From: Michael Jeanson via lttng-dev <lttng-dev@lists.lttng.org>
To: "Cook, Layne" <Layne.Cook@ballaerospace.com>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
"lttng-dev@lists.lttng.org" <lttng-dev@lists.lttng.org>
Subject: Re: [lttng-dev] [EXTERNAL] Re: Status of LTTng-scope and Lttng-analyses
Date: Tue, 1 Aug 2023 16:28:58 -0400 [thread overview]
Message-ID: <41373769-12d4-56e1-0ae3-a464481770b1@efficios.com> (raw)
In-Reply-To: <BN0P110MB0967A44E8E48B2C03878D429920AA@BN0P110MB0967.NAMP110.PROD.OUTLOOK.COM>
On 2023-08-01 14:37, Cook, Layne via lttng-dev wrote:
> Thanks for the reply Mathieu. We are going to go with Trace Compass.
>
> Could I hit you with one more question? I've been unable to find an answer on
> the web.
>
> When I build lttng-modules using the sources and instructions from here
> <https://github.com/lttng/lttng-modules/blob/master/README.md#kernel-built-in-support>, it fails because it cannot sign the kernel modules with keys. During the "make modules_install" phase, it gives these messages for each module:
>
> At main.c:160:
> - SSL error:02001002:system library:fopen:No such file or directory:
> crypto/bio/bss_file.c:69
> - SSL error:2006D080:BIO routines:BIO_new_file:no such file:
> crypto/bio/bss_file.c:76
> sign-file: certs/signing_key.pem: No such file or directory
> INSTALL /root/lttng-modules-master/src/lib/lttng-lib-ring-buffer.ko
>
> Subsequently, the modules fail to load with an error:
> modprobe: ERROR: could not insert 'lttng_ring_buffer_client_discard': Required
> key not available
>
> I'm am installing on a RHEL8 system. Is this because RHEL8 is not supported as
> an official Enterprise release? Have the keys and/or their locations changed
> for RHEL8?
>
> Thanks,
>
> LC
> layne.cook@ballaerospace.com
Hi,
This probably means that your machine is running with UEFI Secure Boot
activated, if it's the case to load out of tree modules you either need to
disable it or create a signing key, register it in the firmware and sign your
modules with it.
Here is the Redhat documentation on the subject [1].
[1]
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-a-kernel-and-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel#signing-kernel-modules-with-the-private-key_signing-a-kernel-and-modules-for-secure-boot
Michael
_______________________________________________
lttng-dev mailing list
lttng-dev@lists.lttng.org
https://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
prev parent reply other threads:[~2023-08-01 20:29 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-18 19:27 [lttng-dev] Status of LTTng-scope and Lttng-analyses Cook, Layne via lttng-dev
2023-07-19 14:09 ` Mathieu Desnoyers via lttng-dev
2023-08-01 18:37 ` [lttng-dev] [EXTERNAL] " Cook, Layne via lttng-dev
2023-08-01 20:28 ` Michael Jeanson via lttng-dev [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41373769-12d4-56e1-0ae3-a464481770b1@efficios.com \
--to=lttng-dev@lists.lttng.org \
--cc=Layne.Cook@ballaerospace.com \
--cc=mathieu.desnoyers@efficios.com \
--cc=mjeanson@efficios.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).