Dynamic or third party compiled Kernel modules do not work when Secure Boot based on static keys is enabled.

Flashes (Alerts)

Abstract

Kernel modules compiled dynamically or by third parties do not work when Secure Boot based on static keys is enabled.

Content

Linux Releases Affected

RHEL 8.5, RHEL 8.6, and RHEL 9.0.

IBM Systems Affected

IBM Power10.

Symptoms

When secure boot based on static keys is enabled, certain features that involve modules compiled 
on the system dynamically or by third parties do not work. This includes third party device drivers 
and the systemtap kernel module backend.

Workaround

Users of systemap can try the --runtime=bpf or --runtime=dyninst backends, though they have 
limitations.

Fix Outlook

None

I/O device impacted

None.

[{"Type":"MASTER","Line of Business":{"code":"LOB26","label":"Storage"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SGMV157","label":"IBM Support for Red Hat Enterprise Linux Server"},"ARM Category":[{"code":"a8m0z000000Gnl7AAC","label":"Red Hat Enterprise Linux"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Tips

Dynamic or third party compiled Kernel modules do not work when Secure Boot based on static keys is enabled.

Flashes (Alerts)

Abstract

Content

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?