From: Randy Dunlap Date: Thu, 15 Jan 2026 06:47:56 +0000 (-0800) Subject: kernel-chktaint: add reporting for tainted modules X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=08e8f1ef3df270daef4ffc9c4bb15669f72d5d2f;p=thirdparty%2Fkernel%2Flinux.git kernel-chktaint: add reporting for tainted modules Check all loaded modules and report any that have their 'taint' flags set. The tainted module output format is: * () Example output: Kernel is "tainted" for the following reasons: * externally-built ('out-of-tree') module was loaded (#12) * unsigned module was loaded (#13) Raw taint value as int/string: 12288/'G OE ' Tainted modules: * dump_test (OE) Link: https://lkml.kernel.org/r/20260115064756.531592-1-rdunlap@infradead.org Signed-off-by: Randy Dunlap Acked-by: Thorsten Leemhuis Cc: Jonathan Corbet Signed-off-by: Andrew Morton --- diff --git a/tools/debugging/kernel-chktaint b/tools/debugging/kernel-chktaint index e7da0909d0970..e1571c04afb50 100755 --- a/tools/debugging/kernel-chktaint +++ b/tools/debugging/kernel-chktaint @@ -211,9 +211,25 @@ else addout "J" echo " * fwctl's mutating debug interface was used (#19)" fi +echo "Raw taint value as int/string: $taint/'$out'" + +# report on any tainted loadable modules +[ "$1" = "" ] && [ -r /sys/module/ ] && \ + cnt=`grep [A-Z] /sys/module/*/taint | wc -l` || cnt=0 +if [ $cnt -ne 0 ]; then + echo + echo "Tainted modules:" + for dir in `ls /sys/module` ; do + if [ -r /sys/module/$dir/taint ]; then + modtnt=`cat /sys/module/$dir/taint` + [ "$modtnt" = "" ] || echo " * $dir ($modtnt)" + fi + done +fi + +echo echo "For a more detailed explanation of the various taint flags see" echo " Documentation/admin-guide/tainted-kernels.rst in the Linux kernel sources" echo " or https://kernel.org/doc/html/latest/admin-guide/tainted-kernels.html" -echo "Raw taint value as int/string: $taint/'$out'" #EOF#