[SOLVED] Question about kernel "tainted" vs. "not tainted"
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Recently, while messing with my GF's laptop, and during a kernel panic, I
noticed a message saying the kernel was "not tainted".
I was under the impression that the vanilla Linux kernel did contain non-Free blobs by default, thus the Linux-Libre project.
Being respectful (though not religious) about The Four Freedoms, I was happy
to find http://freeslack.net/ which details the "non-Freedom" bits inculded
in Slackware proper. It is mentioned there to switch to a Linux-Libre kernel
for the optimum Freedom experience. Now, I do not begrudge Slackware for not
adhering to the RMS Way, but it's nice to know that one could easily prune
a Slackware installation into religious compliance ;-)
So, to refine my question: how does a kernel report "not tainted" when in
fact binary, non-Free, blobs ship with it by default?
Maybe the definition of "tainted" doesn't mean what I think it means?
Much thanks for any insight!
The kernel will be marked as tainted if a kernel module is loaded that doesn't have a license compatible with the GPL. If you have such modules available but don't load them, the kernel is not tainted.
It's rationalization, though. It sure seems like RMS has to either go nuts or add another requirement when he feels too much success coming on (GPLv3, anyone?). Also, if a distribution maintainer has to pare down Linux itself to be free enough for a Linux distribution, though, it might be time to re-evaluate whether that Linux distribution should be made at all. I'm glad that Pat's free-software packages tend to have the same sha256sum values as their upstream counterparts, whether the packages are free enough for everyone or not.
mlslk31,
Thanks for the links. I was interested in Dragora for a bit, but it's still soundly
enshrined in the larval stage. The other distros listed at gnu.org just don't appeal to me.
Something interesting at the end of the page at your first link:
Quote:
The primary reason for the 'Tainted: ' string is to tell kernel
debuggers if this is a clean kernel or if anything unusual has
occurred. Tainting is permanent: even if an offending module is
unloaded, the tainted value remains to indicate that the kernel is not
trustworthy.
Not trustworthy? Permanent? That doesn't sound like a very kernel.org thing to say.
I guess since the modules are closed, that means potentially "mystery code" has been run with
kernel-level privileges and therefore, no (easy) way to verify the integrity of the system overall?
On my T60p I'm using the open radeon driver which I've been told requires a closed kernel blob to work with X11 but it doesn't appear to be listed here...
Code:
root@darkstar:/mnt# dmesg |grep -i taint
[119314.789205] Pid: 21206, comm: pm-suspend Tainted: G W O 3.2.45-smp #1
[130565.805204] Pid: 1294, comm: pm-suspend Tainted: G W O 3.2.45-smp #1
I was surprised to learn pm-suspend taints the kernel (my particular hardware must be the culprit, requiring some closed firmware blob to be called).
And yet, based on the list at the "oops-tracing" link,the G and W values appear to indicate GPL compliance. Hmm.
Tainting is kind of like a marker. If a file system driver throws a taint, for instance, there's a very high chance that you should expect failure until you reboot and/or fix the problem that caused the taint. Some other subsystems are rather unpleasant that way as well.
Note that I grabbed the link off of kernel.org via Google. The latest oops-tracing.txt mentions the "O", which specifies an out-of-tree, externally-built module.
The way I'd go about it is to shut the PC off, let it sit a few seconds, then power it back on again. The fresh boot session will be free of tainting. When you get that problem again, immediately go to the dmesg command and look for that first stack backtrace that doesn't have the "W" in it, even if it's marked as "Not tainted." That's a good candidate to send with a bug report to the appropriate people. Should you choose to go upstream, it really helps to run the latest version of the software.
BTW, the place I've seen these codes referenced a lot is the "F" flag. That way, the first question asked by support is, "How did you expect everything to work well after you force-loaded your modules?"
Check if your kernel is tainted with this bash 1-liner I just cooked up:
Code:
(t=$(cat /proc/sys/kernel/tainted 2>/dev/null) || exit 1;p=0;[ "$t" == "0" ] && echo -e "\nKernel not tainted." || { echo -e "\nKernel tainted:";for m in "A module with a non-GPL license has been loaded" "A module was force loaded by insmod -f." "Unsafe SMP processors: SMP with CPUs not designed for SMP." "A module was forcibly unloaded from the system by rmmod -f." "A hardware machine check error occurred on the system." "A bad page was discovered on the system." "The user has asked that the system be marked tainted." "The system has died" "The ACPI DSDT has been overridden with one supplied by the user" "A kernel warning has occurred." "A module from drivers/staging was loaded." "The system is working around a severe firmware bug." "An out-of-tree module has been loaded.";do [ $(( $t & (2**p) )) -eq $((2**p)) ] && echo -e "$((2**p))\t$m";(( p++ ));done })
A binary blob doesn't necessarily taint the kernel. The Intel wireless driver for instance.
The kernel devs have made allowance for out of tree firmware - and yes there was some angst at the decision.
A binary blob doesn't necessarily taint the kernel. The Intel wireless driver for instance.
The kernel devs have made allowance for out of tree firmware - and yes there was some angst at the decision.
If the firmware is merely loaded by the kernel and doesn't actually run as kernel code, I agree that it doesn't taint the kernel. IIRC, the idea was to have the kernel report itself as tainted so that the developers wouldn't be bothered with bug reports possibly caused by closed source modules that they couldn't do anything about.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.