Control: severity -1 important Control: forcemerge -1 825141 Control: fixed -1 4.6.1-1 Control: found -1 5.4-1~exp1
On Mon, 2022-06-20 at 11:34 +0900, Ryutaroh Matsumoto wrote: > Package: src:linux > Version: 5.18.5-1 > Severity: normal > User: debian-ri...@lists.debian.org > Usertags: riscv64 > X-Debbugs-Cc: debian-ri...@lists.debian.org > > Dear Maintainer, > > I do not expect a kernel module in a genuine Debian kernel package > taints a kernel. But I see the following message in dmesg on > QEMU RISCV64 virt machine: > > [ 8.038025] virtio_ring: module verification failed: signature and/or > required key missing - tainting kernel [...] Yes, this is not right. Ideally we would be signing modules on all architectures, but currently we don't do that. We should configure the kernel not to expect signatures on other architectures, but these settings have got out of sync. This was broken and then fixed once before, so I'm merging this with the earlier report and noting the version where this seems to have regressed. Ben. -- Ben Hutchings Any smoothly functioning technology is indistinguishable from a rigged demo.
signature.asc
Description: This is a digitally signed message part
