seems this just needs a config change? from the private bug: "This is due to the patch "[patch] integrity: Do not load MOK and MOKx when secure boot be disabled" was added to check if secureboot enabled for trusting the MOK key, https://lore.kernel.org/lkml/[email protected]/T/
Unfortunately, the checking function, arch_ima_get_secureboot(), needs the config, CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT=y and it's dependency CONFIG_IMA_ARCH_POLICY " -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1969432 Title: 5.17 kernel won't load mok, so it refused to load dkms signed by mok To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1969432/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
