* [ISSUE] Module signing
@ 2021-02-03 15:37 anon-lestat
2021-02-03 15:38 ` anon-lestat
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: anon-lestat @ 2021-02-03 15:37 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 795 bytes --]
New issue by anon-lestat on void-packages repository
https://github.com/void-linux/void-packages/issues/28440
Description:
* xuname:
Void 5.4.94_1 x86_64-musl GenuineIntel uptodate rDFFF
* package:
linux5.4.94_1
### Expected behavior
Enable enforced module signing and system boots without allowing unsigned modules.
### Actual behavior
Linux doesnt start
### Steps to reproduce the behavior
Make these changes in kernel config before compiling:
CONFIG_MODULE_SIG=y
CONFIG_MODULE_SIG_ALL=y
CONFIG_MODULE_SIG_SHA1=y
CONFIG_MODULE_SIG_HASH="sha1"
Compile, Package and install the kernel.
Add module.sig_enforce=1 to boot parameters,
Start the system.
The kernel used: https://notabug.org/anonymous-lestat/Void-Hardened-Kernel/src/master/x86_64-dotconfig-custom
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Module signing
2021-02-03 15:37 [ISSUE] Module signing anon-lestat
@ 2021-02-03 15:38 ` anon-lestat
2021-02-03 15:41 ` ahesford
2021-02-03 15:41 ` [ISSUE] [CLOSED] " ahesford
2 siblings, 0 replies; 4+ messages in thread
From: anon-lestat @ 2021-02-03 15:38 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 202 bytes --]
New comment by anon-lestat on void-packages repository
https://github.com/void-linux/void-packages/issues/28440#issuecomment-772601785
Comment:
Kernel is tainted which means modules didnt get signed.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Module signing
2021-02-03 15:37 [ISSUE] Module signing anon-lestat
2021-02-03 15:38 ` anon-lestat
@ 2021-02-03 15:41 ` ahesford
2021-02-03 15:41 ` [ISSUE] [CLOSED] " ahesford
2 siblings, 0 replies; 4+ messages in thread
From: ahesford @ 2021-02-03 15:41 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 203 bytes --]
New comment by ahesford on void-packages repository
https://github.com/void-linux/void-packages/issues/28440#issuecomment-772603791
Comment:
You are building a custom kernel, this is not a Void issue.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ISSUE] [CLOSED] Module signing
2021-02-03 15:37 [ISSUE] Module signing anon-lestat
2021-02-03 15:38 ` anon-lestat
2021-02-03 15:41 ` ahesford
@ 2021-02-03 15:41 ` ahesford
2 siblings, 0 replies; 4+ messages in thread
From: ahesford @ 2021-02-03 15:41 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 805 bytes --]
Closed issue by anon-lestat on void-packages repository
https://github.com/void-linux/void-packages/issues/28440
Description:
* xuname:
Void 5.4.94_1 x86_64-musl GenuineIntel uptodate rDFFF
* package:
linux5.4.94_1
### Expected behavior
Enable enforced module signing and system boots without allowing unsigned modules.
### Actual behavior
Linux doesnt start
### Steps to reproduce the behavior
Make these changes in kernel config before compiling:
CONFIG_MODULE_SIG=y
CONFIG_MODULE_SIG_ALL=y
CONFIG_MODULE_SIG_SHA1=y
CONFIG_MODULE_SIG_HASH="sha1"
Compile, Package and install the kernel.
Add module.sig_enforce=1 to boot parameters,
Start the system.
The kernel config used: https://notabug.org/anonymous-lestat/Void-Hardened-Kernel/src/master/x86_64-dotconfig-custom
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-02-03 15:41 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-03 15:37 [ISSUE] Module signing anon-lestat
2021-02-03 15:38 ` anon-lestat
2021-02-03 15:41 ` ahesford
2021-02-03 15:41 ` [ISSUE] [CLOSED] " ahesford
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).