Linux 4.12 refuses to load self-signed modules under Secure Boot with properly enrolled keys
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
High
|
Seth Forshee |
Bug Description
Since version 4.12, Linux refuses to load my self-signed VirtualBox modules.
$ lsb_release -d
Description: Ubuntu Artful Aardvark (development branch)
$ uname -rvm
4.12.0-11-generic #12-Ubuntu SMP Fri Aug 11 12:26:42 UTC 2017 x86_64
$ sudo modprobe -v vboxdrv
insmod /lib/modules/
modprobe: ERROR: could not insert 'vboxdrv': Required key not available
I've followed [this guide](https:/
The key is properly enrolled:
$ sudo mokutil --test-key .mok/mok-
.mok/mok-
I think this happens because the kernel was built without CONFIG_
$ ls -1 /boot/config-*
/boot/config-
/boot/config-
$ grep CONFIG_
/boot/config-
Same problem with kernel 4.12.0-12.13 from the proposed repository.
ProblemType: Bug
DistroRelease: Ubuntu 17.10
Package: linux-image-
ProcVersionSign
Uname: Linux 4.12.0-11-generic x86_64
ApportVersion: 2.20.6-0ubuntu6
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/
/dev/snd/
CurrentDesktop: Budgie:GNOME
Date: Mon Aug 21 15:37:56 2017
HibernationDevice: RESUME=
InstallationDate: Installed on 2016-12-15 (249 days ago)
InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Alpha amd64 (20161214)
MachineType: LENOVO 80JE
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=
RelatedPackageV
linux-
linux-
linux-firmware 1.167
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 09/30/2016
dmi.bios.vendor: LENOVO
dmi.bios.version: B0CNA0WW
dmi.board.
dmi.board.name: Lancer 4A1
dmi.board.vendor: LENOVO
dmi.board.version: SDK0J40688 WIN
dmi.chassis.
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.
dmi.modalias: dmi:bvnLENOVO:
dmi.product.family: IDEAPAD
dmi.product.name: 80JE
dmi.product.
dmi.sys.vendor: LENOVO
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
status: | Confirmed → Triaged |
tags: | added: kernel-da-key |
Changed in linux (Ubuntu): | |
assignee: | nobody → Seth Forshee (sforshee) |
importance: | Medium → High |
status: | Triaged → In Progress |
This change was made by a bot.