Limepcie driver signing

aardric · 19 February 2025 18:21

This post is more for my curiosity then a fix. My XTRX is installed and working although I am a bit confused in regard to a persistent security notice “loading out-of-tree module taints kernel” which appears whenever I power on the computer. In reference to an earlier response

I get it and I had the impression that the driver was signed when DKMS built it. The driver module was obviously not unloaded at shutdown but why the message at power up? If I remove the driver with modprobe -r limepcie and reload with modprobe limepcie, there is no such warning. Is it really signed? Here is the result of the unload-reload sequence following power up:
:~$ sudo dmesg -T | grep limepcie
[Wed Feb 19 08:33:52 2025] limepcie: loading out-of-tree module taints kernel.
[Wed Feb 19 08:33:52 2025] limepcie: module verification failed: signature and/or required key missing - t
ainting kernel
[Wed Feb 19 08:33:52 2025] limepcie : module init v0.1.9-g815fafad
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: enabling device (0000 → 0002)
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: [device info] LimeSDR-XTRX FW:4 HW:18 PROTOCOL:1 S/N:0x0
00000000E5DD8A2
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: 8.000 Gb/s available PCIe bandwidth (5.0 GT/s PCIe x2 li
nk)
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: dma_get_required_mask: ffffffff.
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: try_set_dma_bitmask(32): test buffer va:000000001c27aa93
pa:1057aa000 bus:fffff000
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: using 32bit DMA mask
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: 1 MSI IRQs allocated.
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: DMA buffer size(65536)
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: DMA channels: 1
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: Creating /dev/limepcie0/trx0
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: Creating /dev/limepcie0/control0
[Wed Feb 19 08:33:52 2025] limepcie 0000:02:00.0: UART count: 0
[Wed Feb 19 08:39:36 2025] limepcie 0000:02:00.0: [Removing device] vid:10EE pid:7023
[Wed Feb 19 08:39:36 2025] limepcie : module exit
[Wed Feb 19 08:39:59 2025] limepcie : module init v0.1.9-g815fafad
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: [device info] LimeSDR-XTRX FW:4 HW:18 PROTOCOL:1 S/N:0x0
00000000E5DD8A2
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: 8.000 Gb/s available PCIe bandwidth (5.0 GT/s PCIe x2 li
nk)
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: dma_get_required_mask: ffffffff.
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: try_set_dma_bitmask(32): test buffer va:00000000b1b204d9
pa:10e484000 bus:fdeef000
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: using 32bit DMA mask
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: 1 MSI IRQs allocated.
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: DMA buffer size(65536)
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: DMA channels: 1
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: Creating /dev/limepcie0/trx0
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: Creating /dev/limepcie0/control0
[Wed Feb 19 08:39:59 2025] limepcie 0000:02:00.0: UART count: 0

ricardas · 19 February 2025 19:28

The warning about tainting kernel is displayed only once, because once it’s been tainted, it stays like that until system reboot.

DKMS signs the module, with self made certificate. That makes the “secure-boot” allow such module, but the signing certificate is self made, so not officially verified hence tainting the kernel.

Installed modules are automatically loaded when a device that uses it is discovered.