On 05/16/2015 12:04 PM, Sérgio Basto wrote: > On Sáb, 2015-05-16 at 18:40 +0200, poma wrote: >> On 13.05.2015 21:52, jd1008 wrote: >>> >>> On 05/13/2015 01:43 PM, Frank Mehnert wrote: >>>> Hi Joe, >>>> >>>> On Wednesday 13 May 2015 13:28:03 jd1008 wrote: >>>>> Thank you for this update. >>>>> >>>>> I was wondering why Oracle no longer builds VB >>>>> for the latest release of Fedora. >>>> VirtualBox 4.3.28 is built in a Fedora 18 chroot. We have tested this >>>> package works well in Fedora 21. This is also stated on the download >>>> page and there is also a Fedora 21 repository containing that package. >>>> The repository is not yet up-to-date, this will finish during the next >>>> hour. Once Fedora 22 is released we will test VirtualBox on this Linux >>>> distribution and then decide if we need to set up a F22 chroot or if >>>> the F18 chroot will still make it. >>>> >>>> Kind regards, >>>> >>>> Frank >>> Thank you Dr. Mehnert. >>> I thought that every Fedora kernel is compiled to only accept >>> modules that were compiled for the specific kernel version >>> of the Fedora release version. >> ... >> >> Fedora kernels are configured to drive in "permissive" mode, >> e.g. >> >> $ grep CONFIG_MODULE_SIG_FORCE /boot/config-4.0.3-202.fc21.x86_64 >> # CONFIG_MODULE_SIG_FORCE is not set >> >> therefore, properly signed *and* unsigned modules are loadable, >> e.g. >> >> - unsigned: >> >> $ modinfo vboxdrv >> filename: /lib/modules/4.0.3-202.fc21.x86_64/extra/vboxdrv.ko >> version: 4.3.28 (0x001a000a) >> license: GPL >> description: Oracle VM VirtualBox Support Driver >> author: Oracle Corporation >> srcversion: CB0F241526E12BE494014CF >> depends: >> vermagic: 4.0.3-202.fc21.x86_64 SMP mod_unload >> parm: force_async_tsc:force the asynchronous TSC mode (int) >> >> >> # sign-file -v sha256 signing_key.priv signing_key.x509 >> /lib/modules/4.0.3-202.fc21.x86_64/extra/vboxdrv.ko >> Size of unsigned module: 490384 >> Size of signer's name : 25 >> Size of key identifier : 20 >> Size of signature : 514 >> Size of information : 12 >> Size of magic number : 28 >> Signer's name : 'Fedora kernel signing key' >> Digest : sha256 >> >> - properly signed: >> >> $ modinfo vboxdrv >> filename: /lib/modules/4.0.3-202.fc21.x86_64/extra/vboxdrv.ko >> version: 4.3.28 (0x001a000a) >> license: GPL >> description: Oracle VM VirtualBox Support Driver >> author: Oracle Corporation >> srcversion: CB0F241526E12BE494014CF >> depends: >> vermagic: 4.0.3-202.fc21.x86_64 SMP mod_unload >> signer: Fedora kernel signing key >> sig_key: 95:7D:C8:E5:9F:5D:E6:03:71:49:1A:D0:9A:C6:8F:85:16:6C:B3:94 >> sig_hashalgo: sha256 >> parm: force_async_tsc:force the asynchronous TSC mode (int) >> >> >> $ dmesg -t | grep -i X.*509 >> Asymmetric key parser 'x509' registered >> Loading compiled-in X.509 certificates >> Loaded X.509 cert 'Fedora kernel signing key: >> 957dc8e59f5de60371491ad09ac68f85166cb394' >> >> >> Ref. >> https://www.kernel.org/doc/Documentation/module-signing.txt > I have to check this, "therefore, properly signed *and* unsigned modules > are loadable" seems not totally correct : > > https://ask.fedoraproject.org/en/question/65473/virtualbox-error/ > > "Virtualbox will not work with secure boot enabled > because it relies on its own kernel modules being loaded, which they > cannot due to secure boot" > > I have to check If we can sign kmod on RPMFusion , if it is > packageable ? Have you any clue on this matter ? > > Thanks, Good point. What about UEFI?
------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ VBox-users-community mailing list VBox-users-community@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/vbox-users-community _______________________________________________ Unsubscribe: mailto:vbox-users-community-requ...@lists.sourceforge.net?subject=unsubscribe
