Skip to content

Updated README.md file with some installation problems solution. #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Updated README.md file with some installation problems solution. #90

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
123 changes: 122 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,111 @@ Find your kernel source tree, and edit `src/Makefile`. Locate the following line
Modify this line so that it points to the correct source tree.
After that, run `make` to create `fl2000.ko` and run `insmod fl2000.ko` to load the driver.


**Note:**

- If you miss some program (like 'flex'), just do

```
$ sudo apt-get install _program_name_
```

to get it.

- If you get some errors in `insmod` command like:

- **"Key was rejected by service":** You are working in Secure Boot, so you have to sign the `fl2000.ko` module.

1. Create `openssl.conf` file with this text inside (under `req_distinguished_name` you can edit the fields with custom preference, but it's optional):

```
# This definition stops the following lines choking if HOME isn't
# defined.
HOME = .
RANDFILE = $ENV::HOME/.rnd
[ req ]
distinguished_name = req_distinguished_name
x509_extensions = v3
string_mask = utf8only
prompt = no

[ req_distinguished_name ]
countryName = CA
stateOrProvinceName = Quebec
localityName = Montreal
0.organizationName = cyphermox
commonName = Secure Boot Signing
emailAddress = [email protected]

[ v3 ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
basicConstraints = critical,CA:FALSE
extendedKeyUsage = codeSigning,1.3.6.1.4.1.311.10.3.6,1.3.6.1.4.1.2312.16.1.2
nsComment = "OpenSSL Generated Certificate"
```

2. Now, create public and private keys using openssl command as:

```
$ openssl req -config openssl.conf -new -x509 -newkey rsa:2048 -nodes -days 36500 -outform DER -keyout "MOK.priv" -out "MOK.der"
```

This command, will create the “MOK.priv” and “MOK.der” files in present working directory (PWD) by accepting openssl.conf as input file.

3. Now, the next step is to enroll this keys with the SHIM UEFI Bootloader ( SHIM is a simple software package that is designed to work as a first-
stage bootloader on UEFI systems ) . This enrolling can be done as:

```
$ sudo mokutil --import MOK.der
```

Then you should input password and confirm it. Remember the password you entered here, as we would need to add this when we reboot the
machine.

4. Now reboot and at start press "Enroll MOK", then "Enroll the keys", now press "Yes", "Continue", "Yes" again, enter the password
inserted in the step before and then reboot again.

5. Now, after your Linux machine is rebooted completely, lets go back to signing the kernel module and try to insert it:

```
$ kmodsign sha512 MOK.priv MOK.der fl2000.ko
```

6. Now retry with the insmod command and if you have another error message, go to its description.

- **"Invalid module format":** You have compiled the fl2000.ko module with the wrong linux-headers version or you have not installed it well.

1. Check that the actual version in use by the sistem is the same you have written in the KERNEL_PATH variable:

```
$ uname -r
```

2. If it's not the same, then change it, do `$ make clean`, then `$ make`, resign with `kmodsign` (if needed) and redo the `insmod` command.

3. If it is the same, you need to uninstall and reinstall it, so you have to follow these steps:

```
$ sudo apt update && sudo apt upgrade
$ sudo apt remove --purge linux-headers-*
$ sudo apt autoremove && sudo apt autoclean
$ sudo apt install linux-headers-generic
```

4. If the last "generic" version hasn't been installed, try to install it manually by:

```
$ sudo apt-get install linux-headers-
```

press `TAB`, look to the greater "-generic" version, install it and `reboot`.

5. Now write in the ./FL2000/src/Makefile into the `KERNEL_PATH` variable the right linux-headers generic version and redo the steps to insmod.

- **"Bad message":** You have generated the `fl2000.ko` module, in a wrong way. Try to check every steps and commands.


#### 6b. Test the driver

In the `sample` folder, run `make` to create `fltest`. If you you are using a
Expand All @@ -51,9 +156,25 @@ user mode buffer access methods (e.g copy to kernel internal buffer, or
directly locking down user buffer). Look at `fl2000_ioctl.h` for detailed
information.


**Note:**

If something goes wrong (like it cannot find the device) check the right name of the device in `/dev/` directory (for example could be "fl2000-2") and edit it in `./FL2000/sample/main.c` file in the line:

```
#define FL2K_NAME "/dev/fl2000-2"
```

Then delete `fltest` file if it is present and do:

```
$ sudo make fltest
```

Retry to run `./fltest 0`

### 7. How do I file a bug to the Fresco Logic developers?

You can file bugs to [Github Issues](https://github.com/fresco-fl2000/fl2000/issues)