lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 9 Feb 2008 18:01:51 -0800
From:	"David Schwartz" <davids@...master.com>
To:	"David Newall" <davidn@...idnewall.com>
Cc:	"Greg KH" <greg@...ah.com>,
	"Christer Weinigel" <christer@...nigel.se>,
	<linux-usb@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
	"Alan Cox" <alan@...rguk.ukuu.org.uk>
Subject: RE: [PATCH] USB: mark USB drivers as being GPL only


Marcel Holtmann wrote:

> Lets phrase this in better words as Valdis pointed out: You can't
> distribute an application (binary or source form) under anything else
> than GPL if it uses a GPL library.

This simply cannot be correct. The only way it could be true is if the work
was a derivative work of a GPL'd work. There is no other way it could become
subject to the GPL.

So this argument reduces to -- any work that uses a library is a derivative
work of that library. But this is clearly wrong. For work X to be a
derivative work of work Y, it must contain substantial protected expression
from work Y, but an application need not have any expression from the
libraries it uses.

> It makes no difference if you
> distribute the GPL library with it or not.

If you do not distribute the GPL library, the library is simply being used
in the intended, ordinary way. You do not need to agree to, nor can you
violate, the GPL simply by using a work in its ordinary intended way.

If the application contains insufficient copyrightable expression from the
library to be considered a derivative work (and purely functional things do
not count), then it cannot be a derivative work. The library is not being
copied or distributed. So how can its copyright be infringed?

> But hey (again), feel free to disagree with me here.

This argument has no basis in law or common sense. It's completely
off-the-wall.

And to Pekka Enberg:

>It doesn't matter how "hard" it was to write that code. What matters
>is whether your code requires enough copyrighted aspects of the
>original work to constitute as derived work. There's a huge difference
>between using kmalloc and spin_lock and writing a driver that is built
>on to of the full USB stack of Linux kernel, for example.

The legal standard is not whether it "requires" copyrighted aspects but
whether it *contains* them. The driver does not contain the USB stack. The
aspects of the USB stack that the driver must contain are purely
functional -- its API.

You simply can't have it both ways. If the driver must contain X in order to
do its job, then X is functional and cannot make the driver a derivative
work. You cannot protect, by copyright, every way to accomplish a particular
function. Copyright only protects creative choices among millions of (at
least arguably) equally good choices.

DS


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists