Public bug reported:
Summary
===========
When installing 19.04 on a device with secure boot enabled, there is an
option to install 3rd party drivers that requires to input a password
that will be asked again when rebooting to be able to enroll the keys.
The screen to enroll the keys has a 10 seconds timeout. If the user
misses this, the device boots without enrolling the keys, therefore all
the installed packages (such as nvidia dkms drivers) are unable to
execute. This results in a device where "Additional Drivers" states that
nvidia proprietary drivers are in use when they are actually not.
Steps to reproduce
===========
0. Pre-requisites: a device that requires proprietary drivers (typically, a
laptop with a nvidia discrete GPU)
1. Make sure the device has secure boot enabled and start 19.04 installation on
it
2. Select "Install 3rd party drivers" and input a password
3. When the install finishes, reboots
4. When the MOK screen appears (blue screen), wait until it times out (10
seconds)
5. Log in Ubuntu and go to the "Additional Drivers" tab of "Software & Updates"
program
Expected result
===========
5. Device is using default open source driver (nouveau in the case of
nvidia GPU)
Actual result
===========
5. "Additional drivers" tab states that "This device is using the
recommended driver" and the proprietary metapackage is checked (nvidia-
driver-418 in my case). nvidia-settings is also available, but it lacks
all the usual features and only has a PRIME Profile option to select
nvidia or Intel. No matter which is selected, "glxinfo | grep renderer"
returns Intel GPU.
In the logs, we can see things like:
Apr 24 15:28:52 u-Precision-5530 kernel: [ 1.512992] PKCS#7 signature not
signed with a trusted key
...
Apr 24 15:28:59 u-Precision-5530 nvidia-settings-autostart.desktop[2027]:
ERROR: NVIDIA driver is not loaded
Apr 24 15:28:59 u-Precision-5530 nvidia-settings-autostart.desktop[2027]:
ERROR: Unable to load info from any available system
...
Apr 24 15:29:07 u-Precision-5530 gdm3[1251]: modprobe: ERROR: could not insert
'nvidia': Operation not permitted
Apr 24 15:29:07 u-Precision-5530 kernel: [ 26.225723] PKCS#7 signature not
signed with a trusted key
Apr 24 15:29:07 u-Precision-5530 gdm3[1251]: modprobe: ERROR: could not insert
'nvidia': Operation not permitted
Workaround
===========
1. Go back to the "Additional Drivers" tab, select the nouveau driver, click
Apply
2. Restart the device, return to Software & Updates' "Additional Drivers" tab,
select the nvidia proprietary driver, click Apply
2. When required, input a password that's gonna be required to enroll the keys
3. Restart the device, and this time enroll the keys in the blue MOK screen and
continue boot
This time:
$ glxinfo | grep renderer
OpenGL renderer string: Quadro P1000/PCIe/SSE2
and nvidia-settings displays all the info and parameters related to the
nvidia GPU.
ProblemType: Bug
DistroRelease: Ubuntu 19.04
Package: mokutil 0.3.0+1538710437.fb6250f-0ubuntu2
ProcVersionSignature: Ubuntu 5.0.0-13.14-generic 5.0.6
Uname: Linux 5.0.0-13-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.10-0ubuntu27
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Wed Apr 24 16:15:07 2019
InstallationDate: Installed on 2019-04-24 (0 days ago)
InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
SourcePackage: mokutil
UpgradeStatus: No upgrade log present (probably fresh install)
** Affects: mokutil (Ubuntu)
Importance: Undecided
Status: New
** Affects: nvidia-graphics-drivers-418 (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug ce-qa-concern disco
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1826132
Title:
If not enrolling keys before MOK timeout, Ubuntu lists proprietary
drivers as enabled when they are not
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mokutil/+bug/1826132/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
