** Tags added: verification-done-jammy
--
You received this bug notification because you are subscribed to linux
in Ubuntu.
Matching subscriptions: Bgg, Bmail, Nb
https://bugs.launchpad.net/bugs/1972802
Title:
enable config for fixing 5.17 kernel won't load mok
Status in OEM Priority Project:
Fix Committed
Status in linux package in Ubuntu:
In Progress
Status in linux-oem-5.17 package in Ubuntu:
Invalid
Status in linux source package in Jammy:
Invalid
Status in linux-oem-5.17 source package in Jammy:
Fix Committed
Status in linux source package in Kinetic:
In Progress
Status in linux-oem-5.17 source package in Kinetic:
Invalid
Bug description:
[Impact]
Mok keys is not trusted after kernel 5.17
[Fix]
Enable the CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT and CONFIG_IMA_ARCH_POLICY for fixing the patch
"[patch] integrity: Do not load MOK and MOKx when secure boot be disabled" was added to check if secureboot enabled for trusting the MOK key
[Test]
Enroll Mok key and use it to sign kernel modules, make sure secure boot is on and load the kernel module by either modprobe or insmod.
[Where problems could occur]
Low. only affect the checking secureboot enable function.
To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1972802/+subscriptions
Комментариев нет:
Отправить комментарий