Hi everyone, I have Virtualbox 6.1.14-140239 on Debian 10, running with Secure Boot on UEFI with kernel 5.4.8-1~bpo10+1 and the following apt source: "deb [arch=amd64] https://download.virtualbox.org/virtualbox/debian buster contrib"
For at least 1 month, I get the following message in my syslog regularly: "vboxdrv.sh: You must sign these kernel modules before using VirtualBox: vboxdrv vboxnetflt vboxnetadp" So I followed https://gist.github.com/reillysiemens/ac6bea1e6c7684d62f544bd79b2182a4 (+ comments to adjust the script appropriately for my Debian 10). Now my modules XX are signed as shown below: for module in /lib/modules/5.4.0-0.bpo.2-amd64/misc/*; do hexdump -Cv $module | tail -4; done 00f0ea40 00 00 02 00 00 00 00 00 00 00 01 90 7e 4d 6f 64 |............~Mod| 00f0ea50 75 6c 65 20 73 69 67 6e 61 74 75 72 65 20 61 70 |ule signature ap| 00f0ea60 70 65 6e 64 65 64 7e 0a |pended~.| 00f0ea68 00097d80 00 00 02 00 00 00 00 00 00 00 01 90 7e 4d 6f 64 |............~Mod| 00097d90 75 6c 65 20 73 69 67 6e 61 74 75 72 65 20 61 70 |ule signature ap| 00097da0 70 65 6e 64 65 64 7e 0a |pended~.| 00097da8 000fc5b0 00 00 02 00 00 00 00 00 00 00 01 90 7e 4d 6f 64 |............~Mod| 000fc5c0 75 6c 65 20 73 69 67 6e 61 74 75 72 65 20 61 70 |ule signature ap| 000fc5d0 70 65 6e 64 65 64 7e 0a |pended~.| 000fc5d8 "systemctl restart vboxdrv" works (loaded & active) and there is no fail error in journalctl (before that, I got "Failed to start VirtualBox Linux kernel module"). However, I still get the message "vboxdrv.sh: You must sign these kernel modules before using VirtualBox: vboxdrv vboxnetflt vboxnetadp" in journalctl (!) A manual "/sbin/vboxconfig" is replacing my signed modules /lib/modules/5.4.0-0.bpo.2-amd64/misc/{vboxdrv,vboxnetadp,vboxnetflt}.ko with unsigned ones causing "modprobe vboxdrv" to fail ("Lockdown: modprobe: unsigned module loading is restricted"). I don't have a VM setup yet. Am I supposed to get errors when I would launch one VM because of my unsigned modules supposedly? In the end, are my modules signed (hexdump tells me they are) or unsigned (see journalctl)? Maybe I didn't sign the appropriate ones? Thanks in advance :) Best regards, l0f4r0 _______________________________________________ VBox-users-community mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vbox-users-community _______________________________________________ Unsubscribe: mailto:[email protected]?subject=unsubscribe
