This bug was fixed in the package linux - 5.19.0-15.15
---------------
linux (5.19.0-15.15) kinetic; urgency=medium
* kinetic/linux: 5.19.0-15.15 -proposed tracker (LP: #1983335)
* Miscellaneous Ubuntu changes
- [Config] update annotations to support both gcc-11 and gcc-12
-- Andrea Righi <andrea.ri...@canonical.com> Tue, 02 Aug 2022 09:23:01
+0200
** Changed in: linux (Ubuntu Kinetic)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-oem-5.17 in Ubuntu.
https://bugs.launchpad.net/bugs/1972802
Title:
enable config for fixing 5.17 kernel won't load mok
Status in OEM Priority Project:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux-oem-5.17 package in Ubuntu:
Invalid
Status in linux source package in Jammy:
Invalid
Status in linux-oem-5.17 source package in Jammy:
Fix Released
Status in linux source package in Kinetic:
Fix Released
Status in linux-oem-5.17 source package in Kinetic:
Invalid
Bug description:
[Impact]
Mok keys is not trusted after kernel 5.17
[Fix]
Enable the CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT and CONFIG_IMA_ARCH_POLICY
for fixing the patch
"[patch] integrity: Do not load MOK and MOKx when secure boot be disabled"
was added to check if secureboot enabled for trusting the MOK key
[Test]
Enroll Mok key and use it to sign kernel modules, make sure secure boot is on
and load the kernel module by either modprobe or insmod.
[Where problems could occur]
Low. only affect the checking secureboot enable function.
To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1972802/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
