Home » What is a tainted kernel in Linux?

What is a tainted kernel in Linux?


When the kernel is tainted, it means that it is in a state that is not supported by the community. Most kernel developers will ignore bug reports involving tainted kernels, and community members may ask that you correct the tainting condition before they can proceed with diagnosing problems related to the kernel. In addition, some debugging functionality and API calls may be disabled when the kernel is tainted.

In most cases involving proprietary drivers, you can safely ignore the taint condition, but some scenarios which cause the kernel to become tainted may be indicative of serious system problems.

The feature is intended to identify conditions which may make it difficult to properly troubleshoot a kernel problem. For example, the loading of a proprietary module can make kernel debug output unreliable because kernel developers don’t have access to the module’s source code and therefore cannot determine what the module may have done to the kernel. Likewise, if the kernel had previously experienced an error condition or if a serious hardware error had occurred, the debug information generated by the kernel may not be reliable.

The kernel may become tainted for any of several reasons, including (but not limited to) the following:

  • The use of a proprietary (or non-GPL-compatible) kernel module—this is the most common cause of tainted kernels and usually results from loading proprietary NVIDIA or AMD video drivers
  • The use of staging drivers, which are part of the kernel source code but are not fully tested
  • The use of out-of-tree modules that are not included with the Linux kernel source code
  • Forcible loading or unloading of a kernel module (such as forcibly inserting a module not built for the current version of the kernel)
  • The use of an SMP (multiprocessor) kernel on certain unsupported uniprocessor CPUs, primarily older AMD Athlon processors
  • Overriding of the ACPI DSDT, sometimes needed to correct for power-management bugs (see here for details)
  • Certain critical error conditions, such as machine check exceptions and kernel oopses
  • Certain serious bugs in the system firmware (BIOS, UEFI) which the kernel must work around

Each of these conditions is represented by a particular flag in the kernel. Some Linux vendors, such as SUSE, add additional taint flags to indicate conditions such as loading a module that is not supported by the vendor.

More information is available in the kernel documentation. The taint flags listed there are (with _ a stand-in for ‘blank’)

  • G|P : G if all modules loaded have a GPL or compatible license, otherwise a proprietary module has been loaded. Modules without a MODULE_LICENSE or with a MODULE_LICENSE that is not recognised by insmod as GPL compatible are assumed to be proprietary.
  • F|_ : if any module was force loaded by “insmod -f” otherwise if all modules were loaded normally.
  • S|_ : if the oops occurred on an SMP kernel running on hardware that hasn’t been certified as safe to run multiprocessor. Currently this occurs only on various Athlons that are not SMP capable.
  • R|_ : if a module was force unloaded by rmmod -f, otherwise if all modules were unloaded normally.
  • M|_ : if any processor has reported a Machine Check Exception,
    otherwise no Machine Check Exceptions have occurred.
  • B|_ : if a page-release function has found a bad page reference or some unexpected page flags.
  • U|_ : if a user or user application specifically requested that the Tainted flag be set.
  • D|_ : if the kernel has died recently, i.e. there was an OOPS or BUG.
  • A|_ : if the ACPI table has been overridden.
  • W|_ : if a warning has previously been issued by the kernel (Though some warnings may set more specific taint flags.)
  • C|_ : if a staging driver has been loaded.
  • I|_ : if the kernel is working around a severe bug in the platform firmware (BIOS or similar).
  • O|_ : if an externally-built (“out-of-tree”) module has been loaded.
  • E|_ : if an unsigned module has been loaded in a kernel supporting module signature.
  • L|_ : if a soft lockup has previously occurred on the system.
  • K|_ : if the kernel has been live patched.

Loading a proprietary or non-GPL-compatible module or unsigned module will set a ‘taint’ flag in the running kernel.

To check the kernel tainted state in kernel logs:

journalctl -k | grep taint

To check the kernel tainted state at runtime:

cat /proc/sys/kernel/tainted      // if 0 then kernel is not tainted, else it is.

To check the kernel tainted state in a kernel panic message in a line starting with ‘CPU:’

‘Not tainted:’ if the kernel was not tainted at the time of the kp event; if it was, then it will print ‘Tainted:’.

Reference: The Linux Kernel documentation on tainted kernels.

Related Solutions

Joining bash arguments into single string with spaces

[*] I believe that this does what you want. It will put all the arguments in one string, separated by spaces, with single quotes around all: str="'$*'" $* produces all the scripts arguments separated by the first character of $IFS which, by default, is a space....

AddTransient, AddScoped and AddSingleton Services Differences

TL;DR Transient objects are always different; a new instance is provided to every controller and every service. Scoped objects are the same within a request, but different across different requests. Singleton objects are the same for every object and every...

How to download package not install it with apt-get command?

Use --download-only: sudo apt-get install --download-only pppoe This will download pppoe and any dependencies you need, and place them in /var/cache/apt/archives. That way a subsequent apt-get install pppoe will be able to complete without any extra downloads....

What defines the maximum size for a command single argument?

Answers Definitely not a bug. The parameter which defines the maximum size for one argument is MAX_ARG_STRLEN. There is no documentation for this parameter other than the comments in binfmts.h: /* * These are the maximum length and maximum number of strings...

Bulk rename, change prefix

I'd say the simplest it to just use the rename command which is common on many Linux distributions. There are two common versions of this command so check its man page to find which one you have: ## rename from Perl (common in Debian systems -- Ubuntu, Mint,...

Output from ls has newlines but displays on a single line. Why?

When you pipe the output, ls acts differently. This fact is hidden away in the info documentation: If standard output is a terminal, the output is in columns (sorted vertically) and control characters are output as question marks; otherwise, the output is...

mv: Move file only if destination does not exist

mv -vn file1 file2. This command will do what you want. You can skip -v if you want. -v makes it verbose - mv will tell you that it moved file if it moves it(useful, since there is possibility that file will not be moved) -n moves only if file2 does not exist....

Is it possible to store and query JSON in SQLite?

SQLite 3.9 introduced a new extension (JSON1) that allows you to easily work with JSON data . Also, it introduced support for indexes on expressions, which (in my understanding) should allow you to define indexes on your JSON data as well. PostgreSQL has some...

Combining tail && journalctl

You could use: journalctl -u service-name -f -f, --follow Show only the most recent journal entries, and continuously print new entries as they are appended to the journal. Here I've added "service-name" to distinguish this answer from others; you substitute...

how can shellshock be exploited over SSH?

One example where this can be exploited is on servers with an authorized_keys forced command. When adding an entry to ~/.ssh/authorized_keys, you can prefix the line with command="foo" to force foo to be run any time that ssh public key is used. With this...

Why doesn’t the tilde (~) expand inside double quotes?

The reason, because inside double quotes, tilde ~ has no special meaning, it's treated as literal. POSIX defines Double-Quotes as: Enclosing characters in double-quotes ( "" ) shall preserve the literal value of all characters within the double-quotes, with the...

What is GNU Info for?

GNU Info was designed to offer documentation that was comprehensive, hyperlinked, and possible to output to multiple formats. Man pages were available, and they were great at providing printed output. However, they were designed such that each man page had a...

Set systemd service to execute after fstab mount

a CIFS network location is mounted via /etc/fstab to /mnt/ on boot-up. No, it is not. Get this right, and the rest falls into place naturally. The mount is handled by a (generated) systemd mount unit that will be named something like mnt-wibble.mount. You can...

Merge two video clips into one, placing them next to each other

To be honest, using the accepted answer resulted in a lot of dropped frames for me. However, using the hstack filter_complex produced perfectly fluid output: ffmpeg -i left.mp4 -i right.mp4 -filter_complex hstack output.mp4 ffmpeg -i input1.mp4 -i input2.mp4...

How portable are /dev/stdin, /dev/stdout and /dev/stderr?

It's been available on Linux back into its prehistory. It is not POSIX, although many actual shells (including AT&T ksh and bash) will simulate it if it's not present in the OS; note that this simulation only works at the shell level (i.e. redirection or...

How can I increase the number of inodes in an ext4 filesystem?

It seems that you have a lot more files than normal expectation. I don't know whether there is a solution to change the inode table size dynamically. I'm afraid that you need to back-up your data, and create new filesystem, and restore your data. To create new...

Why doesn’t cp have a progress bar like wget?

The tradition in unix tools is to display messages only if something goes wrong. I think this is both for design and practical reasons. The design is intended to make it obvious when something goes wrong: you get an error message, and it's not drowned in...