On 12-04-2023 09:55, Ralf Mardorf wrote:
Hi, some kernels that do boot on my old UEFI computer with legacy boot enabled, don't boot on my new UEFI computer were the Intel processor graphics doesn't allow to enable legacy boot, but at least _secure boot_ is _disabled_. What can I do to get rid of the error? [rocketmouse@archlinux ~]$ grep MODULE_SIG /lib/modules/4.19.271-rt120-0.300-cornflower/build/.config CONFIG_MODULE_SIG=y # CONFIG_MODULE_SIG_FORCE is not set CONFIG_MODULE_SIG_ALL=y # CONFIG_MODULE_SIG_SHA1 is not set # CONFIG_MODULE_SIG_SHA224 is not set # CONFIG_MODULE_SIG_SHA256 is not set # CONFIG_MODULE_SIG_SHA384 is not set CONFIG_MODULE_SIG_SHA512=y CONFIG_MODULE_SIG_HASH="sha512" CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" A kernel that doesn't fail: [rocketmouse@archlinux ~]$ grep MODULE_SIG /lib/modules/6.2.10-arch1-1/build/.config CONFIG_MODULE_SIG_FORMAT=y CONFIG_MODULE_SIG=y # CONFIG_MODULE_SIG_FORCE is not set CONFIG_MODULE_SIG_ALL=y # CONFIG_MODULE_SIG_SHA1 is not set # CONFIG_MODULE_SIG_SHA224 is not set # CONFIG_MODULE_SIG_SHA256 is not set # CONFIG_MODULE_SIG_SHA384 is not set CONFIG_MODULE_SIG_SHA512=y CONFIG_MODULE_SIG_HASH="sha512" CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" # CONFIG_MODULE_SIG_KEY_TYPE_RSA is not set CONFIG_MODULE_SIG_KEY_TYPE_ECDSA=y Regards, Ralf
The booting 6.2.10 kernel sets 2 options the non-booting 4.19.271 kernel doesn't : CONFIG_MODULE_SIG_FORMAT=y and CONFIG_MODULE_SIG_KEY_TYPE_ECDSA=y Does it make a difference if you add those options to the 4.19.271 kernel build ? LW
