Public bug reported:
## Testing Environment:
Lenovo Thinkpad P50, fresh install of Ubuntu 16.04
$ apt-cache policy mokutil
mokutil:
Installed: 0.3.0-0ubuntu3
Candidate: 0.3.0-0ubuntu3
Version table:
*** 0.3.0-0ubuntu3 500
500 http://cn.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
$ apt-cache policy shim
shim:
Installed: 0.8-0ubuntu2
Candidate: 0.8-0ubuntu2
Version table:
*** 0.8-0ubuntu2 500
500 http://cn.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
## Steps to reproduce:
(1) do not disable SecureBoot as suggested during the install.
(2) install virtualbox-5.0 from the virtualbox ppa (deb
http://download.virtualbox.org/virtualbox/debian xenial contrib)
(3) Follow instructions here to manually sign the vboxdrv kernel module
(https://askubuntu.com/questions/760671/could-not-load-vboxdrv-after-
upgrade-to-ubuntu-16-04-and-i-want-to-keep-secur/768310#768310)
$ openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER
-out MOK.der -nodes -days 36500 -subj "/CN=Descriptive name/"
$ sudo /usr/src/linux-headers-$(uname -r)/scripts/sign-file sha256
./MOK.priv ./MOK.der $(modinfo -n vboxdrv)
$ sudo mokutil --import MOK.der
(enter password)
(4) reboot, click "enroll mok", "continue", "yes", enter password,
(screenshots here: https://sourceware.org/systemtap/wiki/SecureBoot)
## Expected behavior:
new mok will be enrolled and I will be asked to reboot (several users
from the original askubuntu answer indicated that these exact steps
worked for them.
## Actual behaviour:
"Error: Failed to set variable: (2) Invalid Parameter"
## Troubleshooting steps taken:
- tried different passwords, and was able to eliminate that being the cause.
- found relevant lines of code producing the error: lines 919-931 in
https://github.com/rhinstaller/shim/blob/master/MokManager.c
/# C code
efi_status = uefi_call_wrapper(RT->SetVariable, 5, db_name,
&shim_lock_guid,
EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_APPEND_WRITE,
MokNewSize, MokNew);
}
if (efi_status != EFI_SUCCESS) {
console_error(L"Failed to set variable", efi_status);
return efi_status;
}
C Code #/
- unable to find where uefi_call_wrapper() is defined
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: mokutil 0.3.0-0ubuntu3
ProcVersionSignature: Ubuntu 4.4.0-28.47-generic 4.4.13
Uname: Linux 4.4.0-28-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: Unity
Date: Sat Jul 9 18:56:59 2016
InstallationDate: Installed on 2016-07-08 (0 days ago)
InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
SourcePackage: mokutil
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: mokutil (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug mokutil shim xenial
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1600452
Title:
"Failed to set variable: (2) Invalid Parameter" when enrolling MOK
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mokutil/+bug/1600452/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
