64~20.04.1) focal; urgency=medium

  * focal/linux-hwe-5.8: 5.8.0-57.64~20.04.1 -proposed tracker (LP: #1932046)

  [ Ubuntu: 5.8.0-57.64 ]

  * groovy/linux: 5.8.0-57.64 -proposed tracker (LP: #1932047)
  * pmtu.sh from selftests.net in linux ADT test failure with linux/5.8.0-56.63
    (LP: #1931731)
    - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb

linux-hwe-5.8 (5.8.0-56.63~20.04.1) focal; urgency=medium

  * focal/linux-hwe-5.8: 5.8.0-56.63~20.04.1 -proposed tracker (LP: #1930051)

  [ Ubuntu: 5.8.0-56.63 ]

  * groovy/linux: 5.8.0-56.63 -proposed tracker (LP: #1930052)
  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * scsi: storvsc: Parameterize number hardware queues (LP: #1930626)
    - scsi: storvsc: Parameterize number hardware queues
  * CVE-2021-33200
    - bpf: Wrap aux data inside bpf_sanitize_info container
    - bpf: Fix mask direction swap upon off reg sign change
    - bpf: No need to simulate speculative domain for immediates
  * CVE-2021-3490
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: verifier: fix ALU32 bounds tracking with
      bitwise ops"
    - gpf: Fix alu32 const subreg bound tracking on bitwise operations
  * CVE-2021-3489
    - SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-
      only ringbuf pages"
    - bpf: Prevent writable memory-mapping of read-only ringbuf pages
  * Realtek USB hubs in Dell WD19SC/DC/TB fail to work after exiting s2idle
    (LP: #1928242)
    - USB: Verify the port status when timeout happens during port suspend
  * CVE-2020-26145
    - ath10k: drop fragments with multicast DA for SDIO
    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
    - ath10k: drop fragments with multicast DA for PCIe
  * CVE-2020-26141
    - ath10k: Fix TKIP Michael MIC verification for PCIe
  * CVE-2020-24587
    - ath11k: Clear the fragment cache during key install
  * CVE-2020-24588
    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
    - cfg80211: mitigate A-MSDU aggregation attacks
    - mac80211: drop A-MSDUs on old ciphers
    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
  * CVE-2020-26139
    - mac80211: do not accept/forward invalid EAPOL frames
  * CVE-2020-24586 // CVE-2020-24587 // CVE-2020-24587 for such cases.
    - mac80211: extend protection against mixed key and fragment cache attacks
  * CVE-2020-24586 // CVE-2020-24587
    - mac80211: prevent mixed key and fragment cache attacks
    - mac80211: add fragment cache to sta_info
    - mac80211: check defrag PN against current frame
    - mac80211: prevent attacks on TKIP/WEP as well
  * CVE-2020-26147
    - mac80211: assure all fragments are encrypted
  * raid1...