You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
You will not see it unless you look through your \sh|journalctl| .
See \ref{sec:helloworld} for details.
To have immediate access to this information, do all your work from the console.
\item SecureBoot.
Many contemporary computers are pre-configured with UEFI SecureBoot enabled.
It is a security standard that can make sure the device boots using only software that is trusted by original equipment manufacturer.
The default Linux kernel from some distributions have also enabled the SecureBoot.
For such distributions, the kernel module has to be signed with the security key or you would get the "\emph{ERROR: could not insert module}" when you insert your first hello world module:
\begin{codebash}
insmod ./hello-1.ko
\end{codebash}
And then you can check further with \sh|dmesg| and see the following text:
\emph{Lockdown: insmod: unsigned module loading is restricted;
see man kernel lockdown.7}
If you got this message, the simplest way is to disable the UEFI SecureBoot from the PC/laptop boot menu to have your "hello-1" to be inserted.
Of course you can go through complicated steps to generate keys, install keys to your system, and finally sign your module to make it work.
However, this is not suitable for beginners.
You could read and follow the steps in \href{https://wiki.debian.org/SecureBoot}{SecureBoot} if you are interested.
