Initial commit

.gitignore

@@ -0,0 +1 @@
+MOK.*

README.md

@@ -0,0 +1,8 @@
+# VMware Secure Boot Sign
+This will sign vmmon.ko and vmnet.ko files on the kernel.
+
+Tested on Fedora 40. May not work on other distros.
+
+
+# How to run
+First run `gen-key.sh` then `sign.sh`

gen-key.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+if [[ $EUID -ne 0 ]]; then
+   echo "This script must be run as root. Exiting."
+   exit 1
+fi
+
+openssl req -new -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -nodes -x509 -days 36500 -subj "/CN=VMware Module Signing Key"
+mokutil --import MOK.der
+
+echo "Reboot your computer"

sign.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+if [[ $EUID -ne 0 ]]; then
+   echo "This script must be run as root. Exiting."
+   exit 1
+fi
+
+/usr/src/kernels/$(uname -r)/scripts/sign-file \
+      sha256 \
+      MOK.priv \
+      MOK.der \
+      /lib/modules/$(uname -r)/misc/vmmon.ko
+echo "Signed vmmon"
+/usr/src/kernels/$(uname -r)/scripts/sign-file \
+      sha256 \
+      MOK.priv \
+      MOK.der \
+      /lib/modules/$(uname -r)/misc/vmnet.ko
+echo "Signed vmnet"
+
+modprobe vmmon