Error on installing kernel through mainline

[terenctbrobots]

Ran into a problem with fwts when I installed the latest kernel today. `mainline 1.4.10 install 6.10.6 Downloading 6.10.6
Installing 6.10.6
Selecting previously unselected package linux-headers-6.10.6-061006. (Reading database ... 151460 files and directories currently installed.) Preparing to unpack .../linux-headers-6.10.6-061006_6.10.6-061006.202408190440_all.deb ... Unpacking linux-headers-6.10.6-061006 (6.10.6-061006.202408190440) ... Selecting previously unselected package linux-headers-6.10.6-061006-generic. Preparing to unpack .../linux-headers-6.10.6-061006-generic_6.10.6-061006.202408190440_amd64.deb ... Unpacking linux-headers-6.10.6-061006-generic (6.10.6-061006.202408190440) ... Selecting previously unselected package linux-image-unsigned-6.10.6-061006-generic. Preparing to unpack .../linux-image-unsigned-6.10.6-061006-generic_6.10.6-061006.202408190440_amd64.deb ... Unpacking linux-image-unsigned-6.10.6-061006-generic (6.10.6-061006.202408190440) ... Selecting previously unselected package linux-modules-6.10.6-061006-generic. Preparing to unpack .../linux-modules-6.10.6-061006-generic_6.10.6-061006.202408190440_amd64.deb ... Unpacking linux-modules-6.10.6-061006-generic (6.10.6-061006.202408190440) ... Setting up linux-headers-6.10.6-061006 (6.10.6-061006.202408190440) ... Setting up linux-headers-6.10.6-061006-generic (6.10.6-061006.202408190440) ... /etc/kernel/header_postinst.d/dkms:

• dkms: running auto installation service for kernel 6.10.6-061006-generic Sign command: /usr/bin/kmodsign Signing key: /var/lib/shim-signed/mok/MOK.priv Public certificate (MOK): /var/lib/shim-signed/mok/MOK.der

Building module: Cleaning build area... KVER=6.10.6-061006-generic make...(bad exit status: 2) ERROR (dkms apport): kernel package linux-headers-6.10.6-061006-generic is not supported Error! Bad return status for module build on kernel: 6.10.6-061006-generic (x86_64) Consult /var/lib/dkms/fwts-efi-runtime-dkms/24.01.00/build/make.log for more information. dkms autoinstall on 6.10.6-061006-generic/x86_64 failed for fwts-efi-runtime-dkms(10) Error! One or more modules failed to install during autoinstall. Refer to previous errors for more information.

• dkms: autoinstall for kernel 6.10.6-061006-generic ...fail! run-parts: /etc/kernel/header_postinst.d/dkms exited with return code 11 dpkg: error processing package linux-headers-6.10.6-061006-generic (--install): installed linux-headers-6.10.6-061006-generic package post-installation script subprocess returned error exit status 11 Setting up linux-modules-6.10.6-061006-generic (6.10.6-061006.202408190440) ... Setting up linux-image-unsigned-6.10.6-061006-generic (6.10.6-061006.202408190440) ... I: /boot/vmlinuz is now a symlink to vmlinuz-6.10.6-061006-generic I: /boot/initrd.img is now a symlink to initrd.img-6.10.6-061006-generic Processing triggers for linux-image-unsigned-6.10.6-061006-generic (6.10.6-061006.202408190440) ... /etc/kernel/postinst.d/dkms:
• dkms: running auto installation service for kernel 6.10.6-061006-generic Sign command: /usr/bin/kmodsign Signing key: /var/lib/shim-signed/mok/MOK.priv Public certificate (MOK): /var/lib/shim-signed/mok/MOK.der

Building module: Cleaning build area... KVER=6.10.6-061006-generic make...(bad exit status: 2) ERROR (dkms apport): kernel package linux-headers-6.10.6-061006-generic is not supported Error! Bad return status for module build on kernel: 6.10.6-061006-generic (x86_64) Consult /var/lib/dkms/fwts-efi-runtime-dkms/24.01.00/build/make.log for more information. dkms autoinstall on 6.10.6-061006-generic/x86_64 failed for fwts-efi-runtime-dkms(10) Error! One or more modules failed to install during autoinstall. Refer to previous errors for more information.

• dkms: autoinstall for kernel 6.10.6-061006-generic ...fail! run-parts: /etc/kernel/postinst.d/dkms exited with return code 11 dpkg: error processing package linux-image-unsigned-6.10.6-061006-generic (--install): installed linux-image-unsigned-6.10.6-061006-generic package post-installation script subprocess returned error exit status 11 Errors were encountered while processing: linux-headers-6.10.6-061006-generic linux-image-unsigned-6.10.6-061006-generic mainline: done `

[terenctbrobots]

I dropped back to kernel version 6.9 but even after successful signing, Secure boot prevents the kernel from loading(Bad shim?) `mainline 1.4.10 install 6.9.12 Downloading 6.9.12
Installing 6.9.12
Selecting previously unselected package linux-headers-6.9.12-060912. (Reading database ... 151467 files and directories currently installed.) Preparing to unpack .../linux-headers-6.9.12-060912_6.9.12-060912.202407271050_all.deb ... Unpacking linux-headers-6.9.12-060912 (6.9.12-060912.202407271050) ... Selecting previously unselected package linux-headers-6.9.12-060912-generic. Preparing to unpack .../linux-headers-6.9.12-060912-generic_6.9.12-060912.202407271050_amd64.deb ... Unpacking linux-headers-6.9.12-060912-generic (6.9.12-060912.202407271050) ... Selecting previously unselected package linux-image-unsigned-6.9.12-060912-generic. Preparing to unpack .../linux-image-unsigned-6.9.12-060912-generic_6.9.12-060912.202407271050_amd64.deb ... Unpacking linux-image-unsigned-6.9.12-060912-generic (6.9.12-060912.202407271050) ... Selecting previously unselected package linux-modules-6.9.12-060912-generic. Preparing to unpack .../linux-modules-6.9.12-060912-generic_6.9.12-060912.202407271050_amd64.deb ... Unpacking linux-modules-6.9.12-060912-generic (6.9.12-060912.202407271050) ... Setting up linux-headers-6.9.12-060912 (6.9.12-060912.202407271050) ... Setting up linux-headers-6.9.12-060912-generic (6.9.12-060912.202407271050) ... /etc/kernel/header_postinst.d/dkms:

• dkms: running auto installation service for kernel 6.9.12-060912-generic
• dkms: autoinstall for kernel 6.9.12-060912-generic ...done. Setting up linux-modules-6.9.12-060912-generic (6.9.12-060912.202407271050) ... Setting up linux-image-unsigned-6.9.12-060912-generic (6.9.12-060912.202407271050) ... I: /boot/vmlinuz is now a symlink to vmlinuz-6.9.12-060912-generic I: /boot/initrd.img is now a symlink to initrd.img-6.9.12-060912-generic Processing triggers for linux-image-unsigned-6.9.12-060912-generic (6.9.12-060912.202407271050) ... /etc/kernel/postinst.d/dkms:
• dkms: running auto installation service for kernel 6.9.12-060912-generic
• dkms: autoinstall for kernel 6.9.12-060912-generic ...done. /etc/kernel/postinst.d/initramfs-tools: update-initramfs: Generating /boot/initrd.img-6.9.12-060912-generic /etc/kernel/postinst.d/zz-mainline-signing:

########

Secure Boot Mainline Kernel Signature using MOK

/boot/vmlinuz-6.9.12-060912-generic is a generic kernel image to consider signing Checking if kernel image is already signed Finding matching Ubuntu mainline kernels Checking if there is more than one or no matching kernel deb files Found matching deb file: /home/terenctb/.cache/mainline/6.9.12/linux-image-unsigned-6.9.12-060912-generic_6.9.12-060912.202407271050_amd64.deb Checksum of Linux deb from mainline Mainline folder: /home/terenctb/.cache/mainline/6.9.12, Kernel image: /boot/vmlinuz-6.9.12-060912-generic, Sign temp: /tmp/tmp.uAPyLlWCiJ linux-image-unsigned-6.9.12-060912-generic_6.9.12-060912.202407271050_amd64.deb: OK Successfully sha256 verified deb package Verify image being signed comes from mainline deb package Validated /boot/vmlinuz-6.9.12-060912-generic is present in linux-image-unsigned-6.9.12-060912-generic_6.9.12-060912.202407271050_amd64.deb Signing /boot/vmlinuz-6.9.12-060912-generic... Signing Unsigned original image signature 1 image signature issuers:

• /C=MY/ST=SEL/L=Petaling Jaya/O=Big Bad Robots/CN=Secure Boot Signing Key/emailAddress=terence.tan@bigbadrobots.com image signature certificates:
• subject: /C=MY/ST=SEL/L=Petaling Jaya/O=Big Bad Robots/CN=Secure Boot Signing Key/emailAddress=terence.tan@bigbadrobots.com issuer: /C=MY/ST=SEL/L=Petaling Jaya/O=Big Bad Robots/CN=Secure Boot Signing Key/emailAddress=terence.tan@bigbadrobots.com Successfully signed /boot/vmlinuz-6.9.12-060912-generic

/etc/kernel/postinst.d/zz-update-grub: Sourcing file /etc/default/grub' Generating grub configuration file ... Found linux image: /boot/vmlinuz-6.9.12-060912-generic Found initrd image: /boot/initrd.img-6.9.12-060912-generic Found linux image: /boot/vmlinuz-6.8.0-40-generic Found initrd image: /boot/initrd.img-6.8.0-40-generic Found memtest86+ 64bit EFI image: /boot/memtest86+x64.efi Warning: os-prober will not be executed to detect other bootable partitions. Systems on them will not be added to the GRUB boot configuration. Check GRUB_DISABLE_OS_PROBER documentation entry. Adding boot menu entry for UEFI Firmware Settings ... done mainline: done

[terenctbrobots]

Hmmmm..ignore me...didn't follow the instruction and reboot to get mokmanager to install the cert....sigh..

[berglh]

@terenctbrobots Glad you figured it out! :)