load with kernel vmlinuz-6.5.0-1-generic.sipl
- without secure boot enable
- without adding the signature
==> as expected:
IPB received.
IPB sent.
System version 9.
Watchdog enabled.
Running 'ZBootLoader' version '3.2.2' level 'D51C.D51C_328.16'.
OK00000000 Success
load with kernel vmlinuz-6.5.0-1-generic
- with secure boot enable
- with adding the signature
==> not expected:
IPB received.
IPB sent.
System version 9.
Watchdog enabled.
Running 'ZBootLoader' version '3.2.2' level 'D51C.D51C_328.16'.
--- Audit message summary start ---
MLOLOA62693210 Audit: Signature verification failure for component 3 in program
0 loaded from device HBA:0.0.1900,WWPN:500507630710572C,LUN:4020404E00000000.
--- Audit message summary end ---
MLOLOA6269321F A security violation error was encountered when loading from devi
ce HBA:0.0.1900,WWPN:500507630710572C,LUN:4020404E00000000.
IPL failed (110).
LdiplStructureProcessor.cpp:processComponentTable:75: Found IMAGE component @0x156d1630 w LOAD ADDRESS 0xa000.
CertificateVerification.cpp:verifySignature:237: Failed to verify image component @0x156d1630 w associated signature component @0x156d19b0 and certificate #0 w vc_index 1.
LdiplStructureProcessor.cpp:checkSignature:288: Audit: Signature verification failed for component #3 @0x156d1630.
LdiplStructureProcessor.cpp:processComponentTable:91: Found Image Component @0x156d1630 w SCLAB @0x156cde10.
LdiplStructureProcessor.cpp:processComponentTable:98: Found the 'global' SCLAB (1) @0x156d1630
LdiplComponentType02Image.cpp:checkSignedCodeLoadingAttributesFacilityRules:235: Audit summary 2a: Error indicators for the SCLAB of component 3 is 0x0.
but load for component 5 worked:
LdiplStructureProcessor.cpp:processComponentTable:75: Found IMAGE component @0x156fcd90 w LOAD ADDRESS 0x10000.
CertificateVerification.cpp:verifySignature:227: Successfully verified image component @0x156fcd90 w associated signature component @0x156fef00 and certificate #0 w vc_index 1.
LdiplStructureProcessor.cpp:processComponentTable:91: Found Image Component @0x156fcd90 w SCLAB @0x156fcd50.
------- Comment From <email address hidden> 2023-07-27 05:46 EDT------- kernel- team/unstable:
we installed from ppa:canonical-
cat /etc/os-release CODENAME= mantic
PRETTY_NAME="Ubuntu Mantic Minotaur (development branch)"
NAME="Ubuntu"
VERSION_ID="23.10"
VERSION="23.10 (Mantic Minotaur)"
VERSION_
...
# uname -r
6.5.0-1-generic
and used 6.5.0-1. 1+1/control/ sipl.x509 signature and 6.5.0-1. 1+1/boot/ vmlinuz- 6.5.0-1- generic. sipl from the tar file from https:/ /ppa.launchpad. net/canonical- kernel- team/unstable/ ubuntu/ dists/devel/ main/signed/ linux-generate- unstable- s390x/current/
signed.tar.gz
ls -l /boot/vmlinuz 6.5.0-1- generic. sipl
lrwxrwxrwx 1 root root 28 Jul 26 11:32 /boot/vmlinuz -> vmlinuz-
load with kernel vmlinuz- 6.5.0-1- generic. sipl
- without secure boot enable
- without adding the signature
==> as expected:
IPB received.
IPB sent.
System version 9.
Watchdog enabled.
Running 'ZBootLoader' version '3.2.2' level 'D51C.D51C_328.16'.
OK00000000 Success
load with kernel vmlinuz- 6.5.0-1- generic 1900,WWPN: 500507630710572 C,LUN:4020404E0 0000000. 1900,WWPN: 500507630710572 C,LUN:4020404E0 0000000.
- with secure boot enable
- with adding the signature
==> not expected:
IPB received.
IPB sent.
System version 9.
Watchdog enabled.
Running 'ZBootLoader' version '3.2.2' level 'D51C.D51C_328.16'.
--- Audit message summary start ---
MLOLOA62693210 Audit: Signature verification failure for component 3 in program
0 loaded from device HBA:0.0.
--- Audit message summary end ---
MLOLOA6269321F A security violation error was encountered when loading from devi
ce HBA:0.0.
IPL failed (110).
LdiplStructureP rocessor. cpp:processComp onentTable: 75: Found IMAGE component @0x156d1630 w LOAD ADDRESS 0xa000. fication. cpp:verifySigna ture:237: Failed to verify image component @0x156d1630 w associated signature component @0x156d19b0 and certificate #0 w vc_index 1. rocessor. cpp:checkSignat ure:288: Audit: Signature verification failed for component #3 @0x156d1630. rocessor. cpp:processComp onentTable: 91: Found Image Component @0x156d1630 w SCLAB @0x156cde10. rocessor. cpp:processComp onentTable: 98: Found the 'global' SCLAB (1) @0x156d1630 ype02Image. cpp:checkSigned CodeLoadingAttr ibutesFacilityR ules:235: Audit summary 2a: Error indicators for the SCLAB of component 3 is 0x0.
CertificateVeri
LdiplStructureP
LdiplStructureP
LdiplStructureP
LdiplComponentT
but load for component 5 worked: rocessor. cpp:processComp onentTable: 75: Found IMAGE component @0x156fcd90 w LOAD ADDRESS 0x10000. fication. cpp:verifySigna ture:227: Successfully verified image component @0x156fcd90 w associated signature component @0x156fef00 and certificate #0 w vc_index 1. rocessor. cpp:processComp onentTable: 91: Found Image Component @0x156fcd90 w SCLAB @0x156fcd50.
LdiplStructureP
CertificateVeri
LdiplStructureP