0

I installed the NVIDIA driver 367.44 from the Nvidia site. As a last step I was prompted to disable secure boot on re-boot. I did that, but I am not fully comfortable keeping it disabled. I want to re-enable it and do not know how to.

In anycase, I can not use the Nvidia card for rendering and it only works with the "--no-opengl-files" option. Anything else pushes Ubuntu into a log-in loop.

Edit: 

sudo mokutil --sb-state

shows: 

SecureBoot enabled

But while booting I get an annoying "Booting in insecure mode message"

EDIT: as I understand from the comments this might not pertain to UFEI secure boot, but the MOK secure boot which is needed for Ubuntu to use third party drivers. I am still using 14.04 and keeping the validation enabled did not cause me any issues with my nvidia drivers for CUDA.

I tensorflow/stream_executor/cuda/cuda_gpu_executor.cc:900] successful NUMA node read from SysFS had negative value (-1), but there must be at least one NUMA node, so returning NUMA node zero
I tensorflow/core/common_runtime/gpu/gpu_init.cc:102] Found device 0 with properties: 
name: GeForce 940M
major: 5 minor: 0 memoryClockRate (GHz) 1.176
pciBusID 0000:04:00.0
Total memory: 1.96GiB
Free memory: 1.94GiB
I tensorflow/core/common_runtime/gpu/gpu_init.cc:126] DMA: 0 
I tensorflow/core/common_runtime/gpu/gpu_init.cc:136] 0:   Y 
I tensorflow/core/common_runtime/gpu/gpu_device.cc:755] Creating TensorFlow device (/gpu:0) -> (device: 0, name: GeForce 940M, pci bus id: 0000:04:00.0)
shaunakde
  • 111
  • Secure Boot is an UEFI feature that needs to be configured in the UEFI setup. This is not Ubuntu related. – Byte Commander Sep 30 '16 at 14:05
  • @ByteCommander This is not completely true. The mode is still enabled in the BIOS -- but it was disabled in the last step of the Nvidia driver install caused an annoying "Booting in insecure mode" message to occur.

    sudo mokutil --sb-state shows: SecureBoot enabled

     – shaunakde Sep 30 '16 at 14:09
  • When you turn on your computer, there should be a small indicator, normally on a corner of the screen, letting you know what key to press to enter to Bios setup. It depends on the computer. Once in the BIOS setup you can search for the secure boot and enable it. In case your computer doesn't star after this modification, repeat the process and disable it again. – juankvillegas Sep 30 '16 at 14:10
  • @juankvillegas It is set to "enabled" in the bios. It was disabled during setup of the NVIDIA driver using "shim"(?) – shaunakde Sep 30 '16 at 14:12
  • Where exactly do you get this "booting in insecure mode" message? I strongly doubt it is related to UEFI Secure Boot. If it shows as enabled in the UEFI setup menu and in the mokutil command, it is enabled. – Byte Commander Sep 30 '16 at 14:17
  • @ByteCommander -- It appears on the POST screen. Maybe this will help you understand the situation: http://askubuntu.com/questions/755238/why-disabling-secure-boot-is-enforced-policy-when-installing-3rd-party-modules – shaunakde Sep 30 '16 at 14:19
  • 5
    I found a solution in this thread: http://askubuntu.com/questions/726052/ubuntu-booting-in-insecure-mode-with-secureboot-enabled – shaunakde Sep 30 '16 at 14:22
  • Disabling and enabling validation doesn't work for my scenario. Whenever the UEFI is updated and/or CMOS is cleared, NVidia drivers do not load. Both times I resorted to purging and re-installing the driver from NVIDIA website. It provides the name of a .der file to import into mokutil: mokutil --import /usr/share/nivida/nvidia-modsign-cert-*.der Enter password twice Reboot and register MOK This is annoying. There must be a simply cmd for mokutil to re-import all keys. Also, I think my WiFi driver (I use a wire so doesn't bother me) needs a registered key to work. – sheldonm301 Apr 29 '23 at 21:12

1 Answers1

1

I found a solution in this thread: Ubuntu: "Booting in insecure mode" with SecureBoot enabled

Basically this issue pertains to the validation in module MOK (Machine Owner Key).

To get rid of the message it is sufficient to type: 

sudo mokutil --enable-validation

There is a chance that in Ubuntu 16 the driver might stop working. But I can confirm that in ubuntu 14.04 - cuda functionality is unaffected. I was not using the driver for rendering anyway. 

>>> sess = tensorflow.Session()
I tensorflow/stream_executor/cuda/cuda_gpu_executor.cc:900] successful NUMA node read from SysFS had negative value (-1), but there must be at least one NUMA node, so returning NUMA node zero
I tensorflow/core/common_runtime/gpu/gpu_init.cc:102] Found device 0 with properties: 
name: GeForce 940M
major: 5 minor: 0 memoryClockRate (GHz) 1.176
pciBusID 0000:04:00.0
Total memory: 1.96GiB
Free memory: 1.94GiB
I tensorflow/core/common_runtime/gpu/gpu_init.cc:126] DMA: 0 
I tensorflow/core/common_runtime/gpu/gpu_init.cc:136] 0:   Y 
I tensorflow/core/common_runtime/gpu/gpu_device.cc:755] Creating TensorFlow device (/gpu:0) -> (device: 0, name: GeForce 940M, pci bus id: 0000:04:00.0)
Community
  • 1
shaunakde
  • 111
  • After you enable validation the Nvidia driver does not load any more. – Pilot6 Sep 30 '16 at 14:27
  • @Pilot6 The Nvidia driver was anyway causing a log in loop with my system and I am using it only for CUDA support which works regardless. Anyway, the documentation about this is sparse and I think it is important for those who want to do this to know how it. Also I am using ubuntu 14.04 - maybe that makes a difference. – shaunakde Sep 30 '16 at 14:31