lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 20 Dec 2023 07:03:32 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: Nick Desaulniers <ndesaulniers@...gle.com>
Cc: Tanzir Hasan <tanzirh@...gle.com>, Ingo Molnar <mingo@...nel.org>,
	Kees Cook <keescook@...omium.org>,
	Andy Shevchenko <andy@...nel.org>, linux-hardening@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>, llvm@...ts.linux.dev,
	Al Viro <viro@...iv.linux.org.uk>,
	Andy Shevchenko <andy.shevchenko@...il.com>
Subject: Re: [PATCH v4 1/2] kernel.h: removed REPEAT_BYTE from kernel.h

On Tue, Dec 19, 2023 at 03:00:22PM -0800, Nick Desaulniers wrote:
> ---
> 
> For Google specific guidance, I'll quote what they have:
> 
> > License Headers and Copyright Notices
> > Googlers should add Google's copyright notice (or a "The Project Authors" style copyright notice) to new files being added to the library if permitted by the project maintainers.
> 
> Then the relevant section of 1.Intro.rst:
> 
> > Copyright assignments are not required (or requested) for code contributed
> > to the kernel.
> 
> Shall I interpret those together to mean that the "project
> maintainers" don't permit copyright assignments for "new files being
> added," and thus Tanzir SHOULD NOT be adding a copyright assignment to
> the newly created header?

You can add a copyright header, as long as it is the CORRECT copyright
header.

Look at what this patch did, it attempted to claim that Google now owned
the copyright on the whole file, when in fact, that is obviously not the
case as a Google employee did not write the actual code that was added
to that file.

> Or shall I leave the interpretation up to an explicit discussion with
> opensource-licensing@...gle.com?

I think you should talk to them and get their clarification as to when
copyright headers should be added, AND what they should contain when
moving code around from other copyrighted files.

> For example, consider include/linux/sysfs.h.  It's 600+ lines long and
> contains 4 copyright assignments explicitly in sources. If we split
> that header file in half, which copyright assignments do we transfer
> to the new half, if any?

That's up to you to figure out, I'm not the one doing the work :)

Perhaps run it by your corporate lawyers to ensure that you get it
correct with what they think is right first, if you have any questions
about what to do here, as in the end, they are the ones that will care
the most, right?

good luck!

greg k-h

Powered by blists - more mailing lists