Ubuntu
linux package

problem loading UEFI certificate

Bug #1807513 reported by stop
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

dmesg reports the following warnings:
[ 1.466047] Problem loading UEFI:db X.509 certificate (-65)
[ 1.466051] Problem loading UEFI:db X.509 certificate (-65)

Ubuntu 18.10 (64bit) linux-image-4.18.0-12-generic
---
ProblemType: Bug
ApportVersion: 2.20.10-0ubuntu13.1
Architecture: amd64
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC1: whoop 4213 F.... pulseaudio
 /dev/snd/controlC0: whoop 4213 F.... pulseaudio
CurrentDesktop: ubuntu:GNOME
DistroRelease: Ubuntu 18.10
InstallationDate: Installed on 2018-12-01 (7 days ago)
InstallationMedia: Ubuntu 18.10 "Cosmic Cuttlefish" - Release amd64 (20181017.3)
MachineType: Acer Aspire A515-41G
Package: linux (not installed)
ProcFB: 0 amdgpudrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.18.0-12-generic root=UUID=a16675f6-b0e4-4e39-875e-b5edf3661e9e ro quiet splash vt.handoff=1
ProcVersionSignature: Ubuntu 4.18.0-12.13-generic 4.18.17
RelatedPackageVersions:
 linux-restricted-modules-4.18.0-12-generic N/A
 linux-backports-modules-4.18.0-12-generic N/A
 linux-firmware 1.175.1
Tags: cosmic
Uname: Linux 4.18.0-12-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
_MarkForUpload: True
dmi.bios.date: 09/27/2017
dmi.bios.vendor: Insyde Corp.
dmi.bios.version: V1.06
dmi.board.asset.tag: Type2 - Board Asset Tag
dmi.board.name: Wartortle_BS
dmi.board.vendor: BR
dmi.board.version: V1.06
dmi.chassis.type: 10
dmi.chassis.vendor: Acer
dmi.chassis.version: V1.06
dmi.modalias: dmi:bvnInsydeCorp.:bvrV1.06:bd09/27/2017:svnAcer:pnAspireA515-41G:pvrV1.06:rvnBR:rnWartortle_BS:rvrV1.06:cvnAcer:ct10:cvrV1.06:
dmi.product.family: Aspire 5
dmi.product.name: Aspire A515-41G
dmi.product.sku: 0000000000000000
dmi.product.version: V1.06
dmi.sys.vendor: Acer

See original description
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1807513

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
stop (whoopwhoop) wrote : AlsaInfo.txt

apport information

tags: added: apport-collected cosmic
description: updated
Revision history for this message
stop (whoopwhoop) wrote : CRDA.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : CurrentDmesg.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : IwConfig.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : Lspci.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : Lsusb.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : ProcCpuinfo.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : ProcCpuinfoMinimal.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : ProcEnviron.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : ProcInterrupts.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : ProcModules.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : PulseList.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : RfKill.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : UdevDb.txt

apport information

Revision history for this message
stop (whoopwhoop) wrote : WifiSyslog.txt

apport information

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
stop (whoopwhoop)
description: updated
Revision history for this message
Vladimir Yerilov (openmindead) wrote :

This happens when `mokutil --use-db` setting is applied. With `--ignore-db` this doesn't happen. I suppose this is only applicable for situaltions where Secure Boot's db / KEK / PK are modified by the user.

Revision history for this message
Vladimir Yerilov (openmindead) wrote :

No I was wrong.
In my case this only happens with the certificate with a strange Issuer name like "x00d\x00b\x00_\x00M\x00a\x00n\x00u\x00f\x00a\x00c\x00t\x00u\x00r\x00e\x002\x000\x001\x005\x000\x006\x001\x007". Only this certificate fails to load.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.