>>>>> [2015-11-02T14:36:52+0530]: "Nan Xiao" (nan-xiao): ,----[ nan-xiao ] | Sorry, I am a little confused about your explanation. `---- ah sorry about that. i just re-read your original post, and realized that you _are_ able to load the unsigned/badly-signed module. the only point of concern is that you see a "taint" message. this is expected. from Documentation/module-signing.txt ,---- | (1) "Require modules to be validly signed" (CONFIG_MODULE_SIG_FORCE) | | This specifies how the kernel should deal with a module that has a | signature for which the key is not known or a module that is unsigned. | | If this is off (ie. "permissive"), then modules for which the key is not | available and modules that are unsigned are permitted, but the kernel will | be marked as being tainted, and the concerned modules will be marked as | tainted, shown with the character 'E'. | | If this is on (ie. "restrictive"), only modules that have a valid | signature that can be verified by a public key in the kernel's possession | will be loaded. All other modules will generate an error. | | Irrespective of the setting here, if the module has a signature block that | cannot be parsed, it will be rejected out of hand. `---- if you don't want module signing at all, then set CONFIG_MODULE_SIG to 'n' and recompile your kernel. boot it, and then load modules without signing.... -- kind regards anupam _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
