seos: module license 'Proprietary' taints kernel.

book

Article ID: 192282

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction

What do theses messages reported in the system messages file mean and should I be concerned?
Jun  4 17:11:07 ServerName kernel: seos: loading out-of-tree module taints kernel.
Jun  4 17:11:07 ServerName kernel: seos: module license 'Proprietary' taints kernel.
Jun  4 17:11:07 ServerName kernel: Disabling lock debugging due to kernel taint
Jun  4 17:11:07 ServerName kernel: seos: module verification failed: signature and/or required key missing - tainting kernel

Cause

The OS vender reports these messages to document the loading of any third party module into the kernel

Environment

Release : All

Component : CA ControlMinder  CA PIM  CA PAMSC

Resolution

The feature that reports the message is intended to help identify conditions which may make it to properly troubleshoot a kernel problem. While this message may be displayed for a variety of reasons the case of  this product seos kernel drivers as long as you are using the supported build of our endpoint software on this machine these messages can be ignored. For a specific definition

loading out-of-tree module taints kernel   ---   means the module is not included in the Linux Kernel source code
module license 'Proprietary' taints kernel  ---  means the module belongs to  third party comapny and not supplied by the OS vendor
Disabling lock debugging due to kernel taint  --   means that the built in OS supplied lock debuging is not turned on 
module verification failed: signature and/or required key missing - tainting kernel  --- means that this module version was not code signed with a PKI certificate or that certificate was not imported into the system. 

These messages are usually simply  informational except for the last one. If you enable Linux Secure Boot feature the module verification failed may indicate that the kernel will not load this module on boot. With the latest builds of our endpoint software we do ship the certificate which can be imported for verification.