* [LTP] [PATCH 1/1] fw_load: Skip on Lockdown/Secure Boot
@ 2026-01-07 11:49 Petr Vorel
2026-01-07 12:02 ` Li Wang via ltp
2026-01-07 12:02 ` Andrea Cervesato via ltp
0 siblings, 2 replies; 4+ messages in thread
From: Petr Vorel @ 2026-01-07 11:49 UTC (permalink / raw)
To: ltp
Similarly to delete_module0[13].c, finit_module02.c and init_module02.c
also fw_load.c cannot load modules due Lockdown/Secure Boot.
fw_load 0 TINFO : module signature enforcement: off
insmod: ERROR: could not insert module ltp_fw_load.ko: Key was rejected by service
dmesg:
[ 0.000000] [ T0] secureboot: Secure boot enabled
[ 0.000000] [ T0] Kernel is locked down from EFI Secure Boot mode; see man kernel_lockdown.7
...
[ 17.679826] [ T1591] Loading of unsigned module is rejected
Reported-by: Avinesh Kumar <akumar@suse.de>
Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
FYI once the test is rewritten into new API, it will just use as in
delete_module0[13].c:
/* lockdown and SecureBoot requires signed modules */
.skip_in_lockdown = 1,
.skip_in_secureboot = 1,
Kind regards,
Petr
testcases/kernel/firmware/fw_load_user/fw_load.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/testcases/kernel/firmware/fw_load_user/fw_load.c b/testcases/kernel/firmware/fw_load_user/fw_load.c
index b2ed09e6f3..f5b918a698 100644
--- a/testcases/kernel/firmware/fw_load_user/fw_load.c
+++ b/testcases/kernel/firmware/fw_load_user/fw_load.c
@@ -29,6 +29,7 @@
#include <string.h>
#include "test.h"
+#include "tst_security.h"
#include "safe_macros.h"
#include "old_module.h"
@@ -102,6 +103,9 @@ static void help(void)
void setup(int argc, char *argv[])
{
+ if (tst_lockdown_enabled() > 0 || tst_secureboot_enabled() > 0)
+ tst_brkm(TCONF, NULL, "Cannot load unsigned modules in Lockdown/Secure Boot");
+
tst_parse_opts(argc, argv, options, help);
if (nflag) {
--
2.51.0
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [LTP] [PATCH 1/1] fw_load: Skip on Lockdown/Secure Boot
2026-01-07 11:49 [LTP] [PATCH 1/1] fw_load: Skip on Lockdown/Secure Boot Petr Vorel
@ 2026-01-07 12:02 ` Li Wang via ltp
2026-01-07 16:44 ` Petr Vorel
2026-01-07 12:02 ` Andrea Cervesato via ltp
1 sibling, 1 reply; 4+ messages in thread
From: Li Wang via ltp @ 2026-01-07 12:02 UTC (permalink / raw)
To: Petr Vorel; +Cc: ltp
On Wed, Jan 7, 2026 at 7:50 PM Petr Vorel <pvorel@suse.cz> wrote:
>
> Similarly to delete_module0[13].c, finit_module02.c and init_module02.c
> also fw_load.c cannot load modules due Lockdown/Secure Boot.
>
> fw_load 0 TINFO : module signature enforcement: off
> insmod: ERROR: could not insert module ltp_fw_load.ko: Key was rejected by service
>
> dmesg:
> [ 0.000000] [ T0] secureboot: Secure boot enabled
> [ 0.000000] [ T0] Kernel is locked down from EFI Secure Boot mode; see man kernel_lockdown.7
> ...
> [ 17.679826] [ T1591] Loading of unsigned module is rejected
>
> Reported-by: Avinesh Kumar <akumar@suse.de>
> Signed-off-by: Petr Vorel <pvorel@suse.cz>
Reviewed-by: Li Wang <liwang@redhat.com>
--
Regards,
Li Wang
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LTP] [PATCH 1/1] fw_load: Skip on Lockdown/Secure Boot
2026-01-07 11:49 [LTP] [PATCH 1/1] fw_load: Skip on Lockdown/Secure Boot Petr Vorel
2026-01-07 12:02 ` Li Wang via ltp
@ 2026-01-07 12:02 ` Andrea Cervesato via ltp
1 sibling, 0 replies; 4+ messages in thread
From: Andrea Cervesato via ltp @ 2026-01-07 12:02 UTC (permalink / raw)
To: Petr Vorel, ltp
Hi!
Reviewed-by: Andrea Cervesato <andrea.cervesato@suse.com>
--
Andrea Cervesato
SUSE QE Automation Engineer Linux
andrea.cervesato@suse.com
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [LTP] [PATCH 1/1] fw_load: Skip on Lockdown/Secure Boot
2026-01-07 12:02 ` Li Wang via ltp
@ 2026-01-07 16:44 ` Petr Vorel
0 siblings, 0 replies; 4+ messages in thread
From: Petr Vorel @ 2026-01-07 16:44 UTC (permalink / raw)
To: Li Wang, Andrea Cervesato; +Cc: ltp
Hi all,
thanks for your review, merged!
Kind regards,
Petr
--
Mailing list info: https://lists.linux.it/listinfo/ltp
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2026-01-07 16:44 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-01-07 11:49 [LTP] [PATCH 1/1] fw_load: Skip on Lockdown/Secure Boot Petr Vorel
2026-01-07 12:02 ` Li Wang via ltp
2026-01-07 16:44 ` Petr Vorel
2026-01-07 12:02 ` Andrea Cervesato via ltp
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.