Re: Nvidia Module Tainting Kernel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 20/2/18 7:41 am, Stephen Morris wrote:
Hi,

    I'm using the nvidia drivers from negativo17. I have the nvidia source module registered with dkms and it seems to be being compiled when I get a new kernel, if that is the case what do I need to do to resolve the following messages shown by "dmesg"?


[   14.934074] nvidia: loading out-of-tree module taints kernel.
[   14.934086] nvidia: module license 'NVIDIA' taints kernel.
[   14.934087] Disabling lock debugging due to kernel taint
[   14.943865] nvidia: module verification failed: signature and/or required key missing - tainting kernel


regards,

Steve

Thankyou to everyone who responded, but I am still confused.


dmesg | grep -i taint give me the following output:


[   13.573068] 8814au: loading out-of-tree module taints kernel.
[   13.573694] 8814au: module verification failed: signature and/or required key missing - tainting kernel
[   13.990668] nvidia: module license 'NVIDIA' taints kernel.
[   13.990670] Disabling lock debugging due to kernel taint


The nvidia messages about the loading out-of-tree module and the verification failed are no longer being produced, why?, nothing has changed on my system since the original list, there have not been any updates put on.


My confusion with the 'taint' message is coming from the days when I used to compile the nvidia module and the kernel in Mandriva in the days before Mandriva forked out to Mageia. Nvidia used to produce the taint messages back then, but then they were considered to be an indication that the module was potentially "corrupting" the kernel. In those days it was possible to remediate the production of the messages, but I don't remember whether they were remediated by adding a specific line into the, in this case, nvidia source or by setting a kernel config option to tell the kernel to not bother producing the messages.

From the responses I am getting it seems that the meaning of 'taints the kernel' has morphed into something else?


In the case of the nvidia module, I'm not sure whether I'm using the binary module or the one compiled from source via dkms, I have both installed and dkms is building the module into /lib/modules/$(uname -r)/extra every time a kernel upgrade occurs. But either way, both are coming from the negativo17 repository, that has its gpg signature installed, so I'm assuming the binary module and source have been signed with that certificate, so there shouldn't be any be any signing issue with the modules, unless the signature is not being carried through to the binary module dkms has produced.

In the case of my wifi driver, the source code for that has been downloaded for Github, which I thought used the GPL signature, so there again there shouldn't be any issue with the source unless dkms is not carrying that signature through. I assuming different versions of the GPL license are not an issue.

In the case of my mouse drivers, I am sourcing the source code for those from the Razor repository I have installed and there again that repositories gpg signature has also been installed. All 6 of these drivers have been compiled from their source by dkms, but in the case of these modules, none of them have caused the taint message to be produced. The dkms.conf file for these is completely different to the ones for nvidia and the wifi drivers, the dkms.conf for nvidia and wifi driver are exactly the same.


Hence my confusion about the messages, if the messages are reliably produced by the kernel despite indications that they may not be, why does the nvidia and wifi drivers produce the messages but the mouse drivers don't, even though all 3 sets of drivers are placed in /lib/modules/$(uname -r)/extra by dkms?


regards,

Steve


_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux