Why is the kernel "tainted" and how are the taint values deciphered?
Environment
- Red Hat Enterprise Linux 9
- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 4
Issue
- Why is the kernel showing as "tainted"?
- How can I decipher the tainted values?
- What do the taint values mean
Resolution
-
The Linux kernel maintains a "taint state" which is included in kernel log messages.
-
The taint state provides an indication whether something has happened to the running kernel that affects whether a kernel error or hang can be investigated effectively by analysing the kernel source code.
- Please note, the kernel can be shown as tainted even when there's 3rd party module as the module might be not fully tested with the kernel Red Hat provides
- See Production Scope of Coverage for information on the impact on support.
-
Some of the information in the taint relates to whether the information provided by the kernel in a log message can be considered trustworthy.
-
As an example, the taint state is set when a Machine Check Exception (MCE) has been raised, indicating a hardware related problem has occurred. Once the taint state of a running kernel has been set, it cannot be unset other than by reloading the kernel by restarting the system.
-
To check if the current running kernel is tainted, issue either of the following commands:
# cat /proc/sys/kernel/tainted # sysctl kernel.tainted
A non-zero value indicates the kernel has been tainted.
- The taint status of the system kernel is also indicated through a short "
Tainted:" string that is included as part of various kernel error messages (e.g. an "Oops"). The table below documents the letters in this string as well as the individual taint bits. It can be used to decipher a taint value manually. Note that the taint value is a bitmask, so values can be added/OR'ed together.
How do I determine which modules taints ?
See the following documents for information on modules and taint status.
- "How do I tell what modules taint the kernel, on a running system?"
- " How to find information about the kernel modules installed on the system"
- "What are unsigned modules and how do they appear in a kernel backtrace?"
TAINT Bit Mask Definitions
| Bit# | Value | RHEL Version | Letter | Source Macro | Description |
|---|---|---|---|---|---|
| 00 | 1 | 4 5 6 7 8 9 | P/G | TAINT_PROPRIETARY_MODULE |
P: Proprietary module present. A module with a non-GPL license has been loaded (this includes modules with no license). This significantly reduces Red Hat Global Support Services ability to provide effective support. G: GPL, but non-Red Hat, module present. The kernel is tainted (for a reason indicated elsewhere), but all module code is licensed under the GNU General Public License (GPL) or a compatible license. |
| 01 | 2 | 4 5 6 7 8 9 | F | TAINT_FORCED_MODULE |
Forced module load. A module has been forcibly loaded using the force option "`-f`" of `insmod` or `modprobe`, which caused a sanity check of the versioning information from the module (if present) to be skipped. |
| 02 | 4 | 4 5 6 7 . . | S | TAINT_UNSAFE_SMP |
SMP (Symmetric Multi-Processing) in use with CPUs not designed for SMP use. The Linux kernel is running with SMP enabled, but the CPUs in the system are This content is not included.not designed or certified for SMP use. |
| . . . . 8 9 | S | TAINT_CPU_OUT_OF_SPEC |
CPU This content is not included.features present within the hardware that are not supported by the kernel. E.g. non-SMP CPU with SMP enabled within the kernel. | ||
| 03 | 8 | 4 5 6 7 8 9 | R | TAINT_FORCED_RMMOD |
Remove module unload forced by user. A module which was in use or was not designed to be removed has been forcefully removed from the running kernel using the force option "-f" of "rmmod". |
| 04 | 16 | 4 5 6 7 8 9 | M | TAINT_MACHINE_CHECK |
Machine check exception occurred on the system. A Machine Check Exceptions (MCEs) are triggered by the hardware to indicate a hardware related problem, for example a CPU's temperature exceeding a threshold or a memory bank signalling an uncorrectable error. |
| 05 | 32 | 4 5 6 7 8 9 | B | TAINT_BAD_PAGE |
The system has hit bad_page, indicating a corruption of the virtual memory subsystem, possibly caused by malfunctioning RAM or cache memory. |
| 06 | 64 | . 5 . . . . | E | TAINT_UNSIGNED_MODULE |
Unsigned module or module that failed signature validation of ".module_sig" section was loaded into the kernel. Move to bit 13 in RHEL 7 and later. Flag not present in RHEL 6, nor in RHEL 3 or 4. |
| . . 6 7 8 9 | U | TAINT_USER |
User requested that the system be marked "tainted", perhaps because software directly modifies the hardware. As root, add TAINT_USER: | ||
| 07 | 128 | . 5 - - - - | - | TAINT_7 | Unused |
| . . 6 7 8 9 | D | TAINT_DIE |
The system has "died" (oopsed before). For example, something in the kernel has done something bad and is about to be terminated, or a bad page table was detected. | ||
| 08 | 256 | . 5 . - - - | - | TAINT_8 | Unused |
| . . 6 7 8 9 | A | TAINT_OVERRIDDEN_ACPI_TABLE |
The ACPI DSDT has been overridden with one supplied by the user instead of using the one provided by the hardware. | ||
| 09 | 512 | . 5 . - - - | - | TAINT_9 | Unused |
| . . 6 7 8 9 | W | TAINT_WARN |
A kernel warning has occurred. | ||
| 10 | 1024 | . 5 . - - - | - | TAINT_10 | Unused |
| . . 6 7 8 9 | C | TAINT_CRAP |
A module from drivers/staging was loaded. Such drivers are not considered mature and as such are not suitable for use on production systems. | ||
| 11 | 2048 | . 5 - - - - | - | TAINT_11 | Unused |
| . . 6 7 8 9 | I | TAINT_FIRMWARE_WORKARUND |
The kernel is working around a severe bug in the platform firmware (BIOS or similar). | ||
| 12 | 4096 | . 5 6 - - - | - | TAINT_12 | Unused |
| . . . 7 8 9 | O | TAINT_OOT_MODULE |
Out-of-tree module has been loaded (example). | ||
| 13 | 8192 | . 5 6 - - - | - | TAINT_13 | Unused |
| . . . 7 8 9 | E | TAINT_UNSIGNED_MODULE |
Unsigned module or module that failed signature validation of "signer" and associated key:values was loaded into the kernel. Was bit 06 in RHEL 5. Flag not present in RHEL 6, nor in RHEL 3 or 4. | ||
| 14 | 16384 | . 5 - - - - | - | TAINT_14 | Unused |
| . . 6 7 8 9 | L | TAINT_SOFTLOCKUP |
A soft lockup has previously occurred on the system. | ||
| 15 | 32768 | . 5 6 - - - | - | TAINT_15 | Unused |
| . . . 7 8 9 | K | TAINT_LIVEPATCH |
Kernel Live Patching has been applied to the running system. | ||
| 16 | 65536 | . 5 6 7 - - | - | TAINT_16 | Unused |
| . . . . 8 9 | X | TAINT_AUX |
With the TAINT_TECH_PREVIEW mask value being removed upstream and within RHEL 9 the TAINT_AUX bit is used instead of TAINT_TECH_PREVIEW within 8.6 and later kernels. | ||
| 17 | 131072 | . 5 6 7 - - | - | TAINT_17 | Unused |
| . . . . 8 9 | T | TAINT_RANDSTRUCT |
The Content from git.kernel.org is not included.randstruct ⧉ fault testing injection capability has been used. This may destailize the kernel and cause a panic. | ||
| 18 | 262144 | . . . . . 9 | Start of Red Hat-specific taint flags | ||
| . 5 6 7 8 9 | - | TAINT_18 | Unused | ||
| 19 | 524288 | . 5 6 7 8 9 | - | TAINT_19 | Unused |
| 20 | 1048576 | . 5 6 7 8 9 | - | TAINT_20 | Unused |
| 21 | 2097152 | . 5 6 7 8 9 | - | TAINT_21 | Unused |
| 22 | 4194304 | . 5 6 7 8 9 | - | TAINT_22 | Unused |
| 23 | 8388608 | . 5 6 7 8 9 | - | TAINT_23 | Unused |
| 24 | 16777216 | . 5 6 7 8 9 | - | TAINT_24 | Unused |
| 25 | 33554432 | . 5 6 7 8 9 | - | TAINT_25 | Unused |
| 26 | 67108864 | . 5 6 7 8 . | - | TAINT_26 | Unused |
| . . . . . 9 | p | TAINT_PARTNER_SUPPORTED | Red Hat extension. Indicates that the driver or subsystem is not supported directly by Red Hat but by a partner engineer | ||
| 27 | 134217728 | . . . . 8 - | Start of Red Hat-specific taint flags | ||
| . 5 . 7 - - | - | TAINT_27 | Unused | ||
| . . 6 - - - | Z | TAINT_BIT_BY_ZOMBIE |
Red Hat extension. An Content from en.wikipedia.org is not included.easter egg ⧉ triggered by the "OMGZOMBIES" kernel parameter; adds "BRAAAAIIIINNNNSSSSS" warning | ||
| . . . . 8 - | r | TAINT_SUPPORT_REMOVED |
Red Hat extension. Hardware for which support has been removed. | ||
| . . . . . 9 | h | TAINT_SUPPORT_REMOVED |
Red Hat extension. Hardware for which support has been removed. | ||
| 28 | 268435456 | . 5 6 7 - - | Reserving bits for vendor specific uses | ||
| . . . . . 9 | Bits 28 - 31 are reserved for Red Hat use only | ||||
| . 5 6 7 - - | H | TAINT_HARDWARE_UNSUPPORTED |
Red Hat extension. | ||
| . . . . 8 - | - | TAINT_28 | Unused | ||
| . . . . . 9 | - | TAINT_RESERVED28 | Unused/Reserved for future use. | ||
| 29 | 536870912 | . 5 6 7 - - | T | TAINT_TECH_PREVIEW |
Red Hat extension. Technology Preview code was loaded; see Technology Preview features support scope description. Refer to "TECH PREVIEW:" kernel log entry for details. |
| . . . . 8 - | t | TAINT_TECH_PREVIEW |
Red Hat extension. Technology Preview code was loaded; see Technology Preview features support scope description. Refer to "TECH PREVIEW:" kernel log entry for details. This flag is deprecated as of 8.6 and later RHEL 8 kernels. While still defined, it is unused in these latter minor releases of RHEL 8. Instead, the TAINT_AUX bit 16 is utilized to indicate tech preview modules are loaded. | ||
| . . . . . 9 | - | TAINT_RESERVED29 | Unused/Reserved for future use. | ||
| 30 | 1073741824 | . . 6 7 - - | Bits 30 - 31 are reserved for Red Hat use only | ||
| . 5 6 7 - 9 | - | TAINT_RESERVED30 | Unused/Reserved for future use. | ||
| . . . . 8 - | u | TAINT_UNPRIVILEGED_BPF | This content is not included.BPF syscall has either been This content is not included.configured or This content is not included.enabled for unprivileged users/programs.
Moved to bit 31 in RHEL 9. | ||
| 31 | 2147483648 | . 5 6 7 - - | - | TAINT_RESERVED31 | Unused/Reserved for future use. |
| . . . . 8 - | - | TAINT_31 | Unused | ||
| . . . . . 9 | u | TAINT_UNPRIVILEGED_BPF | This content is not included.BPF syscall has either been This content is not included.configured or This content is not included.enabled for unprivileged users/programs.
Moved to bit 31 in RHEL 9. | ||
| . . . . 8 - | End of Red Hat-specific taint flags |
Diagnostic Steps
The This content is not included.Red Hat Code Browser lab app makes it easy to pinpoint specific sections of the kernel source
This table includes links to all things relevant to the kernel tainted status in each major RHEL version
Note on versions: New tainted definitions HAVE been added during the life of a major RHEL release (e.g., TAINT_UNSIGNED_MODULE was backported to RHEL 5 around RHEL 5.2), so do not assume that the tainted definitions within in the above links (latest versions at time of writing) are the same for a particular kernel version of interest. Also note that taint definitions and use have been repurposed over this period as well: Taint bit 27 was TAINT_OMG_ZOMBIES in RHEL 6, retired in RHEL 7, and repurposed as TAINT_SUPPORT REMOVED in RHEL 8.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.