------- Comment From [email protected] 2016-03-23 10:29 EDT------- Making comment from Mehmet Kayaalp external:
In the 4.4.0-15.31 kernel the reserved space is not filled with randomized bytes. The second step of the build seems to be skipped. ---quote--- make vmlinux scripts/insert-sys-cert -b vmlinux -c /dev/null make bzImage The 2nd step above changes the reserved memory to randomized. ---quote--- This results in a larger vmlinux when the key is inserted: ubuntu@ubuntu-xenial:~$ uname -a Linux ubuntu-xenial 4.4.0-15-generic #31-Ubuntu SMP Fri Mar 18 19:08:31 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux ubuntu@ubuntu-xenial:~$ sudo grep SYSTEM_EXTRA /boot/config-4.4.0-15-generic CONFIG_SYSTEM_EXTRA_CERTIFICATE=y CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096 ubuntu@ubuntu-xenial:~$ sudo ./insert-sys-cert -s /boot/System.map-4.4.0-15-generic -z /boot/vmlinuz-4.4.0-15-generic -c cert.x509 ... INFO: Inserted the contents of cert.x509 into ffffffff82075ffa. INFO: Used 1308 bytes out of 4096 bytes reserved. INFO: Executing: gzip -n -f -9 <vmlinux-PquuG7 >vmlinux-0ZuoLz ERROR: Increase in compressed size is not supported. ERROR: Old size was 6952429, new size is 6956652 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1558553 Title: IMA-appraisal is unusable in Ubuntu 16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1558553/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
