On 2023-08-01 14:37, Cook, Layne via lttng-dev wrote:
Thanks for the reply Mathieu. We are going to go with Trace Compass.
Could I hit you with one more question? I've been unable to find an answer on
the web.
When I build lttng-modules using the sources and instructions from here
<https://github.com/lttng/lttng-modules/blob/master/README.md#kernel-built-in-support>, it fails because it cannot sign the kernel modules with keys. During the "make modules_install" phase, it gives these messages for each module:
At main.c:160:
- SSL error:02001002:system library:fopen:No such file or directory:
crypto/bio/bss_file.c:69
- SSL error:2006D080:BIO routines:BIO_new_file:no such file:
crypto/bio/bss_file.c:76
sign-file: certs/signing_key.pem: No such file or directory
INSTALL /root/lttng-modules-master/src/lib/lttng-lib-ring-buffer.ko
Subsequently, the modules fail to load with an error:
modprobe: ERROR: could not insert 'lttng_ring_buffer_client_discard': Required
key not available
I'm am installing on a RHEL8 system. Is this because RHEL8 is not supported as
an official Enterprise release? Have the keys and/or their locations changed
for RHEL8?
Thanks,
LC
layne.c...@ballaerospace.com
Hi,
This probably means that your machine is running with UEFI Secure Boot
activated, if it's the case to load out of tree modules you either need to
disable it or create a signing key, register it in the firmware and sign your
modules with it.
Here is the Redhat documentation on the subject [1].
[1]
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-a-kernel-and-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel#signing-kernel-modules-with-the-private-key_signing-a-kernel-and-modules-for-secure-boot
Michael
_______________________________________________
lttng-dev mailing list
lttng-dev@lists.lttng.org
https://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
