This issue happens only on UEFI systems with enabled Secure Boot.
When I try to install DKMS modules like VirtualBox, Nvidia, or Broadcom drivers, they do not install and I get Required key not available when I try to modprobe them.
VirtualBox complains that vboxdrv is not loaded.
Broadcom wl driver is shown in lspci -k as a kernel module but is not in use. sudo modprobe wl throws Required key not available.
Also this issue may happen when I install some kernel modules from git sources.
This issue may appear after a kernel update as disabled wireless adapter, black screen after a reboot, etc.
How can I fix it?
Since Ubuntu kernel 4.4.0-20 the EFI_SECURE_BOOT_SIG_ENFORCE kernel config has been enabled. That prevents from loading unsigned third party modules if UEFI Secure Boot is enabled.
The easiest way to fix this issue is to disable Secure Boot in UEFI (BIOS) settings.
In most cases you can get into UEFI settings using grub menu. Press ESC button on booting, get into grub menu and select System Setup. Secure Boot option should be in "Security" or "Boot" section of the UEFI.
You can get into UEFI directly, but it depends on your hardware. Read your computer manual to see how to get there. It may be Del, or F2 on boot, or something else.
An alternative way is to disable Secure Boot using mokutil.
Since Ubuntu kernel build 4.4.0-21.37 this can be fixed by running
sudo apt install mokutil
sudo mokutil --disable-validation
It will require to create a password. The password should be at least 8 characters long. After you reboot, UEFI will ask if you want to change security settings. Choose "Yes".
Then you will be asked to enter the previously created password. Some UEFI firmware asks not for the full password, but to enter some characters of it, like 1st, 3rd, etc. Be careful. Some people do not understand this. I did not get it from the first attempt either ;-)
Update: Now this kernel config is enabled in all supported Ubuntu kernels. Ubuntu 16.04, 15.10 and 14.04 are affected.
No comments:
Post a Comment