Comments (3)
reply to @shen771
module verification failed: signature and/or required key missing - tainting kernel is known at stackoverflow
https://stackoverflow.com/questions/24975377/kvm-module-verification-failed-signature-and-or-required-key-missing-taintin
do_init_module register_kprobe failed, returned -2 is known at README https://github.com/bytedance/Elkeid/blob/main/driver/README.md#known-bugs
from elkeid.
大师给了个指点方向,今天研究了半天,翻译成人话:
1、出现这个报错是因为ko文件没有系统的签名,如果要需要给driver.ko文件签名请参考这篇文件:http://blog.chinaunix.net/uid-27717694-id-3999307.html 但是这个事情大概率是搞不定的,因为系统signing_key.priv私钥你没有,除非你新增一对自定义密钥到系统中,还要考虑服务器重启EFI引导自签名Linux内核。
2、如果想要driver.ko文件有签名,不能用字节预编译分发的ko。只能os上安装kernel-dev包,然后本机编译出来的ko才能加载。
大师我理解的对不?
from elkeid.
我的理解是这样的,比如centos9,默认安装好以后,它的/usr/src/kernels/xxx/certs/下面,没有signing_key.pem 和 signing_key.x509, 所以如果你想自己生成这两个文件,那么需要重新编译内核,让内核用你的这两个文件去verify module, 默认的呢,应该是用signing_key.priv去签名module,如果你想要签名你自己的module,那没办法
所以想driver.ko, 可能要先编译内核
from elkeid.
Related Issues (20)
- rasp jvm版本支持问题 HOT 1
- tlinux24 docker批量编译部分ko编译失败 HOT 3
- 集群导入出现异常the server has asked for the client to provide credentials
- Bug: Possible Channel Blocking Operation
- KO运行异常或丢失的信息未上报或展示 HOT 1
- 安装kafka时报错 HOT 1
- 执行病毒扫描过程中进度一直是0 HOT 2
- 怎么理解 agent 和 server/agent_center 下面的grpc.proto 风格不一样 HOT 2
- LKM驱动中rename或link后新路径获取异常
- agent采集不到执行的命令
- agent安装部署下载改为https HOT 2
- 什么时候能支持多一点系统呢
- docker部署报错
- ubuntu 6.5.0及以上版本ko编译错误
- driver compile failed on 5.4.250-1.el7.elrepo.x86_64 HOT 2
- 什么时候支持从前端删除离线机器
- Docker 部署时,agent init 报错。
- 容器集群-安全组件安装问题 HOT 8
- 8089端口命名有误
- Redis部署报错 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elkeid.