| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+icZUUQDCx=kpwYGu7sjh9eqx6phQGF1pA8hZDvpDcSj_Nomg@mail.gmail.com>
Date: Mon, 9 Feb 2015 16:58:01 +0100
From: Sedat Dilek <sedat.dilek@...il.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Jeff Kirsher <jeffrey.t.kirsher@...el.com>,
David Howells <dhowells@...hat.com>
Subject: Re: [PATCH 3.18 00/39] 3.18.7-stable review
On Mon, Feb 9, 2015 at 4:44 PM, Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
> On Mon, Feb 09, 2015 at 04:35:53PM +0100, Sedat Dilek wrote:
>> Hi Greg,
>>
>> nice to see the kbuild and trace patches I was involved are in this series.
>>
>> Unfortunately, I see the following in my logs...
>>
>> [ 2.117022] Request for unknown module key 'Magrathea: Glacier
>> signing key: 009aa341bb673735a51dc34b238a0ca481d68098' err -11
>> [ 2.117114] mii: module verification failed: signature and/or
>> required key missing - tainting kernel
>>
>> Not sure whom to CC.
>> I CCed Jeff as he worked on MII.
>> Signing key ---> Dave Howells?
>>
>> Attached are my kernel-config and dmesg output.
>>
>> Hope this helps.
>>
>> BTW, with v3.18.6 I haven't seen such output.
>
> Any way you could take the patches at
> https://git.kernel.org/cgit/linux/kernel/git/stable/stable-queue.git/
> in the queue-3.18 directory and bisect them to see which patch causes
> the problem? I don't see any obvious patch in this series that would be
> the issue.
>
[ CC Dave Howells ]
Unfortunately, I make-distclean-ed my build-dir.
Is simply the sign-key missing?
> mii: module verification failed: signature and/or required key missing <
Documentation/module-signing.txt lists Magrathea, so I CCed Dave.
Let's see what he says before doing a git-bisect session.
I wanted to trough out the complete module-signing kernel-options for
a long time.
For test kernels it is simply not needed here.
Sorry, for resending my files - build-log is attached as a new file.
Hope this helps.
BTW, why is there no MII maintainer listed in MAINTAINERS?
( No clue what MII has to do with module-signing, can someone explain? )
- Sedat -
P.S.: Check the logs for mii and x509 patterns.
$ egrep 'mii|x509' build-log_3.18.7-rc1-1-iniza-small.txt
ASN.1 crypto/asymmetric_keys/x509-asn1.c
ASN.1 crypto/asymmetric_keys/x509_rsakey-asn1.c
CC crypto/asymmetric_keys/x509_public_key.o
CC crypto/asymmetric_keys/x509-asn1.o
CC crypto/asymmetric_keys/x509_rsakey-asn1.o
CC crypto/asymmetric_keys/x509_cert_parser.o
LD crypto/asymmetric_keys/x509_key_parser.o
-batch -x509 -config x509.genkey \
-outform DER -out signing_key.x509 \
CERTS kernel/x509_certificate_list
- Including cert ./signing_key.x509
CC [M] drivers/net/mii.o
CC drivers/net/mii.mod.o
LD [M] drivers/net/mii.ko
INSTALL drivers/net/mii.ko
- EOT -
View attachment "build-log_3.18.7-rc1-1-iniza-small.txt" of type "text/plain" (140264 bytes)
Download attachment "config-3.18.7-rc1-1-iniza-small" of type "application/octet-stream" (123277 bytes)
View attachment "dmesg_3.18.7-rc1-1-iniza-small.txt" of type "text/plain" (65334 bytes)
Powered by blists - more mailing lists