Please note that after I logged this bug I realised that the issue is not actually INSTALL_MOD_STRIP as the kernel signs the modules *after* they are stripped, so the signatures should be OK.
I believe the issue is that *after* doing the module install make-kpkg then runs objcopy on the modules to copy out the debug sections for a debug package and then uses objcopy to remove the same debug sections (along with the signature) from the ones in the main package. :-( So currently this is affecting Raring (13.04) kernels causing them to be always tainted (I'll open a separate report to record that), thus: chris@quad:~$ dmesg | grep -i taint [ 2.003424] Disabling lock debugging due to kernel taint chris@quad:~$ grep -w F /proc/modules | wc -l 46 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1099371 Title: make-kpkg strips modules when CONFIG_MODULE_SIG is set, breaking crypto sigs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kernel-package/+bug/1099371/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
