Juniper Openstack

RHOSP: OSp10-RHEL-7-5: module verification failed: signature and/or required key missing - tainting kernel

Bug #1770734 reported by shajuvk
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
R4.1
Fix Committed
Critical
Kumar Harsh
Juniper Openstack r4.1.1.0
R5.0
Fix Committed
Critical
Kumar Harsh
Juniper Openstack r5.0.1
Trunk
Fix Committed
Critical
Kumar Harsh
Juniper Openstack r5.1.0

Bug Description

[ 66.496248] random: crng init done
[ 73.928838] vrouter: loading out-of-tree module taints kernel.
[ 73.930926] vrouter: module verification failed: signature and/or required key missing - tainting kernel
[ 73.936123] vrouter version: {"build-info": [{"build-time": "2018-05-11 05:40:13.135173", "build-hostname": "CB-R4-1-rh7-newton-10-84-56-28", "build-user": "contrail-builder", "build-version": "4.1.1.0"}]}
[ 102.678929] 8021q: 802.1Q VLAN Support v1.8
[ 102.678942] 8021q: adding VLAN 0 to HW filter on

[root@overcloud-novacompute-0 heat-admin]# modinfo vrouter
modinfo: ERROR: Module vrouter not found.
[root@overcloud-novacompute-0 heat-admin]# lsmod | grep vrouter
vrouter 455854 0
[root@overcloud-novacompute-0 heat-admin]# find / -name vrouter.ko
/tmp/lib/modules/3.10.0-862.el7.x86_64/extra/net/vrouter/vrouter.ko
/tmp/opt/contrail/vrouter-kernel-modules/3.10.0-862.el7.x86_64/vrouter.ko
/tmp/vrouter.ko
[root@overcloud-novacompute-0 heat-admin]# modinfo /tmp/lib/modules/3.10.0-862.el7.x86_64/extra/net/vrouter/vrouter.ko
filename: /tmp/lib/modules/3.10.0-862.el7.x86_64/extra/net/vrouter/vrouter.ko
version: 4.1.1.0
license: GPL
retpoline: Y
rhelversion: 7.5
srcversion: C4B7DDB4B389242CFD9115A
depends:
vermagic: 3.10.0-862.el7.x86_64 SMP mod_unload modversions
parm: vr_flow_entries:Number of entries in the flow table. Default is (512 * 1024) (uint)
parm: vr_oflow_entries:Number of overflow entries in the flow table. (uint)
parm: vr_bridge_entries:Number of entries in the bridge table. Default is (256 * 1024) (uint)
parm: vr_bridge_oentries:Number of overflow entries in the bridge table. (uint)
parm: vr_mpls_labels:Number of entries in the MPLS table. Default is 5120 (uint)
parm: vr_nexthops:Number of entries in the nexhop table. Default is 65536 (uint)
parm: vr_vrfs:Number of vrfs. Default is 4096 (uint)
parm: vr_flow_hold_limit:Maximum number of entries in the flow table that can be in the HOLD state. Default is 8192 (uint)
parm: vr_interfaces:Number of entries in the interface table. Default is (256 + 4096) (uint)
parm: vrouter_dbg:Set 1 for pkt dumping and 0 to disable, default value is 0 (int)
parm: vr_memory_alloc_checks:Audit memory frees against allocs. Default is 0 (uint)
[root@overcloud-novacompute-0 heat-admin]#
[root@overcloud-novacompute-0 heat-admin]# uname -a
Linux overcloud-novacompute-0 3.10.0-862.el7.x86_64 #1 SMP Wed Mar 21 18:14:51 EDT 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@overcloud-novacompute-0 heat-admin]#

[root@overcloud-novacompute-0 heat-admin]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether de:ad:be:ef:ba:55 brd ff:ff:ff:ff:ff:ff
    inet 192.168.24.11/24 brd 192.168.24.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::dcad:beff:feef:ba55/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:6c:8f:55 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.12/24 brd 192.168.122.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe6c:8f55/64 scope link
       valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:a7:5e:55 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::5054:ff:fea7:5e55/64 scope link
       valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 52:54:00:64:f1:55 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::5054:ff:fe64:f155/64 scope link
       valid_lft forever preferred_lft forever
6: pkt1: <UP,LOWER_UP> mtu 65535 qdisc noqueue state UNKNOWN group default qlen 1000
    link/void 82:fc:4e:a8:ed:33 brd 00:00:00:00:00:00
7: pkt3: <UP,LOWER_UP> mtu 65535 qdisc noqueue state UNKNOWN group default qlen 1000
    link/void 5e:6e:cc:cf:80:2e brd 00:00:00:00:00:00
8: pkt2: <UP,LOWER_UP> mtu 65535 qdisc noqueue state UNKNOWN group default qlen 1000
    link/void 2a:10:8e:31:f4:78 brd 00:00:00:00:00:00
9: vhost0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
    link/ether 52:54:00:a7:5e:55 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.30/24 brd 10.0.0.255 scope global vhost0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fea7:5e55/64 scope link
       valid_lft forever preferred_lft forever
10: vlan30@eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:64:f1:55 brd ff:ff:ff:ff:ff:ff
    inet 10.3.0.21/24 brd 10.3.0.255 scope global vlan30
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe64:f155/64 scope link
       valid_lft forever preferred_lft forever
11: vlan40@eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 52:54:00:64:f1:55 brd ff:ff:ff:ff:ff:ff
    inet 10.4.0.13/24 brd 10.4.0.255 scope global vlan40
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe64:f155/64 scope link
       valid_lft forever preferred_lft foreve

shajuvk (shajuvk)
information type: Proprietary → Public
Jeba Paulaiyan (jebap)
tags: added: sanityblocker
Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] R4.1

Review in progress for https://review.opencontrail.org/43092
Submitter: Kumar Harsh (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/43092
Committed: http://github.com/Juniper/contrail-vrouter/commit/5d0828146d1e32f270308a41d702a48aff0a7f98
Submitter: Zuul (<email address hidden>)
Branch: R4.1

commit 5d0828146d1e32f270308a41d702a48aff0a7f98
Author: Saurabh Gupta <email address hidden>
Date: Wed May 16 18:48:42 2018 +0530

Changes to make netlink infra to work with CentOS 7.5.

Change-Id: I4c0cb7f168ad285c530379f382a403b743560266
closes-bug: #1770734

Revision history for this message
Kumar Harsh (hkumar) wrote :

R5.0 : https://review.opencontrail.org/43094
master: https://review.opencontrail.org/43087

Revision history for this message
Kumar Harsh (hkumar) wrote :

Mainline and master are fixed as part of this bug:

https://bugs.launchpad.net/juniperopenstack/+bug/1771562

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.