Yes, I do see the expected behavior now with signed modules, both when the signing key is enrolled in the MOK (module loads, no verification error) and when it is not enrolled in the MOK (module fails to load due to verification error.) However, the behavior is not quite what I expect when a module is unsigned. The module fails to load, which is expected, but there is no error message in dmesg indicating a missing key, which can make it tricky to determine why the module failed to load, since the failure message printed by modprobe/insmod is simply "Operation not permitted". (It seems the ENOKEY failure is not getting propagated to the user-facing tool.)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1798863 Title: 18.10 kernel does not appear to validate kernel module signatures correctly To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1798863/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
