0

Our Network security team has installed Crowdstrike Falcon sensor on our SAP system Linux server. This has caused kernel to be tainted. following is extract from supportconfig ran on Linux server via user root. Any idea how to fix this error and make the kernel error free?

#==[ Configuration File ]===========================#
# /proc/sys/kernel/tainted
1073754113


Kernel Status -- Tainted: P           OE   N 
  TAINT: (P) Proprietary module has been loaded
  TAINT: (O) Out-of-tree module has been loaded
  TAINT: (E) Unsigned module has been loaded
  TAINT: (N) Unsupported modules loaded

module=falcon_lsm_serviceable ERROR                     Module info unavailable  
module=falcon_nf_netcontain ERROR                     Module info unavailable  
module=falcon_lsm_pinned_7103 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_7002 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6903 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6805 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6703 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6602 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6404 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6402 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6401 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6109 ERROR                     Module info unavailable  
module=falcon_lsm_pinned_6106 ERROR                     Module info unavailable
Gerald Schneider
  • 23,274
  • 8
  • 57
  • 89
Dnyandev
  • 1
  • 2
  • 5
    The fact that the kernel is tainted is not an error. It's just a notice that a proprietary module is loaded and that the system is not running 100% open source anymore. – Gerald Schneider May 03 '19 at 09:39

2 Answers2

1

Tainted kernel means a condition that likely is out of support for the upstream Linux developers. Most maintainers on the LKML will ask for a reproduction of the problem on a non tainted kernel.

Proprietary or out of tree kernel modules are a very common reason for this to be reported. But not the only one, for example a processor logging a machine check exception will be tainted. A faulty CPU can cause all kinds of strange behavior, so replacing that before claiming a kernel bug exists is prudent.

Other support channels like your distro OS support may be willing to deal with tainted kernel, ask them. That error is not necessarily a functional problem, just that a script could not identify details of proprietary modules.

John Mahowald
  • 32,050
  • 2
  • 19
  • 34
0

In simple term, you are using something which is not shipped with kernel or you altered something within, kernel will remain tainted even after you undo what caused the taint (i.e. unload a proprietary kernel module), to indicate the kernel remains not trustworthy. Regrading error you should check the source of the module or with vendor who provide or module is not build properly.

asktyagi
  • 2,860
  • 2
  • 8
  • 25