Bug 481690 - Unsigned kmod-cmirror package module cause tainted kernel error
Unsigned kmod-cmirror package module cause tainted kernel error
Status: CLOSED CANTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: cmirror-kmod (Show other bugs)
5.3
x86_64 Linux
high Severity high
: rc
: ---
Assigned To: Chris Feist
Cluster QE
:
Depends On: 500745 512153
Blocks:
  Show dependency treegraph
 
Reported: 2009-01-26 22:07 EST by Gary Case
Modified: 2016-04-26 09:52 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-07-15 08:12:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gary Case 2009-01-26 22:07:27 EST
The dm-log-clustered.ko module inside the kmod-cmirror(-xen) package is unsigned. This causes a tainted kernel with a /proc/sys/kernel/tainted value of 64. The error causes a problem for hardware certification, which checks for tainted kernels and fails a required test if 'tainted' is a non-zero value. This will also cause problems for our support staff, when everyone with Cluster Storage packages installed has sosreports that report tainted kernels.

Version-Release number of selected component (if applicable):
RHEL5.3 2.6.18-128 xen and bare metal kernel with the modules from
kmod-cmirror-0.1.21-10.el5.x86_64.rpm 
kmod-cmirror-xen-0.1.21-10.el5.x86_64.rpm

How reproducible:
Every time.

Steps to Reproduce:
1. Install RHEL 5.3 with Cluster Storage package group
2. Check contents of /proc/sys/kernel/tainted
3. Value is 64 (non-zero)

Also can simply insmod dm-log-clustered.ko for same kernel taint value.

Actual results:
Tainted kernel.

Expected results:
Non-tainted kernel when using only Red Hat provided software.

Additional info:
I only tested the x86_64 arch modules. Other arches may be signed.
Comment 2 abel0301 2009-02-10 21:46:44 EST
It seems also still have the same behavior and problem by hardware certification test on RHEL 5.3 x86
Comment 5 Jean-Pierre Joerg 2009-05-06 13:40:31 EDT
I also meet this problem on Alcatel hw cert (hts 5.3).
If using xen kernel the info test is ok (no tainted kernel).
regards
/JPJ
Comment 8 Chris Feist 2009-05-21 11:20:24 EDT
Cmirror-kmod has been built against a new kernel which exports those symbols.

kmod-cmirror-0.1.21-14.el5
Comment 10 Chris Ward 2009-07-03 14:21:57 EDT
~~ Attention - RHEL 5.4 Beta Released! ~~

RHEL 5.4 Beta has been released! There should be a fix present in the Beta release that addresses this particular request. Please test and report back results here, at your earliest convenience. RHEL 5.4 General Availability release is just around the corner!

If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity.

Please do not flip the bug status to VERIFIED. Only post your verification results, and if available, update Verified field with the appropriate value.

Questions can be posted to this bug or your customer or partner representative.
Comment 11 Sandy Garza 2009-07-09 12:09:01 EDT
dm-log-clustered still taints the kernel if it is loaded in RHEL 5.4 beta.
Comment 15 Chris Feist 2009-07-15 08:12:08 EDT
After talking to Jon Masters, it isn't possible for us to use the kernel
signing key to build these modules.  So unfortunately, any module that is built
outside of the kernel will cause a taint with a value of '64'.

Note You need to log in before you can comment on or make changes to this bug.