search

ventoy / vtoyboot

Work with ventoy to support boot Linux distros in a vdisk file (vhd/vdi/raw ...)
GNU General Public License v3.0
275 stars 23 forks source link

kernel 6.1 dm_patch not loading, also dm_patch: module verification failed: signature and/or required key missing - tainting kernel #62

Open hgkamath opened 1 year ago

hgkamath commented 1 year ago

Description

VTOY_LINUX_REMOUNT has been enabled using global plugson.
But, VTOY_LINUX_REMOUNT is not working.
This feature (https://github.com/ventoy/Ventoy/issues/1326, https://github.com/ventoy/Ventoy/issues/2234, ventoy/vtoyboot/#43, also filed by me) used to work for me before. It has been some time since I last booted this way. So there is no reason why this should not work. [EDIT] Reason it is not working is that the dm_patch is out of compatibility sync with the linux kernel 6.1.11

dm-patch is not loading, Hence, cannot mount /dev/sdc1

dmesg shows: [ 6.220342] dm_patch: module verification failed: signature and/or required key missing - tainting kernel [EDIT] I determined this message isn't only a secureboot signature issue, it throws up even if secureboot is disabled. I think it is thrown because its an external binary kernel module, the kernel decided that such binary blobs are taint. The signature/taint warning is thrown even when the dm_patch module loads and host-partition is mountable, not just when it is rejected.

misc

log

[root@fedora tmp]# uname -a
Linux fedora 6.1.11-200.fc37.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Feb  9 19:20:24 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

[root@fedora tmp]# mount -t ntfs3 /dev/sdc1 /mnt/c1
mount: /mnt/c1: /dev/sdc1 already mounted or mount point busy.
       dmesg(1) may have more information after failed mount system call.

[root@fedora tmp]# sgdisk /dev/mapper/ventoy -p
Disk /dev/mapper/ventoy: 97386496 sectors, 46.4 GiB
Sector size (logical/physical): 512/4096 bytes
Disk identifier (GUID): 8833D6B6-ABF3-44CD-8375-595D238C2600
Partition table holds up to 128 entries
Main partition table begins at sector 2 and ends at sector 33
First usable sector is 34, last usable sector is 97386462
Partitions will be aligned on 2048-sector boundaries
Total free space is 4029 sectors (2.0 MiB)

Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048          522239   254.0 MiB   EF00  EFI System Partition
   2          522240          526335   2.0 MiB     EF02  BIOS boot partition
   3          526336         2099199   768.0 MiB   8300  Linux filesystem
   4         2099200        97384447   45.4 GiB    8300  

[root@fedora vtoyboot-1.0.25]# dmesg | grep dm_patch
[    6.220342] dm_patch: module verification failed: signature and/or required key missing - tainting kernel

[root@fedora tools]# modinfo ./dm_patch_64.ko 
filename:       /root/tmp/vtoyboot-1.0.25/tools/./dm_patch_64.ko
license:        GPL
author:         longpanda <admin@ventoy.net>
description:    dmpatch driver
depends:        
retpoline:      Y
intree:         Y
name:           dm_patch
vermagic:       5.13.19-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx SMP mod_unload modversions

I wonder if the module was compiled/built for kernel-5.13.19

[root@fedora gana]# rpm -qa | grep -i "^kernel-[56]"
kernel-6.1.11-200.fc37.x86_64
kernel-6.0.18-300.fc37.x86_64
kernel-5.19.17-300.fc37.x86_64

[root@fedora vtoyboot-1.0.25]# ./vtoyboot.sh 

**********************************************
      vtoyboot 1.0.25
      longpanda admin@ventoy.net
      https://www.ventoy.net
**********************************************

Current system use dracut as initramfs tool
updating the initramfs, please wait ...
updating initramfs for 5.19.17-300.fc37.x86_64 please wait ...
updating initramfs for 6.0.18-300.fc37.x86_64 please wait ...
grub mkconfig ...
PROBE_PATH=/usr/sbin/grub2-probe EDITENV_PATH=/usr/bin/grub2-editenv MKCONFIG_PATH=/usr/sbin/grub2-mkconfig
/usr/sbin/grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Adding boot menu entry for UEFI Firmware Settings ...
done
This is ventoy enviroment
replace shim efi ...
bootx64.efi no need 2

vtoyboot process successfully finished.

Also tried

[root@fedora vtoyboot-1.0.25]# ./vtoyboot.sh -s

**********************************************
      vtoyboot 1.0.25
      longpanda admin@ventoy.net
      https://www.ventoy.net
**********************************************

Current system use dracut as initramfs tool
updating the initramfs, please wait ...
updating initramfs for 6.1.8-200.fc37.x86_64 please wait ...
grub mkconfig ...
PROBE_PATH=/usr/sbin/grub2-probe EDITENV_PATH=/usr/bin/grub2-editenv MKCONFIG_PATH=/usr/sbin/grub2-mkconfig
/usr/sbin/grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Adding boot menu entry for UEFI Firmware Settings ...
done
This is ventoy enviroment
recover shim efi ...
BACK=/boot/efi/EFI/BOOT/BOOTX64.EFI
BOOT=/boot/efi/EFI/BOOT/BOOTX64.EFI_VTBK

vtoyboot process successfully finished.
youk commented 1 year ago

Sorry, nevermind. My test wasn't clean. It's ok with injection plugin too.

ventoy commented 1 year ago

Sorry, nevermind. My test wasn't clean. It's ok with injection plugin too.

Good news.

ventoy commented 1 year ago

The latest Ventoy-1.0.90 and vtoyboot-1.0.29 has been released, and should have fixed these issues.