Created
January 10, 2023 17:48
-
-
Save Dimtree/9ea4515161a26c63e4015cd7be7f6b76 to your computer and use it in GitHub Desktop.
Sign VirtualBox modules for Secure Boot on Fedora 37. See https://gist.github.com/reillysiemens/ac6bea1e6c7684d62f544bd79b2182a4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # /usr/local/sbin/sign-vbox-modules | |
| readonly hash_algo='sha256' | |
| readonly key='/root/module-signing/MOK.priv' | |
| readonly x509='/root/module-signing/MOK.der' | |
| # The exact location of `sign-file` might vary depending on your platform. | |
| alias sign-file="/usr/src/kernels/$(uname -r)/scripts/sign-file" | |
| if [ -z "${KBUILD_SIGN_PIN}" ]; then | |
| echo -n "Passphrase for ${key}: " | |
| read -s KBUILD_SIGN_PIN | |
| echo | |
| fi | |
| export KBUILD_SIGN_PIN | |
| for module in $(dirname $(modinfo -n vboxdrv))/*.ko.xz; do | |
| echo "Signing ${module} ..." | |
| xz -d "${module}" | |
| sign-file "${hash_algo}" "${key}" "${x509}" "${module%.*}" | |
| xz "${module%.*}" | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment