lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 9 Feb 2015 16:58:01 +0100
From:	Sedat Dilek <sedat.dilek@...il.com>
To:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:	LKML <linux-kernel@...r.kernel.org>,
	Jeff Kirsher <jeffrey.t.kirsher@...el.com>,
	David Howells <dhowells@...hat.com>
Subject: Re: [PATCH 3.18 00/39] 3.18.7-stable review

On Mon, Feb 9, 2015 at 4:44 PM, Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
> On Mon, Feb 09, 2015 at 04:35:53PM +0100, Sedat Dilek wrote:
>> Hi Greg,
>>
>> nice to see the kbuild and trace patches I was involved are in this series.
>>
>> Unfortunately, I see the following in my logs...
>>
>> [    2.117022] Request for unknown module key 'Magrathea: Glacier
>> signing key: 009aa341bb673735a51dc34b238a0ca481d68098' err -11
>> [    2.117114] mii: module verification failed: signature and/or
>> required key missing - tainting kernel
>>
>> Not sure whom to CC.
>> I CCed Jeff as he worked on MII.
>> Signing key ---> Dave Howells?
>>
>> Attached are my kernel-config and dmesg output.
>>
>> Hope this helps.
>>
>> BTW, with v3.18.6 I haven't seen such output.
>
> Any way you could take the patches at
> https://git.kernel.org/cgit/linux/kernel/git/stable/stable-queue.git/
> in the queue-3.18 directory and bisect them to see which patch causes
> the problem?  I don't see any obvious patch in this series that would be
> the issue.
>

[ CC Dave Howells ]

Unfortunately, I make-distclean-ed my build-dir.

Is simply the sign-key missing?

> mii: module verification failed: signature and/or  required key missing <

Documentation/module-signing.txt lists Magrathea, so I CCed Dave.
Let's see what he says before doing a git-bisect session.

I wanted to trough out the complete module-signing kernel-options for
a long time.
For test kernels it is simply not needed here.

Sorry, for resending my files - build-log is attached as a new file.

Hope this helps.

BTW, why is there no MII maintainer listed in MAINTAINERS?

( No clue what MII has to do with module-signing, can someone explain? )

- Sedat -

P.S.: Check the logs for mii and x509 patterns.

$ egrep 'mii|x509' build-log_3.18.7-rc1-1-iniza-small.txt
  ASN.1   crypto/asymmetric_keys/x509-asn1.c
  ASN.1   crypto/asymmetric_keys/x509_rsakey-asn1.c
  CC      crypto/asymmetric_keys/x509_public_key.o
  CC      crypto/asymmetric_keys/x509-asn1.o
  CC      crypto/asymmetric_keys/x509_rsakey-asn1.o
  CC      crypto/asymmetric_keys/x509_cert_parser.o
  LD      crypto/asymmetric_keys/x509_key_parser.o
                -batch -x509 -config x509.genkey \
                -outform DER -out signing_key.x509 \
  CERTS   kernel/x509_certificate_list
  - Including cert ./signing_key.x509
  CC [M]  drivers/net/mii.o
  CC      drivers/net/mii.mod.o
  LD [M]  drivers/net/mii.ko
  INSTALL drivers/net/mii.ko

- EOT -

View attachment "build-log_3.18.7-rc1-1-iniza-small.txt" of type "text/plain" (140264 bytes)

Download attachment "config-3.18.7-rc1-1-iniza-small" of type "application/octet-stream" (123277 bytes)

View attachment "dmesg_3.18.7-rc1-1-iniza-small.txt" of type "text/plain" (65334 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ