[Kernel-packages] [Bug 1712804] Missing required logs.

Thu, 24 Aug 2017 05:41:42 -0700 

This bug is missing log files that will aid in diagnosing the problem.
While running an Ubuntu kernel (not a mainline or third-party kernel)
please enter the following command in a terminal window:

apport-collect 1712804

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.

** Changed in: linux (Ubuntu)
       Status: New => Incomplete

** Tags added: artful

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1712804

Title:
  4.12.0-11-generic rejects kernel modules signed with enrolled key

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  Hi,

  I've been signing my DKMS modules manually for some time and it was
  working just fine with 17.04 but since I upgraded to 17.10 and signing
  the modules again the kernel rejects them.

  Version: Ubuntu 4.12.0-11.12-generic 4.12.5

  ```
  $ sudo mokutil --import MOK.der 
  SKIP: MOK.der is already enrolled

  $ sudo /usr/src/linux-headers-4.12.0-11-generic/scripts/sign-file
  sha512 MOK.priv MOK.der
  /lib/modules/4.12.0-11-generic/updates/dkms/vboxdrv.ko

  $ sudo hexdump -C /lib/modules/4.12.0-11-generic/updates/dkms/vboxdrv.ko | 
tail
  00085530  73 59 c9 38 05 53 a3 95  df df c6 ca 93 ef ad 87  |sY.8.S..........|
  00085540  38 52 a4 41 4b b6 79 e7  1f 02 49 d7 ba 7c 60 21  |8R.AK.y...I..|`!|
  00085550  94 9a b8 c2 d2 73 68 91  fc e8 12 c1 e9 68 21 eb  |.....sh......h!.|
  00085560  55 d1 0b 6f 4e 04 ee b2  e7 a7 47 42 07 bb 0e 3b  |U..oN.....GB...;|
  00085570  8a fa 9c d0 7f 1e d5 af  92 8a a3 db 13 32 6d f1  |.............2m.|
  00085580  c0 c7 6a 31 c6 39 39 14  0d ec 19 73 7e 14 1b e6  |..j1.99....s~...|
  00085590  8d 1b 5c 7a 0c 26 00 00  02 00 00 00 00 00 00 00  |..\z.&..........|
  000855a0  01 8b 7e 4d 6f 64 75 6c  65 20 73 69 67 6e 61 74  |..~Module signat|
  000855b0  75 72 65 20 61 70 70 65  6e 64 65 64 7e 0a        |ure appended~.|
  000855be

  $ sudo modprobe vboxdrv
  modprobe: ERROR: could not insert 'vboxdrv': Required key not available
  ```

  dmesg shows:
  ```
  [260594.834844] PKCS#7 signature not signed with a trusted key
  ```

  It also seems like modinfo doesn't recognize/shows the signing
  details:

  ```
  $ sudo modinfo /lib/modules/4.12.0-11-generic/updates/dkms/vboxdrv.ko
  filename:       /lib/modules/4.12.0-11-generic/updates/dkms/vboxdrv.ko
  version:        5.1.26_Ubuntu r117224 (0x002a0000)
  license:        GPL
  description:    Oracle VM VirtualBox Support Driver
  author:         Oracle Corporation
  srcversion:     135FF31DCB56FAD62FFCD36
  depends:        
  vermagic:       4.12.0-11-generic SMP mod_unload 
  signat:         PKCS#7
  signer:         
  sig_key:        
  sig_hashalgo:   md4
  parm:           force_async_tsc:force the asynchronous TSC mode (int)
  ```

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1712804/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to