可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
My OS is Fedora 17. Recently, kernel tainted warning "kernel bug at kernel/auditsc.c:1772!-abrt" occurs: This problem should not be reported (it is likely a known problem). A kernel problem occurred, but your kernel has been tainted (flags:GD). Kernel maintainers are unable to diagnose tainted reports.
Then, I get the following:
# cat /proc/sys/kernel/tainted 128 # dmesg | grep -i taint [ 8306.955523] Pid: 4511, comm: chrome Tainted: G D 3.9.10-100.fc17.i686.PAE #1 Dell Inc. [ 8307.366310] Pid: 4571, comm: chrome Tainted: G D 3.9.10-100.fc17.i686.PAE #1 Dell Inc.
How about this warning? Since chrome is flagged as the "Tainted" source, anybody also meet this matter?
回答1:
To (over) simplify, 'tainted' means that the kernel is in a state other than what it would be in if it were built fresh from the open source origin and used in a way that it had been intended. It is a way of flagging a kernel to warn people (e.g., developers) that there may be unknown reasons for it to be unreliable, and that debugging it may be difficult or impossible.
In this case, 'GD' means that all modules are licensed as GPL or compatible (ie not proprietary), and that a crash or BUG() occurred.
The reasons are listed below:
See: oops-tracing.txt
--------------------------------------------------------------------------- Tainted kernels: Some oops reports contain the string 'Tainted: ' after the program counter. This indicates that the kernel has been tainted by some mechanism. The string is followed by a series of position-sensitive characters, each representing a particular tainted value. 1: 'G' if all modules loaded have a GPL or compatible license, 'P' if any proprietary module has been loaded. Modules without a MODULE_LICENSE or with a MODULE_LICENSE that is not recognised by insmod as GPL compatible are assumed to be proprietary. 2: 'F' if any module was force loaded by "insmod -f", ' ' if all modules were loaded normally. 3: 'S' if the oops occurred on an SMP kernel running on hardware that hasn't been certified as safe to run multiprocessor. Currently this occurs only on various Athlons that are not SMP capable. 4: 'R' if a module was force unloaded by "rmmod -f", ' ' if all modules were unloaded normally. 5: 'M' if any processor has reported a Machine Check Exception, ' ' if no Machine Check Exceptions have occurred. 6: 'B' if a page-release function has found a bad page reference or some unexpected page flags. 7: 'U' if a user or user application specifically requested that the Tainted flag be set, ' ' otherwise. 8: 'D' if the kernel has died recently, i.e. there was an OOPS or BUG. 9: 'A' if the ACPI table has been overridden. 10: 'W' if a warning has previously been issued by the kernel. (Though some warnings may set more specific taint flags.) 11: 'C' if a staging driver has been loaded. 12: 'I' if the kernel is working around a severe bug in the platform firmware (BIOS or similar). 13: 'O' if an externally-built ("out-of-tree") module has been loaded. 14: 'E' if an unsigned module has been loaded in a kernel supporting module signature. 15: 'L' if a soft lockup has previously occurred on the system. The primary reason for the 'Tainted: ' string is to tell kernel debuggers if this is a clean kernel or if anything unusual has occurred. Tainting is permanent: even if an offending module is unloaded, the tainted value remains to indicate that the kernel is not trustworthy.
回答2:
This is interesting: # clamscan -ria --max-filesize=4095M --max-scansize=4095M /opt/google/chrome identified the version dated Sep. 3, 2017 containing Trojan.Mirai-5932143-0 It was identified only for the largest clamscan parameters. Although chrome has a 6 week update cycle, the next version was released Sep. 20 #ls -l chrome -rwxr-xr-x. 1 root root 119675208 Sep 20 19:49 /opt/google/chrome/chrome # the version with the Trojan.Miray (I disabled it) has #ls -l /tmp/chrome-Trojan.Mirai-5932143-0 ----------. 1 root root 119662712 Sep 3 22:00 /tmp/chrome-Trojan.Mirai-5932143-0 # sha256sum /tmp/chrome-Trojan.Mirai-5932143-0 03a03cda6d328dd40ceda2773bc0077c7f69486b752802a5685a4be0316db2fb /tmp/chrome-Trojan.Mirai-5932143-0 # ever since I have kernel crashes on RHEL. Checking with # rpm -aV however, indicates the system is clean. In summary, I am still uneasy about chrome.
