On Mon, Feb 9, 2015 at 4:58 PM, Sedat Dilek <[email protected]> wrote: > On Mon, Feb 9, 2015 at 4:44 PM, Greg Kroah-Hartman > <[email protected]> wrote: >> On Mon, Feb 09, 2015 at 04:35:53PM +0100, Sedat Dilek wrote: >>> Hi Greg, >>> >>> nice to see the kbuild and trace patches I was involved are in this series. >>> >>> Unfortunately, I see the following in my logs... >>> >>> [ 2.117022] Request for unknown module key 'Magrathea: Glacier >>> signing key: 009aa341bb673735a51dc34b238a0ca481d68098' err -11 >>> [ 2.117114] mii: module verification failed: signature and/or >>> required key missing - tainting kernel >>> >>> Not sure whom to CC. >>> I CCed Jeff as he worked on MII. >>> Signing key ---> Dave Howells? >>> >>> Attached are my kernel-config and dmesg output. >>> >>> Hope this helps. >>> >>> BTW, with v3.18.6 I haven't seen such output. >> >> Any way you could take the patches at >> https://git.kernel.org/cgit/linux/kernel/git/stable/stable-queue.git/ >> in the queue-3.18 directory and bisect them to see which patch causes >> the problem? I don't see any obvious patch in this series that would be >> the issue. >> > > [ CC Dave Howells ] > > Unfortunately, I make-distclean-ed my build-dir. > > Is simply the sign-key missing? > >> mii: module verification failed: signature and/or required key missing < >
To name it's called "x509.genkey". >From [1]: [ QUOTE ] Most notably, in the x509.genkey file, the req_distinguished_name section should be altered from the default: [ req_distinguished_name ] O = Magrathea CN = Glacier signing key emailAddress = [email protected] [ /QUOTE ] - Sedat - [1] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/module-signing.txt#n118 > Documentation/module-signing.txt lists Magrathea, so I CCed Dave. > Let's see what he says before doing a git-bisect session. > > I wanted to trough out the complete module-signing kernel-options for > a long time. > For test kernels it is simply not needed here. > > Sorry, for resending my files - build-log is attached as a new file. > > Hope this helps. > > BTW, why is there no MII maintainer listed in MAINTAINERS? > > ( No clue what MII has to do with module-signing, can someone explain? ) > > - Sedat - > > P.S.: Check the logs for mii and x509 patterns. > > $ egrep 'mii|x509' build-log_3.18.7-rc1-1-iniza-small.txt > ASN.1 crypto/asymmetric_keys/x509-asn1.c > ASN.1 crypto/asymmetric_keys/x509_rsakey-asn1.c > CC crypto/asymmetric_keys/x509_public_key.o > CC crypto/asymmetric_keys/x509-asn1.o > CC crypto/asymmetric_keys/x509_rsakey-asn1.o > CC crypto/asymmetric_keys/x509_cert_parser.o > LD crypto/asymmetric_keys/x509_key_parser.o > -batch -x509 -config x509.genkey \ > -outform DER -out signing_key.x509 \ > CERTS kernel/x509_certificate_list > - Including cert ./signing_key.x509 > CC [M] drivers/net/mii.o > CC drivers/net/mii.mod.o > LD [M] drivers/net/mii.ko > INSTALL drivers/net/mii.ko > > - EOT - -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
