[SRU] [D/E/Unstable] [Pull] Enable Realtek Wireless Lan 8723DE
kai.heng.feng at canonical.com
Tue Sep 17 15:07:21 UTC 2019
On Wed, Sep 11, 2019 at 7:35 PM Seth Forshee <seth.forshee at canonical.com> wrote:
> On Thu, Sep 05, 2019 at 02:05:47AM +0800, Kai-Heng Feng wrote:
> > BugLink: https://bugs.launchpad.net/bugs/1780590
> > [Impact]
> > There's no in-kernel support for Realtek 8723DE, so users need to use
> > out-of-tree DKMS which is not from Ubuntu archive. This has security
> > implication and should be avoided. Also this provides pretty bad user
> > experience.
> > [Fix]
> > Add support to Realtek 8723DE.
> > All commits are cherry-picked from Realtek maintained repo:
> > https://github.com/rtlwifi-linux/rtw88_8723de
> > [Test]
> > With the patch series applied, 8723DE can scan and connect to APs
> > succesfully. Also did some S3 smoke test, it continues to work.
> > [Regression Potential]
> > Low. The device in question was never supported, and if there's any
> > regression, we can count on Realtek Wireless team, thy are now pretty
> > responsive on upstream mailing list.
> I have not had a chance to review this yet, however I did want to ask --
> has the driver been reviewed to ensure that it is suitable to be signed
> by the build-time ephemaral module signing key? I.e. it does not expose
> any interfaces to userspace which would compromise kernel lockdown?
The debugfs is enabled as Kconfig suggested, and all debugfs entries
with write permission have input string checking, entries with read
permissions don't expose sensitive information. So it looks good
Furthermore, "debugfs: Restrict debugfs when the kernel is locked
down" should prevent malicious act from happening. Other than debugfs
there are no userspace interfaces are exposed.
More information about the kernel-team