Hi,
> The module will need to be signed if you are booted under secure boot,
> but just to check can you run 'cat /sys/kernel/security/lockdown' and
> confirm that the square braces appear around "integrity"?
# cat /sys/kernel/security/lockdown
none [integrity] confidentiality
# bootctl status
System:
Firmware: n/a (n/a)
Secure Boot: enabled
Setup Mode: user
Boot into FW: supported
Also see attached dmesg: lines 68-69,102 for secure boot; lines 699-709
where it loads two keys I signed manually at some point; lines 1106-1121
were probably after reinstalling virtualbox.
> You can check whether the
> module is signed by running 'xxd /lib/modules/$(uname-r)/updaes/vboxdrv.ko |
> tail' (I think
> that should be the right path),...
It was under dkms there...
# xxd /lib/modules/$(uname -r)/updates/dkms/vboxdrv.ko| tail
0008ca10: 3100 0000 3d05 0000 0800 0000 0000 0000 1...=...........
0008ca20: 1800 0000 0000 0000 0900 0000 0300 0000 ................
0008ca30: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0008ca40: 3013 0500 0000 0000 68cd 0000 0000 0000 0.......h.......
0008ca50: 0000 0000 0000 0000 0100 0000 0000 0000 ................
0008ca60: 0000 0000 0000 0000 1100 0000 0300 0000 ................
0008ca70: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0008ca80: 08bc 0800 0000 0000 df01 0000 0000 0000 ................
0008ca90: 0000 0000 0000 0000 0100 0000 0000 0000 ................
0008caa0: 0000 0000 0000 0000 ........
# systemctl status virtualbox
● virtualbox.service - LSB: VirtualBox Linux kernel module
Loaded: loaded (/etc/init.d/virtualbox; generated)
Active: failed (Result: exit-code) since Thu 2020-08-13 12:58:50 UTC; 8min
ago
Docs: man:systemd-sysv-generator(8)
Aug 13 12:58:50 kortewegdevries systemd[1]: Starting LSB: VirtualBox Linux
kernel module...
Aug 13 12:58:50 kortewegdevries virtualbox[6653]: * Loading VirtualBox kernel
modules...
Aug 13 12:58:50 kortewegdevries virtualbox[6653]: * modprobe vboxdrv failed.
Please use 'dmesg' to fin>
Aug 13 12:58:50 kortewegdevries virtualbox[6653]: ...fail!
Aug 13 12:58:50 kortewegdevries systemd[1]: virtualbox.service: Control process
exited, code=exited, st>
Aug 13 12:58:50 kortewegdevries systemd[1]: virtualbox.service: Failed with
result 'exit-code'.
Aug 13 12:58:50 kortewegdevries systemd[1]: Failed to start LSB: VirtualBox
Linux kernel module.
Aug 13 12:58:50 kortewegdevries virtualbox[6653]: * Loading VirtualBox kernel
modules...
Aug 13 12:58:50 kortewegdevries kernel: Lockdown: modprobe: unsigned module
loading is restricted; see >
Aug 13 12:58:50 kortewegdevries virtualbox[6653]: * modprobe vboxdrv failed.
Please use 'dmesg' to fin>
Aug 13 12:58:50 kortewegdevries virtualbox[6653]: ...fail!
Aug 13 12:58:50 kortewegdevries systemd[1]: virtualbox.service: Control process
exited, code=exited, st>
Subject: Unit process exited
Defined-By: systemd
Support: http://www.ubuntu.com/support
An ExecStart= process belonging to unit virtualbox.service has exited.
The process' exit code is 'exited' and its exit status is 1.
Aug 13 12:58:50 kortewegdevries systemd[1]: virtualbox.service: Failed with
result 'exit-code'.
Subject: Unit failed
Defined-By: systemd
Support: http://www.ubuntu.com/support
The unit virtualbox.service has entered the 'failed' state with result
'exit-code'.
Aug 13 12:58:50 kortewegdevries systemd[1]: Failed to start LSB: VirtualBox
Linux kernel module.
Subject: A start job for unit virtualbox.service has failed
Defined-By: systemd
Support: http://www.ubuntu.com/support
A start job for unit virtualbox.service has finished with a failure.
The job identifier is 5769 and the job result is failed.
After rebooting with the broken virtualbox install following is printed
on:
# journalctl -b 0|egrep -i "virt|vbox"
Aug 13 13:10:48 kortewegdevries systemd[1]: vboxweb.service: Can't open PID
file /run/vboxweb.pid (yet?) after start: Operation not permitted
Aug 13 13:10:48 kortewegdevries systemd[1]: vboxweb.service: Failed with result
'protocol'.
Aug 13 13:10:48 kortewegdevries audit[1]: SERVICE_START pid=1 uid=0
auid=4294967295 ses=4294967295 msg='unit=vboxweb comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
Aug 13 13:10:48 kortewegdevries virtualbox[1278]: * Loading VirtualBox kernel
modules...
Aug 13 13:11:12 kortewegdevries virtualbox[1278]: * modprobe vboxdrv failed.
Please use 'dmesg' to find out why
Aug 13 13:11:12 kortewegdevries virtualbox[1278]: ...fail!
Aug 13 13:11:12 kortewegdevries systemd[1]: virtualbox.service: Control process
exited, code=exited, status=1/FAILURE
Aug 13 13:11:12 kortewegdevries systemd[1]: virtualbox.service: Failed with
result 'exit-code'.
Aug 13 13:11:12 kortewegdevries audit[1]: SERVICE_START pid=1 uid=0
auid=4294967295 ses=4294967295 msg='unit=virtualbox comm="systemd"
exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
> I don't routinely use any dkms modules, but iirc the prompt only happens
> the first time you install a dkms module for enrolling the MOK with
> shim. After that I thought the module signing happened silently, so
> could that be why you don't see any prompts?
You're probably right on this but I forgot...
Thanks.
** Attachment added: "dmesg"
https://bugs.launchpad.net/ubuntu/+source/virtualbox/+bug/1884652/+attachment/5401381/+files/dmesg
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1884652
Title:
virtualbox 6.1.10-dfsg-1 ADT test failure with linux-5.8 5.8.0-1.2
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/virtualbox/+bug/1884652/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
