Thread (9 messages) 9 messages, 4 authors, 2023-03-07

Re: [External] Re: [BUG] blacklist: Problem blacklisting hash (-13) during boot

From: Jeremy Kerr <jk@codeconstruct.com.au>
Date: 2023-02-26 03:54:56
Also in: keyrings, linux-integrity, lkml 

Hi Mark,

I have flagged this to the FW team (LO-2105) to get their feedback
and see if we can get it addressed on our platforms.
Any progress from the FW team about this? I have a fresh-out-of-the-box
T14s with this issue, there's 33 duplicated hashes in dbx:

$ mokutil --dbx | grep -E '[[:xdigit:]]{64}' | sort | uniq -cd
      2   106faceacfecfd4e303b74f480a08098e2d0802b936f8ec774ce21f31686689c
      2   174e3a0b5b43c6a607bbd3404f05341e3dcf396267ce94f8b50e2e23a9da920c
      2   1aec84b84b6c65a51220a9be7181965230210d62d6d33c48999c6b295a2b0a06
      2   29c6eb52b43c3aa18b2cd8ed6ea8607cef3cfae1bafe1165755cf2e614844a44
      2   2b99cf26422e92fe365fbf4bc30d27086c9ee14b7a6fff44fb2f6b9001699939
      2   2e70916786a6f773511fa7181fab0f1d70b557c6322ea923b2a8d3b92b51af7d
      2   3fce9b9fdf3ef09d5452b0f95ee481c2b7f06d743a737971558e70136ace3e73
      2   45c7c8ae750acfbb48fc37527d6412dd644daed8913ccd8a24c94d856967df8e
      2   47cc086127e2069a86e03a6bef2cd410f8c55a6d6bdb362168c31b2ce32a5adf
      2   47ff1b63b140b6fc04ed79131331e651da5b2e2f170f5daef4153dc2fbc532b1
      3   5391c3a2fb112102a6aa1edc25ae77e19f5d6f09cd09eeb2509922bfcd5992ea
      2   58fb941aef95a25943b3fb5f2510a0df3fe44c58c95e0ab80487297568ab9771
      2   64575bd912789a2e14ad56f6341f52af6bf80cf94400785975e9f04e2d64d745
      2   71f2906fd222497e54a34662ab2497fcc81020770ff51368e9e3d9bfcbfd6375
      3   80b4d96931bf0d02fd91a61e19d14f1da452e66db2408ca8604d411f92659f0a
      2   82db3bceb4f60843ce9d97c3d187cd9b5941cd3de8100e586f2bda5637575f67
      2   8ad64859f195b5f58dafaa940b6a6167acd67a886e8f469364177221c55945b9
      2   8d8ea289cfe70a1c07ab7365cb28ee51edd33cf2506de888fbadd60ebf80481c
      2   90fbe70e69d633408d3e170c6832dbb2d209e0272527dfb63d49d29572a6f44c
      2   992d359aa7a5f789d268b94c11b9485a6b1ce64362b0edb4441ccc187c39647b
      2   aeebae3151271273ed95aa2e671139ed31a98567303a332298f83709a9d55aa1
      2   c3a99a460da464a057c3586d83cef5f4ae08b7103979ed8932742df0ed530c66
      2   c409bdac4775add8db92aa22b5b718fb8c94a1462c1fe9a416b95d8a3388c2fc
      2   c452ab846073df5ace25cca64d6b7a09d906308a1a65eb5240e3c4ebcaa9cc0c
      2   c5d9d8a186e2c82d09afaa2a6f7f2e73870d3e64f72c4e08ef67796a840f0fbd
      2   c617c1a8b1ee2a811c28b5a81b4c83d7c98b5b0c27281d610207ebe692c2967f
      2   c90f336617b8e7f983975413c997f10b73eb267fd8a10cb9e3bdbfc667abdb8b
      2   d063ec28f67eba53f1642dbf7dff33c6a32add869f6013fe162e2c32f1cbe56d
      2   d626157e1d6a718bc124ab8da27cbb65072ca03a7b6b257dbdcbbd60f65ef3d1
      2   e051b788ecbaeda53046c70e6af6058f95222c046157b8c4c1b9c2cfc65f46e5
      2   f52f83a3fa9cfbd6920f722824dbe4034534d25b8507246b3b957dac6e1bce7a
 
- and so generating 33 KERN_ERR messages on boot.

Given there's (at least) a few months' worth of GA machines with this
issue, can we suppress the warning?

Cheers,


Jeremy
Related discussions
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help