This bug is missing log files that will aid in diagnosing the problem.
While running an Ubuntu kernel (not a mainline or third-party kernel)
please enter the following command in a terminal window:
apport-collect 1996892
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
** Changed in: linux (Ubuntu Bionic)
Status: New => Incomplete
** Changed in: linux (Ubuntu Focal)
Status: New => Incomplete
** Changed in: linux (Ubuntu Jammy)
Status: New => Incomplete
** Changed in: linux (Ubuntu Kinetic)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1996892
Title:
Expose built-in trusted and revoked certificates
Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Bionic:
Incomplete
Status in linux source package in Focal:
Incomplete
Status in linux source package in Jammy:
Incomplete
Status in linux source package in Kinetic:
Incomplete
Status in linux source package in Lunar:
Incomplete
Bug description:
[ Impact ]
* Kernels have a set of builtin trusted and revoked certificates as a bundle
* It is not very easy to access them, one needs to either download linux
kernel package source code; or boot the kernel look up builtin hashes; and then
find certificates externally
* It would be more convenient for inspection to expose these in the
buildinfo package, which already exposes auxiliary kernel information
[ Test Plan ]
* sudo apt install linux-buildinfo-$(uname -r)
* check that /usr/lib/linux/$(uname -r)/canonical-certs.pem exists and
contains livepatch cert
* check that /usr/lib/linux/$(uname -r)/canonical-uefi-2012-all.pem exists
and contains 2012 cert
[ Where problems could occur ]
* buildinfo is an auxiliary package not installed by default, but
used by developer tooling and packaging.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1996892/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
