Bug#935945: linux-image-5.2.0-2-amd64: does not load signed kernel modules when UEFI Secure Boot is enabled

I have this problem too and opened a duplicate #939773 earlier with some investigation. Rephrasing my investigation from that duplicate: In this kernel MOK key gets inserted into the .platform keyring (I see CONFIG_INTEGRITY_PLATFORM_KEYRING is set to true in the kernel config) which isn't used

Bug#935945: linux-image-5.2.0-2-amd64: does not load signed kernel modules when UEFI Secure Boot is enabled

I also have this problem and, unfortunately did not find this bug report earlier and opened a duplicate in #940181. As noted there, I believe the issue can be fixed by setting CONFIG_SECONDARY_TRUSTED_KEYRING=y in the kernel config.

Bug#935945: linux-image-5.2.0-2-amd64: does not load signed kernel modules when UEFI Secure Boot is enabled

Package: src:linux Version: 5.2.9-2 Severity: important Dear Maintainer, * What led up to the situation? I regularly update Debian Testing (bullseye) on multiple computers. Two days ago something broke when kernel update from 4.19 to 5.2 arrived. Could you please help me to troubleshoot