Red Hat Bugzilla – Bug 481690
Unsigned kmod-cmirror package module cause tainted kernel error
Last modified: 2016-04-26 09:52:44 EDT
The dm-log-clustered.ko module inside the kmod-cmirror(-xen) package is unsigned. This causes a tainted kernel with a /proc/sys/kernel/tainted value of 64. The error causes a problem for hardware certification, which checks for tainted kernels and fails a required test if 'tainted' is a non-zero value. This will also cause problems for our support staff, when everyone with Cluster Storage packages installed has sosreports that report tainted kernels.
Version-Release number of selected component (if applicable):
RHEL5.3 2.6.18-128 xen and bare metal kernel with the modules from
Steps to Reproduce:
1. Install RHEL 5.3 with Cluster Storage package group
2. Check contents of /proc/sys/kernel/tainted
3. Value is 64 (non-zero)
Also can simply insmod dm-log-clustered.ko for same kernel taint value.
Non-tainted kernel when using only Red Hat provided software.
I only tested the x86_64 arch modules. Other arches may be signed.
It seems also still have the same behavior and problem by hardware certification test on RHEL 5.3 x86
I also meet this problem on Alcatel hw cert (hts 5.3).
If using xen kernel the info test is ok (no tainted kernel).
Cmirror-kmod has been built against a new kernel which exports those symbols.
~~ Attention - RHEL 5.4 Beta Released! ~~
RHEL 5.4 Beta has been released! There should be a fix present in the Beta release that addresses this particular request. Please test and report back results here, at your earliest convenience. RHEL 5.4 General Availability release is just around the corner!
If you encounter any issues while testing Beta, please describe the issues you have encountered and set the bug into NEED_INFO. If you encounter new issues, please clone this bug to open a new issue and request it be reviewed for inclusion in RHEL 5.4 or a later update, if it is not of urgent severity.
Please do not flip the bug status to VERIFIED. Only post your verification results, and if available, update Verified field with the appropriate value.
Questions can be posted to this bug or your customer or partner representative.
dm-log-clustered still taints the kernel if it is loaded in RHEL 5.4 beta.
After talking to Jon Masters, it isn't possible for us to use the kernel
signing key to build these modules. So unfortunately, any module that is built
outside of the kernel will cause a taint with a value of '64'.