why does an in-tree loadable module taint the kernel
Greg KH
greg at kroah.com
Tue Jun 15 12:24:38 EDT 2021
On Tue, Jun 15, 2021 at 10:06:08AM -0600, jim.cromie at gmail.com wrote:
> On Mon, Jun 14, 2021 at 1:20 AM Greg KH <greg at kroah.com> wrote:
> >
> > On Mon, Jun 14, 2021 at 01:09:25AM -0600, jim.cromie at gmail.com wrote:
> > > serio_raw is apparently tainting the kernel when its modprobed.
> > > why ? other modules load properly, no code changes to this module
> > >
> > > bash-5.1# dmesg | grep -i taint
> > > [ 6.517150] serio_raw: module verification failed: signature and/or
> > > required key missing - tainting kernel
> >
> > You did not build this with the correct module signing key that your
> > kernel was built with. That is what this warning is showing you, try
> > building all modules with the same key as your kernel had and you should
> > be fine.
> >
>
> OK, I understand better now -
>
> its nothing wrong with serio_raw, its just the 1st module to load,
> and warning comes just once.
> kernel/module.c
> 3962: pr_notice_once("%s: module verification failed: signature "
>
> Whats odd is that the same module has a signature when modinfo'd in
> the kernel running the laptop, but not from the same kernel running inside a VM.
> Does this constitute a bug of some sort ?
I do not understand, what is different here and what is not working
properly?
If you rebuild modules for a kernel without having the key, yes, you
will get this warning. You have to have the same key here.
thanks,
greg k-h
More information about the Kernelnewbies
mailing list