lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Thu, 8 Feb 2018 15:41:43 +0100
From:   Philippe Ombredanne <pombredanne@...b.com>
To:     Kate Stewart <kstewart@...uxfoundation.org>
Cc:     Joe Perches <joe@...ches.com>, Rob Herring <robh@...nel.org>,
        Igor Stoppa <igor.stoppa@...wei.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Andy Whitcroft <apw@...onical.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Jonathan Corbet <corbet@....net>
Subject: Re: [PATCH v6] checkpatch.pl: Add SPDX license tag check

Kate,

On Fri, Feb 2, 2018 at 9:18 PM, Kate Stewart
<kstewart@...uxfoundation.org> wrote:
> This is the new way to represent GPLv2 only, as described above.
> While the GPL-2.0 and GPL-2.0+ notation is still valid,  it is deprecated
> in the latest version, so transitioning existing over time will probably
> be needed.   So I think the list of licenses to be added to
> LICENSES/ path is:
>
> APACHE-2.0
> BSD
> CDDL
> CDDL-1.0
> ISC
> GPL-1.0-only
> GPL-1.0-or-later (note: actually same contents as one GPL-1.0-only)
> GPL-2.0-only
> GPL-2.0-or-later (same contents as GPL-2.0-only)
> LGPL-2.0-only
> LGPL-2.0-or-later (same contents as LGPL-2.0-only)
> LGPL-2.1-only
> LGPL-2.1-or-later (same contents as LGPL-2.1-only)
> OpenSSL

Yes, this is the new SPDX was (-only) but this is not yet the kernel
way and doc.

IMHO as long as the new SPDX "GPL-2.0-only" are not what is in the
kernel doc they should not be used and banned. Otherwise, we are
looking at creating an infinite source of confusion
therefore we should not add the -only license for now until they
become the kernel ways.
Joe already spotted drifts and I tried to fight these as much as I
could. One id for one license at a time is the only sane way to go.
-- 
Cordially
Philippe Ombredanne

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ