I’m not sure exactly why, but a change in the way the Linux kernel handled some signed modules when the system uses SecureBoot (at least, something like that) meant that the cameras on my Surface stopped working.
The cameras aren’t amazing at the moment, but they are far better than having no camera at all.
Digging into the kernel.log, I see:
ERROR: could not insert 'v4l2loopback': Key was rejected by service
To fix it, you need to create and enroll a MOK key, then use it to sign the module. And, fortunately, that is easier that it sounds.
Create your own MOK keys
sudo openssl req -new -x509 -nodes -days 36500 -subj "/CN=DKMS modules" -newkey rsa:2048 -keyout /root/mok.priv -outform DER -out /root/mok.der
(This creates a key valid for 100 years.)
Configure dkms to use them to sign modules
Enroll your MOK key:
mokutil --import /root/mok.der
It asks you for a password. Don’t worry; this means create a password, which you will use for MOK enrollment. (This stumped me for a bit.)
Reboot your computer and go through the UI for enrolling a MOK key. You’ll need the password you created earlier.
Install (and sign) v4l2loopback
With the MOK key enrolled, you can try to get
v4l2loopback working again.
First, remove it (or check you have already removed it):
sudo apt remove v4l2loopback-dkms -y
Check if a directory
v4l2loopback exists in
If so, remove it:
sudo dkms remove v4l2loopback/0.12.5 --all
(0.12.5 was the version I had; yours might differ.)
In doing this, it automatically deleted the directory, but if not (as indicated in one of the many posts I read, you might need to do it manually, with
rm -r /var/lib/dkms/v4l2loopback/).
Then reinstall it:
sudo apt install v4l2loopback-dkms -y
It should be signed as part of the installation.
Test loading it with
sudo modprobe v4l2loopback video_nr=42 card_label="virtualcam" exclusive_caps=1
If you don’t get an error, the kernel module has been loaded.