How to build kernel module in centos 7.6 so that build module will be signed?
I have edited the i2c_i801 driver to add a functionalty to our battery driver, but i can't load it because of this issue " i2c_i801: module verification failed: signature and/or required key missing - tainting kernel".
Same code works in SLE 15.
i2c_i801: module verification failed: signature and/or required key missing - tainting kernel
Re: i2c_i801: module verification failed: signature and/or required key missing - tainting kernel
You can't sign your module with the CentOS signing key as you don't have it and hopefully never will.
Are you sure you SuSE system is running in secure boot mode? CentOS can and will use SB mode if it's enabled.
Are you sure you SuSE system is running in secure boot mode? CentOS can and will use SB mode if it's enabled.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: i2c_i801: module verification failed: signature and/or required key missing - tainting kernel
@TrevorH - yes SLES 15 is running in secure boot mode.
@chemal - yes it is loaded but the functionality is missing. I really don't know if it is running.
@chemal - yes it is loaded but the functionality is missing. I really don't know if it is running.
Re: i2c_i801: module verification failed: signature and/or required key missing - tainting kernel
If the kernel says it has marked itself as tainted, it obviously has loaded the module.
I get this, too:
This doesn't restrict the kernel module in any way. The whole point of tainting the kernel is to turn down support requests.
My guess is that you simply got your modifications wrong.
Anyway, if you want to sign your module, here's how to do it:
https://access.redhat.com/documentation ... -boot.html
I get this, too:
Code: Select all
[ 1.496846] nvidia: loading out-of-tree module taints kernel.
[ 1.497026] nvidia: module license 'NVIDIA' taints kernel.
[ 1.547877] nvidia: module verification failed: signature and/or required key missing - tainting kernelMy guess is that you simply got your modifications wrong.
Anyway, if you want to sign your module, here's how to do it:
https://access.redhat.com/documentation ... -boot.html
Re: i2c_i801: module verification failed: signature and/or required key missing - tainting kernel
thanks @chemal, finally solved it.
you correct there was some missing ids in the centos implementation compared to suse.
you correct there was some missing ids in the centos implementation compared to suse.
chemal wrote: ↑2019/09/24 01:52:55If the kernel says it has marked itself as tainted, it obviously has loaded the module.
I get this, too:This doesn't restrict the kernel module in any way. The whole point of tainting the kernel is to turn down support requests.Code: Select all
[ 1.496846] nvidia: loading out-of-tree module taints kernel. [ 1.497026] nvidia: module license 'NVIDIA' taints kernel. [ 1.547877] nvidia: module verification failed: signature and/or required key missing - tainting kernel
My guess is that you simply got your modifications wrong.
Anyway, if you want to sign your module, here's how to do it:
https://access.redhat.com/documentation ... -boot.html