Bugzilla – Bug 1222576
Virtualbox doesn't work with secure boot
Last modified: 2024-06-28 23:09:16 UTC
When secure boot is enabled, the virtual machine does not start. "The virtual machine 'Windows 11' has terminated unexpectedly during startup with exit code 1 (0x1). Result Code: NS_ERROR_FAILURE (0X80004005) Component: MachineWrap Interface: IMachine {300763af-5d6b-46e6-aa96-273eac15538a}" "Kernel driver not installed (rc=-1908) The VirtualBox Linux kernel driver is either not loaded or not set up correctly. Please try setting it up again by executing '/usr/sbin/vboxconfig' as root. If your system has EFI Secure Boot enabled you may also need to sign the kernel modules (vboxdrv, vboxnetflt, vboxnetadp, vboxpci) before you can load them. Please see your Linux system's documentation for more information. where: suplibOsInit what: 3 VERR_VM_DRIVER_NOT_INSTALLED (-1908) - The support driver is not installed. On linux, open returned ENOENT."
Same issue on Leap 15.6.
As mentioned in the error message, you need to sign the kernel modules. This is quite complex, so here is how to do so. First, you need to create a key that will be used to sign the kernel. su mkdir -p /var/lib/shim-signed/mok openssl req -nodes -new -x509 -newkey rsa:2048 -outform DER -addext "extendedKeyUsage=codeSigning" -keyout /var/lib/shim-signed/mok/MOK.priv -out /var/lib/shim-signed/mok/MOK.der sudo mokutil --import /var/lib/shim-signed/mok/MOK.der reboot When rebooting, enroll the new key by typing the password you chose while creating the key. Then, we will create a script to sign the kernel modules. su cd /var/lib/shim-signed/mok vi sign-vbox The script should be like this: #!/bin/bash for modfile in $(dirname $(modinfo -n vboxdrv))/*.ko; do echo "Signing $modfile" /lib/modules/$(uname -r)/build/scripts/sign-file sha256 \ MOK.priv \ MOK.der "$modfile" done Then we run it. chmod 755 sign-vbox ./sign-vbox reboot Enjoy virtualbox with secure boot enabled!