After getting xenial kernel 4.4.0-58.79, the following shows that bpa10x.ko module is signed:
<kernel-src-dir>/scripts/extract-module-sig.pl -k /lib/modules/4.4.0-58-generic/kernel/drivers/bluetooth/bpa10x.ko Read 19550 bytes from module file Found magic number at 19550 Found PKCS#7/CMS encapsulation Found 670 bytes of signature [3082029a06092a864886f70d010702a0] No key ID for PKCS#7 message type sig If executed against a staging module, I get: <kernel-src-dir>/scripts/extract-module-sig.pl -k /lib/modules/4.4.0-58-generic/kernel/drivers/staging/rtl8723au/r8723au.ko Read 845376 bytes from module file Magic number not found at 845376 Tagging bug as verified. ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1642368 Title: linux: Staging modules should be unsigned Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: In Progress Status in linux source package in Xenial: Fix Committed Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: Fix Released Bug description: Modules under the drivers/staging hierarchy get little attention when it comes to vulnerabilities. It is possible that memory mapping tricks that expose kernel internals would go unnoticed. Therefore, do not sign staging modules so that they cannot be loaded in a secure boot environment. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1642368/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp