On 7/6/2022 12:39 PM, Patrick O'Callaghan wrote:
> On Wed, 2022-07-06 at 19:07 +1000, Stephen Morris wrote:
> > On 6/7/22 10:41, Jonathan Billings wrote:
> > > On Jul 5, 2022, at 18:55, Stephen
> > > Morris<samorris(a)netspace.net.au>
> > > wrote:
> > > > [ 13.973636] nvidia: module license 'NVIDIA' taints
kernel.
> > > It’s this line where the kernel notes why it is tainted.
> > > Somewhere
> > > in
> > > the nvidia kmod C code, there is a line that looks like this:
> > >
> > > MODULE_LICENSE("NVIDIA");
> > >
> > > The kernel will print out the aforementioned kernel message if
> > > it
> > > isn’t one of the open licenses defined in the kernel. There’s
> > > more
> > > about tainted kernels here:
> > >
> > >
https://www.kernel.org/doc/html/latest/admin-guide/tainted-kernels.html
> > >
> > > There are a variety of reasons why the kernel would be tainted,
> > > but
> > > in
> > > this case it is because a proprietary kernel module was loaded.
> > > It
> > > doesn’t have anything to do with signed kernel modules or
> > > secure
> > > boot.
> > >
> > I thought the akmod version of the nvidia driver was the version
> > that
> > was compiled every time the kernel version was changed, is that
> > not
> > the case?
> It's compiled as a module, but uses the Nvidia blob. It's not free
> software.
>
> poc
If I remember your original email, you have successfully created and
installed a key to sign the modules with (and maybe even signed the
original module). If you have kept the key, you will not have to
generate and install another one, but every time you install a new
kernel, a new set of nvidia modules will need to be created and then
signed. When I install a new kernel, the nvidia modules are created
automatically, but after they are created, I have to manually sign
them. I hope this is relevant to your original question.