kernel-packages team mailing list archive

Thread
Date

[Bug 1241251] Re: Some kernel modules are failing digital signature checks during boot - kernel is tainted.

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Pasi Tarhonen <1241251@xxxxxxxxxxxxxxxxxx>
Date: Sat, 30 Nov 2013 20:59:29 -0000
Reply-to: Bug 1241251 <1241251@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

For some unknown reason (propably some update is fixed that) module
"mii" is not anymore causing kernel to be tainted, but the quilty one is
now module "video".

[    0.716249] Write protecting the kernel read-only data: 12288k
[    0.717529] Freeing unused kernel memory: 1040K (ffff88000e6fc000 - ffff88000e800000)
[    0.718478] Freeing unused kernel memory: 836K (ffff88000eb2f000 - ffff88000ec00000)
[    0.749207] wmi: Mapper loaded
[    0.749573] video: module verification failed: signature and/or required key missing - tainting kernel
[    0.752443] ahci 0000:00:1f.2: version 3.0
[    0.752527] ahci 0000:00:1f.2: irq 42 for MSI/MSI-X
[    0.754388] [drm] Initialized drm 1.1.0 20060810
[    0.754606] 3c59x 0000:05:01.0: enabling device (0000 -> 0003)
[    0.754643] 3c59x: Donald Becker and others.
[    0.754646] 0000:05:01.0: 3Com PCI 3c905B Cyclone 100baseTx at ffffc9000003e000.
[    0.754953] r8169 Gigabit Ethernet driver 2.3LK-NAPI loaded
[    0.754958] r8169 0000:03:00.0: can't disable ASPM; OS doesn't have ASPM control
[    0.755150] r8169 0000:03:00.0: irq 43 for MSI/MSI-X

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1241251

Title:
  Some kernel modules are failing digital signature checks during boot -
  kernel is tainted.

Status in “linux” package in Ubuntu:
  Confirmed

Bug description:
  Initial configuration:
   Xubuntu 13.10 64-bit, iso SHA256 is:
  1862b69cffcfc41587109a971a8fe72b2dc26dbd762cdb4704965d668514fa95 *xubuntu-13.10-desktop-amd64.iso

  To reproduce:
  1) Verify that SHA256 of iso image is correct. I also checked GPG signature to make sure these are proper SHA256 hashes.
  2) Put ISO to USB flash stick. I used dd to put iso to 2Gb flash drive.
  3) Boot from USB flash and verify CD image using boot option to be extra sure ISO is not damaged.
  4) Make sure ISO checks are OK. 
  5) Now boot USB flash to live OS session ("Try ... without installing").
  6) Launch terminal.
  7) dmesg | grep -i taint
  8) Make sure kernel is getting tainted due to problems with some modules signatures. 

  Result:
  * On my desktop PC I'm getting kernel taint due to missing signature or key in module "mii" (used by RTL8169 driver).
  * On my notebook I'm getting kernel taint due to missing signature or key for "video" module (used by Intel GPU driver?)

  What's going up? Are your ISO images are okay? Or they were tampered
  with and some kernel modules are fakes? Please check ASAP.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1241251/+subscriptions