You are not logged in.

Pages: 1

Topic closed

#1 2024-08-30 18:04:00

dqnne
Member
Registered: 2024-08-30
Posts: 2

NVIDIA module fails to load when kernel is in lockdown mode

In an attempt to increase the security of my system I've enabled kernel lockdown mode with the kernel parameter 

lockdown=integrity

However, the nvidia_uvm module now fails to get inserted on startup:

Aug 30 18:42:22 archlinux systemd-modules-load[1734]: Failed to insert module 'nvidia_uvm': Operation not permitted
Aug 30 18:42:22 archlinux kernel: Lockdown: systemd-modules: unsigned module loading is restricted; see man kernel_lockdown.7
Aug 30 18:42:22 archlinux systemd[1]: systemd-modules-load.service: Main process exited, code=exited, status=1/FAILURE
Aug 30 18:42:22 archlinux systemd[1]: systemd-modules-load.service: Failed with result 'exit-code'.
Aug 30 18:42:22 archlinux systemd[1]: Failed to start Load Kernel Modules.

I've tried solving this by installing nvidia-open-dkms instead of nvidia-open, since I read that DKMS signs the modules it builds with a self signed certificate, but it produces the same issue. Is there a way to get the NVIDIA modules to work with lockdown mode or do I need to disable lockdown?

More info:

  • Secure Boot is enabled and was originally set up with sbctl

  • System boots EFISTUB with Unified Kernel Image (no boot loader)

Last edited by dqnne (2024-08-30 18:26:10)

Offline

#2 2024-08-30 18:51:37

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 25,153

Re: NVIDIA module fails to load when kernel is in lockdown mode

Just building your own module with DKMS doesn't sign it by default.  Have you read https://wiki.archlinux.org/title/Signed_kernel_modules and specifically https://wiki.archlinux.org/title/Signed … MS_support ?

Last edited by V1del (2024-08-30 18:51:54)

Offline

#3 2024-08-30 19:26:05

dqnne
Member
Registered: 2024-08-30
Posts: 2

Re: NVIDIA module fails to load when kernel is in lockdown mode

I did find that page but I was unsure what to take from it. Am I understanding correctly that I need a custom signed kernel?

Offline

#4 2024-08-30 21:05:46

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 75,277

Re: NVIDIA module fails to load when kernel is in lockdown mode

Afaik nothing ever changed about https://gitlab.archlinux.org/archlinux/ … /issues/11 - so "yes"

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#5 2025-07-07 01:28:30

Sffred
Member
Registered: 2020-08-30
Posts: 55

Re: NVIDIA module fails to load when kernel is in lockdown mode

So one has to build his own kernel to achieve this?

Offline

#6 2025-07-07 06:08:04

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 75,277

Re: NVIDIA module fails to load when kernel is in lockdown mode

seth wrote:

Afaik nothing ever changed about https://gitlab.archlinux.org/archlinux/ … /issues/11 - so "yes"

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#7 2025-07-07 11:18:22

Lone_Wolf
Administrator
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 14,967

Re: NVIDIA module fails to load when kernel is in lockdown mode

Sffred. please start a new thread if needed and link to this one.

Closing this thread.

Last edited by Lone_Wolf (2025-07-07 11:19:24)

Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.

clean chroot building not flexible enough ?
Try clean chroot manager by graysky

Offline

Pages: 1

Topic closed

Board footer

Powered by FluxBB