Aeon uses nouveau kernel driver even nvidia installed and signed

seems i cant get nvidia to be loaded on AEON just runned updates and it is still using nouveau kernel and nvidia wont be used/available. Did fresh install yestreday and no success to get nvidia to be loaded

phatle@aeon:~> lspci -k | grep -EA3 'VGA|3D'
0000:00:02.0 VGA compatible controller: Intel Corporation TigerLake-H GT1 [UHD Graphics] (rev 01)
	DeviceName: Onboard - Video
	Subsystem: Dell Device 0a61
	Kernel driver in use: i915
--
0000:01:00.0 3D controller: NVIDIA Corporation GA107M [GeForce RTX 3050 Ti Mobile] (rev a1)
	Subsystem: Dell Device 0a61
	Kernel driver in use: nouveau
	Kernel modules: nouveau, nvidia_drm, nvidia
phatle@aeon:~> nvidia-smi
NVIDIA-SMI has failed because it couldn't communicate with the NVIDIA driver. Make sure that the latest NVIDIA driver is installed and running.

@PhatLe Is the nouveau module blacklisted /sbin/modprobe -c | grep "blacklist nouveau"

@PhatLe Also can you please post the output from inxi -Gxxz I’m currently collecting Nvidia data for inxi as we are trying to sort out gpu info.

blacklist nouveau
blacklist nouveau
phatle@aeon:~> 

inxi is not on host so here is distrobox details from container

Graphics:
  Device-1: Intel TigerLake-H GT1 [UHD Graphics] vendor: Dell driver: i915
    v: kernel arch: Gen-12.1 ports: active: DP-3 off: eDP-1 empty: DP-1,DP-2
    bus-ID: 0000:00:02.0 chip-ID: 8086:9a60
  Device-2: NVIDIA GA107M [GeForce RTX 3050 Ti Mobile] vendor: Dell
    driver: nouveau v: kernel arch: Ampere bus-ID: 0000:01:00.0
    chip-ID: 10de:25a0
  Device-3: Microdia Integrated_Webcam_HD driver: uvcvideo type: USB
    rev: 2.0 speed: 480 Mb/s lanes: 1 bus-ID: 3-11:4 chip-ID: 0c45:6a11
  Display: wayland server: N/A driver: gpu: i915 display-ID: 0
  Monitor-1: DP-3 model: LG (GoldStar) HDR WQHD res: 3440x1440 dpi: 109
    diag: 867mm (34.1")
  Monitor-2: eDP-1 model: Samsung 0x414d res: 3456x2160 dpi: 261
    diag: 396mm (15.6")
  API: OpenGL v: 4.6 vendor: intel mesa v: 24.1.3 glx-v: 1.4 es-v: 3.2
    direct-render: yes renderer: Mesa Intel UHD Graphics (TGL GT1)
    device-ID: 8086:9a60 display-ID: :0.0
  API: EGL Message: EGL data requires eglinfo. Check --recommends.

@PhatLe install as your user in ~/bin;

curl https://codeberg.org/smxi/smxi/raw/branch/master/smxi -o ~/bin/inxi
chmod 0755 ~/bin/inxi

Oh and need inxi -Gxxxz an extra x :wink:

phatle@aeon:~> inxi -Gxxxz

------------------------------------------------------------------
Error No: (38) You entered an unsupported option
or an option that needs an argument: z
Please see inxi -h for a list of supported options.
inxi cannot continue. Exiting now.
------------------------------------------------------------------

phatle@aeon:~> inxi -h
touch: cannot touch '/etc/smxi.conf': Permission denied
touch: cannot touch '/etc/smxi.conf': Permission denied
touch: cannot touch '/etc/smxi.conf': Permission denied
touch: cannot touch '/etc/smxi.conf': Permission denied

it works from DB since it has full nvidia integration so here it is

Graphics:
  Device-1: Intel TigerLake-H GT1 [UHD Graphics] vendor: Dell driver: i915
    v: kernel arch: Gen-12.1 ports: active: DP-3 off: eDP-1 empty: DP-1,DP-2
    bus-ID: 0000:00:02.0 chip-ID: 8086:9a60 class-ID: 0300
  Device-2: NVIDIA GA107M [GeForce RTX 3050 Ti Mobile] vendor: Dell
    driver: nouveau v: kernel arch: Ampere bus-ID: 0000:01:00.0
    chip-ID: 10de:25a0 class-ID: 0302
  Device-3: Microdia Integrated_Webcam_HD driver: uvcvideo type: USB
    rev: 2.0 speed: 480 Mb/s lanes: 1 bus-ID: 3-11:4 chip-ID: 0c45:6a11
    class-ID: 0e02
  Display: wayland server: N/A driver: gpu: i915 display-ID: 0
  Monitor-1: DP-3 model: LG (GoldStar) HDR WQHD serial: <filter>
    res: 3440x1440 dpi: 109 size: 800x335mm (31.5x13.19") diag: 867mm (34.1")
    modes: max: 3440x1440 min: 640x480
  Monitor-2: eDP-1 model: Samsung 0x414d res: 3456x2160 dpi: 261
    size: 336x210mm (13.23x8.27") diag: 396mm (15.6") modes: 3456x2160
  API: OpenGL v: 4.6 vendor: intel mesa v: 24.1.3 glx-v: 1.4 es-v: 3.2
    direct-render: yes renderer: Mesa Intel UHD Graphics (TGL GT1)
    device-ID: 8086:9a60 display-ID: :0.0
  API: EGL Message: EGL data requires eglinfo. Check --recommends.

I suspect this is because it’s in a container… N/A for the server…

Anyway, it shows nouveau blacklisted, but I suspect you may need to add to /etc/kernel/cmdline this fbdev=1 nosimplefb=1

Nothing silly like suse-prime or bbswitch installed?

nothing silly fresh install for latest RC3 build updated and the runned the nvidia installs as guided from openSUSE nvidia page.

installer says some folders do not excist and signing need to be done manually since it cant access --root-pw hash so cant sign automatically

output form /etc/kernel/cmdline

quiet loglevel=2 systemd.show_status=no console=ttyS0,115200 console=tty0 vt.global_cursor_default=0 ignition.platform.id=metal security=selinux selinux=1 root=UUID=baff1d01-6492-41ff-8ff5-0ca8e8ced57c

@PhatLe so edit and add the options, then transactional-update bootloader and reboot. Does your hardware TPM2 device meet the requirements, if so I would run with secured boot off, as recommended…

actually kernel is not tainted anymore so it means nvidia is not on kernel even installed

Device Security Report
======================

Report details
  Date generated:                                  2024-08-07 09:56:21
  fwupd version:                                   1.9.22

System details
  Hardware model:                                  Dell Inc. XPS 15 9510
  Processor:                                       11th Gen Intel(R) Core(TM) i9-11900H @ 2.50GHz
  OS:                                              Aeon
  Security level:                                  HSI:0! (v1.9.22)

HSI-1 Tests
  UEFI Platform Key:                               Pass (Valid)
  TPM v2.0:                                      ! Fail (Not Found)
  UEFI Bootservice Variables:                      Pass (Locked)
  Firmware BIOS Region:                            Pass (Locked)
  Intel Management Engine Version:                 Pass (Valid)
  UEFI Secure Boot:                                Pass (Enabled)
  Firmware Write Protection Lock:                  Pass (Enabled)
  Platform Debugging:                              Pass (Not Enabled)
  Intel Management Engine Manufacturing Mode:      Pass (Locked)
  BIOS Firmware Updates:                           Pass (Enabled)
  Firmware Write Protection:                       Pass (Not Enabled)
  Intel Management Engine Override:                Pass (Locked)

HSI-2 Tests
  Platform Debugging:                            ! Fail (Not Locked)
  Intel BootGuard ACM Protected:                   Pass (Valid)
  IOMMU Protection:                                Pass (Enabled)
  Intel BootGuard Fuse:                            Pass (Valid)
  Intel GDS Mitigation:                          ! Fail (Not Valid)
  BIOS Rollback Protection:                        Pass (Enabled)
  Intel BootGuard Verified Boot:                   Pass (Valid)
  Intel BootGuard:                                 Pass (Enabled)

HSI-3 Tests
  Suspend To RAM:                                  Pass (Not Enabled)
  Intel BootGuard Error Policy:                    Pass (Valid)
  Pre-boot DMA Protection:                         Pass (Enabled)
  Control-flow Enforcement Technology:             Pass (Supported)
  Suspend To Idle:                                 Pass (Enabled)

HSI-4 Tests
  Encrypted RAM:                                 ! Fail (Not Supported)
  Supervisor Mode Access Prevention:               Pass (Enabled)

Runtime Tests
  Control-flow Enforcement Technology:           ! Fail (Not Supported)
  Firmware Updater Verification:                   Pass (Not Tainted)
  Linux Swap:                                      Pass (Encrypted)
  Linux Kernel Verification:                       Pass (Not Tainted)
  Linux Kernel Lockdown:                           Pass (Enabled)

Host security events
  2024-08-05 17:34:58   Linux Kernel Verification    Pass (Tainted → Not Tainted)
  2024-08-05 16:23:49   Linux Kernel Verification  ! Fail (Not Tainted → Tainted)

For information on the contents of this report, see https://fwupd.github.io/hsi.html

i will try remove them and reinstall

and TPM is not found still this came after RC3

@PhatLe I wonder if it’s selinux related… I’m using TPM 2.0, but the report shows failed. I’m not sure of the overall accuracy…

yeah might be SElinux related since intel GDS and platform Debug is gone too it was there on first RC3 build before the tpm bug stuff and systemd256 update

it seems the installer script dont compile/build nvidia to kernel something is wrong reinstalled drivers and still not on kernel and kernel is not tainted

did not help and updated bootloader no nvidia still

got it working now

removed all nvidia → reinstalled all G06 drivers → added fbdev=1 nosimplefb=1 to /etc/kernel/cmdline → updated bootloader sudo transactional-update bootloader → booted and then manually signed MOK key again and now i have nvidia working

Gnome software about section shows only intel, but nvidia-smi is working so that means nvidia is wo

@PhatLe something is blocking the module to load, I can’t even load tpm_tis to overcome the fwupd error… which is funny because I can load the out of tree it87 module I use without issue…

yes might be SElinux or something else since after systemd 256 update i lost all those TPM, GDS platform debug is enabled etc on systemd 255 those were all good

and if fwupd dosent work now we cant update secure boot dbx or system firmware that might be needed

@PhatLe If I setenforce 0 and restart systemctl restart fwupd and systemctl restart tpm2-abrmd.service TPM 2.0 shows up in the report…

does it stays there if you then setenforce 1 seems more likly SElinux policy issue

@PhatLe no it goes back to failed…

1 Like

@PhatLe new snapshot released, should sort the issue with fwupd etc…

1 Like