why does an in-tree loadable module taint the kernel

jim.cromie at gmail.com jim.cromie at gmail.com
Tue Jun 15 12:06:08 EDT 2021

On Mon, Jun 14, 2021 at 1:20 AM Greg KH <greg at kroah.com> wrote:
> On Mon, Jun 14, 2021 at 01:09:25AM -0600, jim.cromie at gmail.com wrote:
> > serio_raw is apparently tainting the kernel when its modprobed.
> > why ?  other modules load properly, no code changes to this module
> >
> > bash-5.1# dmesg | grep -i taint
> > [    6.517150] serio_raw: module verification failed: signature and/or
> > required key missing - tainting kernel
> You did not build this with the correct module signing key that your
> kernel was built with.  That is what this warning is showing you, try
> building all modules with the same key as your kernel had and you should
> be fine.

OK, I understand better now -

its nothing wrong with serio_raw, its just the 1st module to load,
and warning comes just once.
3962: pr_notice_once("%s: module verification failed: signature "

Whats odd is that the same module has a signature when modinfo'd in
the kernel running the laptop, but not from the same kernel running inside a VM.
Does this constitute a bug of some sort ?
A pretty small one, likely fixable by changing CONFIG_SECURITY etc.

For anyone else needing to decode a taint:

> thanks,
> greg k-h

thank you

More information about the Kernelnewbies mailing list