Fedora 38 not login in 2560x1440 resolution

Hi all, thanks for accepting me in the forum.

Fedora 38 not login in 2560×1440 custom resolution when I change to secure boot enabled, only login In Gnome.

Gnome :white_check_mark:
Classic Gnome :x:
Gnome xorg :x:
Classic Gnome xorg :x:

I change my resolution to custom in Nvidia settings, with no secure boot enabled I can log in without problems. My monitor is not 2560×1440 native resolution is 1920×1440, 144hz.

Thanks in advance.

All the best.

When you enable Secure Boot, the kernel doesn’t load the Nvidia propreitary driver, because it’s not part of the kernel. The system then runs probably on nouveau or some fallback driver (depending on how your system is configured), which likely doesn’t support high resolution and acceleration on your Nvidia card.

So you either need to have Secure Boot disabled, in order to have Nvidia proprietary driver working, or use Intel or AMD graphics card instead.

Any way to compile the Nvidia proprietary driver in to the kernel?

Thank you.

All the best.

No, it’s not about compilation. Intel and AMD have their source code as part of the kernel, it can be trusted. Nvidia have their source code hidden, the kernel can’t trust it (similarly to other third-party kernel modules, e.g. VMware). Secure Boot is not possible, the chain of trust is broken.

The Linux Kernel should be sel4 not this one: https://www.kernel.org/

I suggest to the Fedora Team to implement the microkernel sel4: https://sel4.systems/

Thanks.

All the best.

The rpmfusion nvidia documentation explains how to get the nvidia driver working with secure boot enabled. This boils down to: create a signing key, install into the UEFI, build and sign the nvidia driver.

Or as has been shown many times the user may sign the kernel modules as shown at
https://rpmfusion.org/Howto/Secure%20Boot?highlight=(\bCategoryHowto\b)

@caos1 already has the nvidia drivers installed so it is a simple matter of following instructions.

  1. perform every step carefully as shown in the file
    /usr/share/doc/akmods/README.secureboot
  2. remove the currently unsigned kernel modules with
    sudo dnf remove kmod-nvidia-$(uname -r)
  3. recreate the modules that will then be signed with
    sudo akmods --force
  4. After step 3 completes then wait about a minute before rebooting. During the reboot enable secure boot (unless already active)

These 4 steps easily enable the nvidia drivers with secure boot enabled. Note that the instructions at rpmfusion do not suggest the need to perform steps 2 & 3 above, but they are required if the drivers are already installed

1 Like

It is 100% about trust, but the user has the option to create a key and self sign the locally compiled kernel modules. Using secure boot with 3rd party drivers is quite possible, just not totally automatic as far as trust.

Intel and AMD have the driver modules signed and provided from the fedora repo. They are modules just like nvidia drivers, but are signed and distributed by fedora. The nvidia drivers do have proprietary code which is why the user must sign them instead of fedora providing the already signed modules.

Thanks is working. :+1:

All the best.

1 Like