kvm:模块验证失败:缺少签名和/或所需的密钥 - 污染内核 [英] kvm: module verification failed: signature and/or required key missing - tainting kernel
问题描述
我使用的是 Ubuntu 14.04 LTS 和内核版本 3.13.11.4.
我正在尝试加载已修补的 KVM 模块 kvm 和 kvm-intel,但出现以下错误
I'm using Ubuntu 14.04 LTS and kernel version 3.13.11.4.
I'm trying to load patched KVM modules kvm and kvm-intel and I'm getting the following errors
kvm:模块验证失败:签名和/或所需的密钥丢失 - 污染内核
和 kvm: 模块有坏的污点,没有创建跟踪事件.
所使用的源与创建我当前正在运行的映像的源相同.
我已经检查了符号并确保错误不是由于在我导出函数的修补文件中不包含 EXPORT_SYMBOL_GPL() 引起的.
The source used is the same source that created the image that I am currently running.
I've check the symbols and made sure to the error isn't cause by not including EXPORT_SYMBOL_GPL() in the patched files where I exported functions.
我还看到了一些关于导致此错误的不同内核版本的内容,但我构建的内核与我用来创建修补过的 kvm 模块的源相同.
所有编译都没有警告.任何帮助表示赞赏!
I've also seen some stuff about different kernel versions causing this error but I built the kernel that I'm booted in with the same source that I used to create the patched kvm modules.
Everything compile without an warning. Any help is appreciated!
推荐答案
您的系统供应商似乎已启用 内核模块签名验证 在您的内核上,这意味着它不会加载任何供应商未签名的模块.换句话说,你的补丁模块没有签名(正确),内核将拒绝加载它.
It seems like the vendor of your system has enabled kernel module signature verification on your kernel which means it won't load any module that the vendor hasn't signed. In other words, your patched module isn't signed (properly) and the kernel will refuse to load it.
这样做的目的是为了防止恶意软件和 rootkit 加载恶意内核模块.
The point of this is supposed to prevent malware and rootkits from loading malicious kernel modules.
我建议您联系您的供应商.您的平台上可能有一个选项可以禁用签名检查.否则,您的供应商可能会为您签署模块.您甚至可能拥有签名验证算法的密钥和详细信息,并且可以自行签名.
I suggest you contact your vendor. There may be an option somewhere on your platform to disable signature checking. Otherwise, your vendor may be able to sign the module for you. You might even have the key and the details of the signature verification algorithm and can sign it yourself.
如果不知道您在哪个平台上运行,就很难给出更具体的建议.
Without knowing what platform you're running on, it's hard to give more specific suggestions.
这篇关于kvm:模块验证失败:缺少签名和/或所需的密钥 - 污染内核的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
