On 02/21/18 04:59, Stephen Morris wrote: > On 20/2/18 8:54 am, Ed Greshko wrote: >> On 02/20/18 04:41, Stephen Morris wrote: >>> I'm using the nvidia drivers from negativo17. I have the nvidia source module >>> registered with dkms and it seems to be being compiled when I get a new kernel, if >>> that is the case what do I need to do to resolve the following messages shown by >>> "dmesg"? >>> >>> >>> [ 14.934074] nvidia: loading out-of-tree module taints kernel. >>> [ 14.934086] nvidia: module license 'NVIDIA' taints kernel. >>> [ 14.934087] Disabling lock debugging due to kernel taint >>> [ 14.943865] nvidia: module verification failed: signature and/or required key >>> missing - tainting kernel >> >> When you load a proprietary module into the kernel it becomes tainted. There is no >> way to "fix" it. It is like replacing the battery in your iPhone with a battery you >> bought on the street corner. You have voided the warranty. > > I been in the situation of compiling kernel modules in other linux distributions > where you could put statements in your source to stop these messages, but I have > forgotten what they were. > > Looking at dmesg again this morning, and searching for the work 'taints' I get the > 2nd message listed above but not the first message (why?), and this search displays > a message in the same format as the first message for my wifi driver which is also > compiled, but I don't see any messages with the word 'taints' in them for the 6 > compiled kernel modules provided by the vendor of my mouse that I am compiling via > dkms. Of the 6 modules I am compiling one and possibly two are being actively > loaded and used by the kernel, so why are these not producing the messages? > > Also given that this morning I am seeing the equivalent of the first message for my > wifi driver, but I am not seeing it for the nvidia driver, which makes it look like > these messages are random, are they actually random or is the lack of the message > and indication that the kernel is potentially not working correctly? I'm confused as to what your goal is and what your understanding of what "taints" a kernel. The lack of a message in dmesg or the journal with the word "taint" doesn't guarantee your kernel hasn't been tainted as there are several ways to have the kernel flagged as "tainted". Take this VM that I've just installed. [egreshko@f27k-v ~]$ dmesg | grep -i taint [egreshko@f27k-v ~]$ journalctl -b 0 | grep -i taint [egreshko@f27k-v ~]$ ./tainted Taint value: 1024 [bit] [bit value] [description] 10 1024 A module from drivers/staging was loaded As it happens, the VM is connected to a wireless usb device which loads a drivers/staging module and thus the kernel is considered "tainted" Now, take my desktop which is "seriously" tainted. [egreshko@meimei tainted]$ dmesg | grep -i taint [ 6.508288] nvidia: loading out-of-tree module taints kernel. [ 6.508297] nvidia: module license 'NVIDIA' taints kernel. [ 6.508298] Disabling lock debugging due to kernel taint [ 6.515118] nvidia: module verification failed: signature and/or required key missing - tainting kernel [ 11.598031] CPU: 1 PID: 0 Comm: swapper/1 Tainted: P C OE 4.15.3-300.fc27.x86_64 #1 [egreshko@meimei tainted]$ journalctl -b 0 | grep -i taint Feb 18 17:59:21 meimei.greshko.com kernel: nvidia: loading out-of-tree module taints kernel. Feb 18 17:59:21 meimei.greshko.com kernel: nvidia: module license 'NVIDIA' taints kernel. Feb 18 17:59:21 meimei.greshko.com kernel: Disabling lock debugging due to kernel taint Feb 18 17:59:21 meimei.greshko.com kernel: nvidia: module verification failed: signature and/or required key missing - tainting kernel Feb 18 17:59:26 meimei.greshko.com kernel: CPU: 1 PID: 0 Comm: swapper/1 Tainted: P C OE 4.15.3-300.fc27.x86_64 #1 [egreshko@meimei tainted]$ ./tainted Taint value: 13313 [bit] [bit value] [description] 0 1 A module with a non-GPL license has been loaded, this includes modules with no license. Set by modutils >= 2.4.9 and module-init-tools 10 1024 A module from drivers/staging was loaded 12 4096 An out-of-tree module has been loaded 13 8192 An unsigned module has been loaded in a kernel supporting module signature So, do you just want to eliminate the messages to make yourself think your kernel isn't tainted? Or something else? -- A motto of mine is: When in doubt, try it out
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
