Processed (with 3 errors): Re: Bug#1013249: virtio_ring: module verification failed: signature and/or required key missing - tainting kernel
Processing control commands: > severity -1 important Bug #1013249 [src:linux] virtio_ring: module verification failed: signature and/or required key missing - tainting kernel Severity set to 'important' from 'normal' > forcemerge -1 825141 Bug #1013249 [src:linux] virtio_ring: module verification failed: signature and/or required key missing - tainting kernel Unable to merge bugs because: package of #825141 is 'linux' not 'src:linux' Failed to forcibly merge 1013249: Did not alter merged bugs. > fixed -1 4.6.1-1 Failed to add fixed on 1013249: failed to get lock on /srv/bugs.debian.org/spool/lock/1013249 -- Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. at /usr/local/lib/site_perl/Debbugs/Common.pm line 650. > found -1 5.4-1~exp1 Failed to add found on 1013249: failed to get lock on /srv/bugs.debian.org/spool/lock/1013249 -- Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. Unable to lock /srv/bugs.debian.org/spool/lock/1013249 Resource temporarily unavailable at /usr/local/lib/site_perl/Debbugs/Common.pm line 692. at /usr/local/lib/site_perl/Debbugs/Common.pm line 650. -- 1013249: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013249 825141: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825141 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1013249: virtio_ring: module verification failed: signature and/or required key missing - tainting kernel
Control: severity -1 important Control: forcemerge -1 825141 Control: fixed -1 4.6.1-1 Control: found -1 5.4-1~exp1 On Mon, 2022-06-20 at 11:34 +0900, Ryutaroh Matsumoto wrote: > Package: src:linux > Version: 5.18.5-1 > Severity: normal > User: debian-ri...@lists.debian.org > Usertags: riscv64 > X-Debbugs-Cc: debian-ri...@lists.debian.org > > Dear Maintainer, > > I do not expect a kernel module in a genuine Debian kernel package > taints a kernel. But I see the following message in dmesg on > QEMU RISCV64 virt machine: > > [8.038025] virtio_ring: module verification failed: signature and/or > required key missing - tainting kernel [...] Yes, this is not right. Ideally we would be signing modules on all architectures, but currently we don't do that. We should configure the kernel not to expect signatures on other architectures, but these settings have got out of sync. This was broken and then fixed once before, so I'm merging this with the earlier report and noting the version where this seems to have regressed. Ben. -- Ben Hutchings Any smoothly functioning technology is indistinguishable from a rigged demo. signature.asc Description: This is a digitally signed message part
Bug#1013249: virtio_ring: module verification failed: signature and/or required key missing - tainting kernel
Package: src:linux Version: 5.18.5-1 Severity: normal User: debian-ri...@lists.debian.org Usertags: riscv64 X-Debbugs-Cc: debian-ri...@lists.debian.org Dear Maintainer, I do not expect a kernel module in a genuine Debian kernel package taints a kernel. But I see the following message in dmesg on QEMU RISCV64 virt machine: [8.038025] virtio_ring: module verification failed: signature and/or required key missing - tainting kernel The QEMU is running on Debian/testing amd64 with the following version: $ dpkg-query -W | fgrep qemu-system-misc qemu-system-misc1:7.0+dfsg-7 The QEMU is started as follows: qemu-system-riscv64 -machine virt,aclint=on,aia=none -m 4G -smp 4 -bios /usr/lib/riscv64-linux-gnu/opensbi/generic/fw_jump.elf -kernel /usr/lib/u-boot/qemu-riscv64_smode/uboot.elf -append "console=ttyS0 rw root=/dev/vda1" -netdev user,id=net0 -device virtio-net-pci,netdev=net0 -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0 -drive if=virtio,file=debian-sid-riscv64.qcow2,index=0,format=qcow2,discard=unmap,detect-zeroes=unmap -- Package-specific info: ** Version: Linux version 5.18.0-2-riscv64 (debian-kernel@lists.debian.org) (gcc-11 (Debian 11.2.0-20) 11.2.0, GNU ld (GNU Binutils for Debian) 2.38) #1 SMP Debian 5.18.5-1 (2022-06-16) ** Command line: root=UUID=031c42a9-74c5-4b38-8e78-87d5f1141c24 rw noquiet root=/dev/vda1 net.ifnames=0 consoleblank=0 rw ** Tainted: E (8192) * unsigned module was loaded ** Kernel log: [0.00] Linux version 5.18.0-2-riscv64 (debian-kernel@lists.debian.org) (gcc-11 (Debian 11.2.0-20) 11.2.0, GNU ld (GNU Binutils for Debian) 2.38) #1 SMP Debian 5.18.5-1 (2022-06-16) [0.00] OF: fdt: Ignoring memory range 0x8000 - 0x8020 [0.00] Machine model: riscv-virtio,qemu [0.00] efi: UEFI not found. [0.00] NUMA: No NUMA configuration found [0.00] NUMA: Faking a node at [mem 0x8020-0x00017fff] [0.00] NUMA: NODE_DATA [mem 0x17ffedbc0-0x17ffeefff] [0.00] Zone ranges: [0.00] DMA32[mem 0x8020-0x] [0.00] Normal [mem 0x0001-0x00017fff] [0.00] Movable zone start for each node [0.00] Early memory node ranges [0.00] node 0: [mem 0x8020-0x00017fff] [0.00] Initmem setup node 0 [mem 0x8020-0x00017fff] [0.00] On node 0, zone DMA32: 512 pages in unavailable ranges [0.00] SBI specification v0.3 detected [0.00] SBI implementation ID=0x1 Version=0x1 [0.00] SBI TIME extension detected [0.00] SBI IPI extension detected [0.00] SBI RFENCE extension detected [0.00] SBI SRST extension detected [0.00] SBI HSM extension detected [0.00] riscv: base ISA extensions acdfhim [0.00] riscv: ELF capabilities acdfim [0.00] percpu: cpu 0 has no node -1 or node-local memory [0.00] percpu: Embedded 27 pages/cpu s72744 r8192 d29656 u110592 [0.00] pcpu-alloc: s72744 r8192 d29656 u110592 alloc=27*4096 [0.00] pcpu-alloc: [0] 0 [0] 1 [0] 2 [0] 3 [0.00] Fallback order for Node 0: 0 [0.00] Built 1 zonelists, mobility grouping on. Total pages: 1031688 [0.00] Policy zone: Normal [0.00] Kernel command line: root=UUID=031c42a9-74c5-4b38-8e78-87d5f1141c24 rw noquiet root=/dev/vda1 net.ifnames=0 consoleblank=0 rw [0.00] Unknown kernel command line parameters "noquiet", will be passed to user space. [0.00] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, linear) [0.00] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [0.00] mem auto-init: stack:off, heap alloc:on, heap free:off [0.00] software IO TLB: mapped [mem 0xfb73a000-0xff73a000] (64MB) [0.00] Memory: 2079280K/4192256K available (7539K kernel code, 5095K rwdata, 4096K rodata, 2456K init, 426K bss, 252764K reserved, 0K cma-reserved) [0.00] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1 [0.00] ftrace: allocating 28720 entries in 113 pages [0.00] ftrace: allocated 113 pages with 4 groups [0.00] trace event string verifier disabled [0.00] rcu: Hierarchical RCU implementation. [0.00] rcu: RCU restricting CPUs from NR_CPUS=8 to nr_cpu_ids=4. [0.00] Rude variant of Tasks RCU enabled. [0.00] Tracing variant of Tasks RCU enabled. [0.00] rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies. [0.00] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4 [0.00] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0 [0.00] riscv-intc: 64 local interrupts mapped [0.00] plic: plic@c00: mapped 53 interrupts with 4 handlers for 8 contexts. [0.00] riscv_timer_init_dt: Registering clocksource cpuid