When attempting to compile my custom Linux kernel, the sudo make modules_install command failed, resulting in the following errors:
INSTALL /lib/modules/6.4.0+/kernel/arch/x86/events/amd/power.ko
SIGN /lib/modules/6.4.0+/kernel/arch/x86/events/amd/power.ko
At main.c:167:
- SSL error:FFFFFFFF8000000D:system library::Permission denied: crypto/bio/bss_file.c:67
- SSL error:10080002:BIO routines::system lib: crypto/bio/bss_file.c:77
sign-file: certs/signing_key.pem
make[1]: *** [scripts/Makefile.modinst:87: /lib/modules/6.4.0+/kernel/arch/x86/events/amd/power.ko] Error 1
make[1]: *** Deleting file '/lib/modules/6.4.0+/kernel/arch/x86/events/amd/power.ko'
make: *** [Makefile:1961: modules_install] Error 2
There are the certificates for signature in my config file:
CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
CONFIG_MODULE_SIG_KEY_TYPE_RSA=y
# CONFIG_MODULE_SIG_KEY_TYPE_ECDSA is not set
CONFIG_SYSTEM_TRUSTED_KEYRING=y
CONFIG_SYSTEM_TRUSTED_KEYS=""
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
# CONFIG_SECONDARY_TRUSTED_KEYRING is not set
CONFIG_SYSTEM_BLACKLIST_KEYRING=y
CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
# CONFIG_SYSTEM_REVOCATION_LIST is not set
# CONFIG_SYSTEM_BLACKLIST_AUTH_UPDATE is not set
# end of Certificates for signature checking
I creatred the signing_key.pem using the command:
openssl req -new -nodes -utf8 -sha512 -days 36500 -batch -x509 -config x509.genkey -outform DER -out signing_key.x509 -keyout signing_key.pem
x509.genkey file:
[ req ]
default_bits = 4096
distinguished_name = req_distinguished_name
prompt = no
string_mask = utf8only
x509_extensions = myexts
[ req_distinguished_name ]
CN = Modules
[ myexts ]
basicConstraints=critical,CA:FALSE
keyUsage=digitalSignature
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid
OS: red hat enterprise linux 9.0
kernel: 5.14.0-70.13.1.el9_0.x86_64
I'm tring to compile the latest kernel version 6.4.0, I also tried to compile the latest version (6.X) and also 5.1X.
