What is the proper way of signing a kernel module in silverblue? (Secure boot is on)

Let’s say i need to load a kernel module in silverblue that i just built, and i have secure boot on.
What is the easiest way of signing that kernel module in silverblue? And is there any available key or do i need to create a pair myself and import it and sign it with my own keys?

I need to do it in a way that i can just add few commands to the makefile of the projects that have a kernel module, and sign them before insmod and therefore making the makefile work again.

Take a look at, https://github.com/fedora-silverblue/issue-tracker/issues/272


1 Like