On Sat, Apr 30, 2016 at 08:32:48AM +0000, Jamie Heilman wrote: > I usually build my kernels to require module signatures and use > automatic signing. As of v4.6-rc1 I'm getting this on boot: > > Problem loading in-kernel X.509 certificate (-2) > > I bisected that to commit d43de6c780a84def056afaf4fb3e66bdaa1efc00 > (akcipher: Move the RSA DER encoding check to the crypto layer) > > For some reason after this commit my system keyring always ends up > empty. I use the deb-pkg make target. My kernel config can > be found at > http://audible.transient.net/~jamie/k/modsign.config-4.6.0-rc5-guest > > Let me know if you need anything else. David, any ideas on this problem? If we can't get a quick fix on this then we'll have to revert. Jamie, does reverting this patch by itself resolve the problem? Thanks, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html